How we collect data about you and your use of this website
We will use the information you enter at the site for administration purposes and any other purposes made clear in the data entry forms themselves, in any relevant terms or conditions and on any pages or emails which link to such forms. If you click “Submit these Details” on the website, your contact details will be used to send you servicing information related to your selection or ultimate objective. It may also be used for customer surveys but will not be used for direct marketing.
Who your data can be disclosed to?
Disclosure of your data to others may be necessary to ensure the smooth provision to you of the products, services and information you request. Your data may be disclosed to the other entities as described above.
How may you amend the data submitted by you?
You can change your personal details at any time by writing, with your full name, address and other contact details (to enable us to find your records) to: Oakbrook Finance Ltd, The Poynt North, 45 Wollaton Street, Nottingham, NG1 5FW or phoning us on the number provided on our ‘contact us’ page. If you require any further guidance on updating the details we hold about you, please contact us.
Requesting a copy of your personal info
Under the UK Data Protection Act (1998), you may request a copy of any personal data about you held by us and we have up to 40 calendar days to respond. The request must be in writing and must contain the following:
- Your name, postal address and date of birth
- Signed authority from the individual whose data is required if you are applying on their behalf.
We may require you to pay an administration fee of £10 and to verify your identity before providing a copy of the information we hold. Please note that in certain circumstances we may withhold access to your information where we have the right to do so under current data protection legislation.
Please send your request to:
Data Protection Manager
Oakbrook Finance Ltd
The Poynt North
45 Wollaton Street
How do we keep your data secure?
We take the security of your data very seriously. Oakbrook Finance Ltd needs to collect and use certain types of information about customers and staff in order to operate. This personal information must be dealt with appropriately and in accordance with the Data Protection Act 1998.
We regard the lawful and correct treatment of personal information as vital to successful operations, and to maintaining confidence between those with whom we deal and ourselves. We ensure that our organisation treats personal information lawfully and correctly. Oakbrook Finance Ltd will, through appropriate management, strict application of criteria and controls:
- Comply with both the law and good practice
- Respect individuals’ rights
- Be open and honest with individuals whose data is held
- Provide training and support for staff and volunteers who handle personal data, so that they can act confidently and consistently
- Observe fully the conditions regarding the fair collection and use of information
- Comply with both the law and good practice
- Meet its legal obligations to specify the purposes for which information is used
- Collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements
- Ensure the quality of information used
- Apply strict checks to determine the length of time information is held
- Ensure that the rights of people about whom information is held, can be fully exercised under the act. (these include: the right to be informed that processing is being undertaken, the right of access to one’s personal information, the right to prevent processing in certain circumstances and the right to correct, rectify, block or erase information which is regarded as wrong information)
- Take appropriate technical and organisational security measures to safeguard personal information
- Provide individuals that request it, within a maximum of 40 days from request, with access to personal information held about them for a fee of £10
- Correct or erase any information on an individual that is inaccurate or misleading
- Not use information for a purpose which is incompatible with the original purpose for which permission was given by the data subject
- Obtain clear, express permission for handling and using ‘sensitive’ personal data
- Set out clear procedures for responding to requests for information
- Allocate such resources as may be required to ensure the effective operation of the policy
The Data Protection Act 1998
The Data Protection Act 1998 replaces and extends the 1984 Act and places a legal obligation on data controllers and processers who record and process personal information relating to living individuals. The Act requires that adequate controls exist to protect individuals from the consequences of poor quality information and/or the misuse of information held about them.
While the 1984 Act dealt with automatically processed information including information processed on computer, the 1998 Act places additional obligations on those processing information contained in 'structured manual files'. The term 'processing' includes any function that can be performed using information and includes the actual disclosure of information.
The Data Act principles
The Act applies to every organisation that handles (processes) personal information such as names (data) on living individuals (subjects). The Act has eight data protection principles which are intended to guide the interpretation and implementation of the Act. These principles are:
- Personal data shall be processed fairly and lawfully
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed
- Personal data shall be accurate and, where necessary, kept up to date
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes
- Personal data shall be processed in accordance with the rights of data subjects under this Act
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
If you require any further information on anything raised above then please contact us at the address provided.