Privacy Policy
Armstrong Nationwide Ltd (“us”, “we”, or “our”) operates www.armstrongnationwide.com website (the “Service”).
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
Armstrong Nationwide Ltd is a collections, repossession and debt recovery company. We provide our services to Finance Companies, Banks and other credit providers/companies. Some of the services we provide are repossession or collection and recovery of the client’s assets, collection of monies owed to them, enquiry, tracing and investigations services, process serving and other enforcement actions.
Privacy Policy
Our Privacy Policy aims to let you know how we obtain, process, use, collect, manage, and store data, including personal data. It also aims to assure you that we only use your personal information and any other data we use, process and collect for the purposes of managing our Company and carrying out our services. Data will be processed and controlled in accordance with the General Data Protection Regulations (GDPR).
· General Data Protection Regulations (GDPR)
The General Data Protection Regulations replace the Data Protection Act 1998 on 25th May 2018. All information we collect is stored and used in accordance with GDPR. In accordance with the regulations, we will only collect and retain personal information that is relevant, and we will only keep it for as long as necessary. We ensure all information we have is kept up to date and accurate, and we dispose of all information that we no longer need securely. We will only use the information we collect for the purposes of our work and the needs of our business. We will not disclose information to unauthorised third parties and we will never sell this information under any circumstances. Our Administration Staff and Field Agents are trained to handle, manage and work with personal information, and will handle your data under strict policies and procedures, and in accordance with Data Protection.
· Information relevant to Customers subject to our involvement with them
We will not sell your data and we do not use any automated decision-making or profiling tools.
· Who is Armstrong Nationwide Ltd?
Armstrong Nationwide Ltd is a Collections, Repossession and Debt Recovery company. Our services include repossessions, debt collection, asset recovery, investigations and enquiry activities, execution of court orders, and other related services. The services we perform requires the processing, use and collection of personal information. Our staff who handle, manage, and maintain personal information are trained to do so and are also fully aware and understand their legal and contractual obligations and responsibilities regarding Data Protection.
· Why we process, use, obtain, collect and store personal Data
Basic Data - Under the services we provide we are required to process personal data in providing a service to our client. Our Client will share with us your personal data for us to process to carry out their instruction. We call this the Basic Data, our Client is the Controller of this Basic Data. They will have provided you with their contact details and other relevant information relating to the processing of your personal data by us.
Additional Data – When we process the Basic Data we use the information to carry out our client’s instruction. Whilst carrying out the instruction we may also obtain additional personal information about you. It is necessary to record this information and the activity history of the instruction we have carried out; to ensure we maintain accurate up to date records. We are the Controllers of the additional data. Our Contact details are stated further on in this document.
· What personal information do we process, use, obtain and store?
It is necessary for us to process, use, obtain and store personal information to enable us to carry out our services. Any information will only be necessary and proportionate to enable us to carry out our work.
The basic data will be personally identifiable information including, but not limited to, your name, address, Date of Birth, email address, contact numbers, employment details and also may include photographic ID. We will also be provided with relevant notes, legal documents and/or agreements, our clients asset/vehicle details and details of monies due. We will also be provided with information concerning potential vulnerability and/or sensitive circumstances, for example a recent bereavement. This ensures forbearance and due consideration is being applied to your individual circumstances.
We will obtain and process additional personal data whilst carrying out our client’s instruction. This additional data may include but is not limited to, your up-to-date contact details (address, contact numbers, employment details), your current circumstances, including financial circumstances and, with your consent, any potential vulnerability or sensitive or mitigating circumstances relevant to you regarding our instruction to act.
· How we obtain, collect and store additional information
We will obtain additional information directly from you, from our clients, and where necessary, from enquiries and investigations carried out whilst attempting to conclude our client’s instruction, which can include the processing of witness information and their details. Enquiries and investigations could include, where appropriate and necessary, speaking to third parties, carrying out searches from publicly available sources, other data sources freely available in the public domain and via databases to which we have lawful access. Any information provided by you, or otherwise obtained /collected whilst in the process of carrying out our work, will only be used in accordance with this Privacy Policy. We maintain up to date activity details on the case record to ensure a fully documented history of the instruction is recorded and stored.
· Data Protection Verification Process
We take data security extremely seriously and ask you to assist in the security of your personal data, when we contact you, and when you contact us. Any information that we ask you to provide is needed in order to identify you to enable us to speak to you. You will be asked to confirm certain information and details which we hold to assist in verification. If you authorise a third party to speak on your behalf, they will also be required to go through a verification process.
· Sharing your information
Unless necessary, obligated by law, regulatory requirements or compliance; for example, under Court or Law Enforcement Agency Instruction, the Financial Ombudsman Service or a medical emergency, we will not share your data with anyone other than; our client, whose instruction we are acting under, other associated agents acting under our instruction, and any third party authorised by you.
As part of our work, we will share certain relevant information obtained and collected with our client. This information will only be relevant and in accordance with their instruction, it will include updates regarding the carrying out of our instruction and any other relevant information, which will include your updated contact and employment details, if applicable. Our client will process the relevant information we share and record the information on your account held with them. It is necessary to share this information with our Client, especially personal information, such as new address and contact numbers, to enable them to maintain accurate and up to date records, ensuring their compliance with Data Protection regulations.
We will never disclose information to unauthorised third parties.
Please Note: We will disclose information to law enforcement departments in the case of actual, potential, or suspected criminal activity; including but not limited to acts of, or threats of, violence and / or aggression against our employees or others, or where we have a duty or are legally or regulatory obliged to disclose information; for example, financial crime and fraud.
· Retention periods for Basic Data and Additional Data – How long we retain data
We retain your data only for as long as is necessary and in line with GDPR and other applicable Acts. Our retention periods are guided by what we deem no longer than necessary and take into account the Limitation Act 1980.
Once our instruction has been completed we have the following retention periods in place to either anonymise your data (make it unidentifiable to any individual person(s)) or delete your data;
Anonymisation of Data – 3 Years after completion
Deletion of Data – 3 Years after completion
Note: Our Clients will have their own retention periods, which they should make available to you on their own privacy policy.
Company Data General Information
· Lawful Basis for processing personal information
We have lawful basis to process personal data, being:
We have your consent (if consent is needed)
We need to process the information due to the data subject being party to contractual obligations.
We need to process the information to comply with legal obligations
We need to process the information to exercise official authority under acts of law vested in the Controller
It is necessary for us to process the information to maintain accurate and up to date records which streamline and evidence the debt recovery and enforcement process for the data subject and our clients.
· Other data we process, use, obtain, collect and store
We also process, use, obtain, collect and store information on our clients, potential clients, our current and past employees, job applicants, suppliers, information, feedback and enquiries from customers, clients and others who contact us, information on complainants and other individuals in relation to service complaints or enquiries made.
We will only collect, process, use and store information that is relevant to our services and necessary for Company records, legal obligations and compliance. Some of the information we process, use, collect, store and share is necessary for us to comply with our legal obligations. The information we collect is also used for internal record keeping; maintaining accurate and up to date records, and for improving our services; any feedback we receive is used for management information.
Company information can be in any format including electronic records.
· Sharing data
We will only share company data, including employee data, where obligated by law, regulatory requirements, contractual obligations, business administration purposes, insurance purposes, recruitment purposes, audit & compliance purposes or when authorised to do so. We will not sell company data.
· Security
We use our best endeavours to protect and safeguard the personal information we hold. Policies and procedures have been implemented to safeguard against unauthorised access, improper use, unlawful loss and unlawful or accidental destruction. We use physical and electronic security measures in our efforts to safeguard all information we collect and hold.
We strive to protect your personal information, but the internet or electronic storage is never a 100% completely secure environment, therefore we cannot guarantee that hackers or unauthorised persons will not gain access to personal information, despite our best efforts.
Please note that our website may contain links to other sites, if you use these links, you will be directed to the third-party link website. We are not responsible and have no control over any other website’s content, privacy policies or practices. You should make yourself familiar with the privacy policy of other sites before providing them with any information.
· Retention periods
Different categories of Company information have their own retention periods set by the Company or Law. Retention periods are based on company requirements along with legal requirements and obligations.
· Calls to our office
All calls made to our office can be recorded for training and quality assurance purposes.
· Body Worn Video
For specific purposes and legitimate aims, including but not limited to health and safety and transparency, Staff may use or activate Body Worn Video upon attendances. Any data held will only be accessed by management in certain specific circumstances in line with our specific purposes and legitimate aims of the equipment being deployed. Data will only be disclosed based on circumstances in which disclosure is appropriate and will be controlled and consistent. Disclosure will be at the discretion of Armstrong Nationwide Ltd; the system operator. They have the right to refuse any request for information unless there is an overriding legal obligation. Data will never be disclosed by Armstrong Nationwide Ltd to the media.
· Body worn video cameras are wearable video and audio devices sometimes worn by our field collections agents for the purposes of health and safety and crime prevention reasons. These devices are not used for viewing documents.
· Images are collected and stored on the devices’ encrypted memory card and as soon as practicable, data is transferred for long term storage and deleted from the portable device. This is to allow information to be recovered in response to any subject access requests. This data may also be disclosed to law enforcement agencies and used in respect of any potential legal proceedings.
· Should you wish to attend our offices, you may be asked for your personal information and reasons for your visit for authorised access to be granted. CCTV cameras are installed throughout the vicinity of our premises for deterring and detecting crime.
· Rights of a Data Subject
All data subjects have rights. They have the right to obtain from a controller confirmation as to whether or not personal data concerning them are being processed, and where they are being processed, access to the personal data. They also have the right to rectify and correct any inaccurate or incorrect data, and also withdraw consent at any time, where relevant. In certain circumstances they also have the right to object to the processing of their data, and have their data erased.
· Data Subject Rights Requests
You can contact us to make enquiries for further information about exercising any of your rights or to exercise them. Please make all requests in writing. We will respond to a request in accordance with Data Protection law. You will be required to provide proof of your identity, and should you be unable to provide proof, we reserve the right to refuse to disclose.
· Complaints
You can make a complaint to us by any reasonable means; in person, by telephone or in writing. However, we suggest that communication of a complaint is sent to us in writing. This gives you chance to fully consider and then clearly explain a grievance to us, as well as providing all parties with a documented account.
You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office, at https://ico.org.uk
· Transfers to third Countries
We do not transfer data outside of the Economic European Union or to Countries not permitted under GDPR.
· Cookies
Cookies are small text files that are sent to your browser by websites you visit. Cookies are used to help websites store information about your visit, such as preferred settings (e.g., language, text size). You can remove or block cookies using your internet browsers settings, however doing so may impact your ability to use our website.
· Changes to this privacy Policy
We may update this Privacy Policy from time to time including in light of legislative changes. You are advised to review this Privacy Policy periodically for any changes. You can request a copy of this Privacy Policy and we can provide one electronically (via email) or via post.
Contact Us
If you have any questions about this Privacy Policy, please contact us:
· By email: info@armstrongnationwide.com
· By phone number: 0191 605 3555