Cosmetic Finance Group

Cosmetic Finance Group – PRIVACY POLICY

OUR FIRM INFORMATION

By ‘We’, ‘Our’ or ‘Us’, we refer to our firm, Cosmetic Finance Group Ltd trading as Cosmetic Finance Group. We are authorised and regulated by the Financial Conduct Authority (Firm reference number 943771). We are a credit broker, not a lender, and offer credit facilities from Snap Finance. Snap Finance Ltd act as the lender. Credit subject to status. Terms and conditions apply. Snap Finance Ltd is a company registered in England and Wales. Company Number 08080202 Registered address: Snap Finance Ltd, 1 Vincent Avenue, Crownhill, Milton Keynes, MK8 0AB.

You can check our registration by going to the FCA’s register at https://register.fca.org.uk/s/

By You we mean you, the user of this website and the individual/customer that may seek to access, or has accessed, our services.

For the purposes of the Data Protection Act (‘DPA’), we are the ‘Data Controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).

INFORMATION COMMISSIONER’S OFFICE (ICO) REGISTRATION INFORMATION

We are registered with the Information Commissioner’s Office, Registration Number: ZB472903

OUR CONTACT INFORMATION:

You can contact us via our website, https://www.cosmeticfinancegroup.co.uk or using the information provided below:

Telephone: 0161 388 6107

Email: info@cosmeticfinancegroup.co.uk

By Post: 78 Bury Old Road. Whitefield. Manchester. M45 6TQ

PURPOSE OF THIS POLICY

Our Privacy Policy concerns the website https://www.cosmeticfinancegroup.co.uk and our internal systems, controls and processes in how your personal data is used. Your privacy is very important, and we have set out below how we process any personal data collected from you or provided by you. If you access any other websites which may be linked to our websites, they are not covered by this Policy. We advise you to check the appropriate privacy policy when accessing linked websites.

We take the privacy of our website users seriously and we are committed to protecting your privacy in compliance with European Union (EU) and United Kingdom (UK) data protection laws and regulations, including from the 25th May 2018, the General Data Protection Regulation (EU 2016/679) ‘Data Protection laws’.

This Privacy Policy explains what personal data is collected about you via the website and what we do with that personal data.

We provide this Privacy Policy to make you aware of our practices in connection with your privacy and of the choices you can make about the way your personal data is collected via the website and used.

PURPOSES FOR PROCESSING PERSONAL DATA

‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

DATA WE COLLECT, CONTROL AND PROCESS

DIRECT INTERACTIONS:

You may provide us with your Identity and contact data by completing online forms or by corresponding directly with us via post, phone, email or otherwise. This includes the personal data you provide when you:

Engage our services;

Provide us with feedback; or

Request marketing to be sent to you.

THIRD PARTIES OR PUBLICLY AVAILABLE SOURCES

We also collect personal data about you from third party sources. The data collected from third party sources are as follows (please note, this is a general accounting and does not necessarily indicate that the below data will be obtained from third party sources, only that it may be obtained and if available and relevant to the service provided):

Personal Identity Information Name, surname, date of birth, country, mobile number, employment status Application form Generated as a result of providing our services to you.
Financial information Income, debt level, credit limit, account numbers, bank statements, adverse financial history including CCJs.

HOW WE HANDLE PERSONAL DATA

We will only use the personal data you provide to us as described in this Privacy Policy, including any supplemental privacy information, as set out above. We will store and process your personal data on our computers.

We will observe the rights granted to you under applicable Data Protection Laws, as set out below, and will ensure that queries relating to privacy issues are dealt with promptly and in a transparent manner.

We will only collect and process your personal data where we have lawful grounds to do so.

We will update our records if you inform us that your details have changed. Please tell us (see contact details above) as soon as possible about this. We will update our records promptly once we are satisfied that the new information (such as your new address or contact details) is accurate.

DATA RETENTION

We will only retain your personal data for as long as is necessary to fulfil our obligations under the provision of our service as well as any purposes necessary to satisfy any legal, accounting or reporting requirements.

We will take steps with a view to permanently deleting, destroying or anonymising your personal data (which means that we are no longer able to identify you from it) when it is no longer necessary for its purpose.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk, harm of unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, including applicable legal requirements.

Details of retention periods for different aspects of your personal data are available upon request. By law, we have to keep certain information about our customers and this data will be held solely and securely for those legal purposes.

LINKS TO OTHER WEBSITES

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and these are not governed by this privacy statement. You should exercise caution and look at the Privacy Policy applicable to the website in question.

DATA SECURITY

We are committed to ensuring the security of your personal data.

In accordance with our obligations under Data Protection Laws, to prevent unauthorised access to our disclosure of your personal data (including card payments), maintain data accuracy, and ensure the appropriate use of your personal data, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect online.

However, you acknowledge that, unfortunately, the transmission of information via the internet, including the online enquiry forms you submit to us and/or any information provided on Webchat, is not completely secure. We cannot guarantee the security of your data transmitted to the website, so any transmission (i.e. your sending of the personal data to us) is at your own risk. Once we have received your personal data, we will use the steps detailed above to protect it.

YOUR RIGHTS

You have the following rights (which may not always apply or be subject to certain circumstances and exemptions, and some only apply from 25 May 2018):

The right to be informed - including about Our processing of Your personal data. That is the reason for this data protection statement.
To have Your personal data corrected if it is inaccurate and to have incomplete personal data completed in certain circumstances.
The right in some cases to object to processing of Your personal data (as relevant). This right allows individuals in certain circumstances to object to processing based on legitimate interests, direct marketing (including profiling) and processing for purposes of statistics.
The right in some cases to restrict processing of Your personal data, for instance where You contest it as being inaccurate (until the accuracy is verified); where You consider that the processing is unlawful and where this the case; and where You request that Our use of it is restricted; or where We no longer need the personal data.
The right to have Your personal data erased in certain circumstances (also known as the right to be forgotten). This right is not absolute – it applies only in particular circumstances and where it does not apply any request for erasure will be rejected. Circumstances when it might apply include where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed, if the processing is based on consent which You then withdraw, when there is no overriding legitimate interest for continuing the processing, if the personal data is unlawfully processed, or if the personal data has to be erased to comply with a legal obligation. Requests for erasure will be refused where that is lawful and permitted under data protection law for instance where the personal data has to be retained to comply with legal obligations or to exercise or defend legal claims.
To request access to the personal data held about You and to obtain certain prescribed information about how We process it. This is more commonly known as submitting a data subject access request. This must be done in writing, and we may need confirmation of your identity. This right will enable You to obtain confirmation that Your personal data is being processed, to obtain access to it, and to obtain other supplementary information about how it is processed. In this way You can be aware of and You can verify the lawfulness of your processing of Your personal data.
To move, copy or transfer certain personal data. Also known as data portability. You can do this where We are processing Your personal data based on a consent or a contract and by automated means. This right is different from the right of access (see above) and that the types of data You can obtain under the two separate rights may be different. You are not able to obtain through the data portability right all of the personal data that You can obtain through the right of access.
Rights in relation to some automated decision making about You including profiling (as relevant) if this has a legal or other significant effect on You as an individual. This right allows individuals in certain circumstances to access certain safeguards against the risk that a potentially damaging decision is taken without human intervention. For more information or to exercise these rights, please contact Us using the details at the end of this policy. You have the right to lodge a complaint with the Information Commissioner’s Office where Your data has or is being used in a way that You believe does not comply with data protection laws. However, We encourage You to contact Us before making any complaint and we will seek to resolve any issues or concerns You may have.

CHANGES TO OUR PRIVACY POLICY

Any changes to our Privacy Policy in the future will be posted to our sites and, where appropriate, through e-mail notification. This privacy policy was last updated on Monday 4^th March 2024.