IBEX Finance Limited Privacy Notice

This privacy notice sets out how we handle your personal information and explains how it will
be processed. This Privacy Notice sets out how we process your personal information under the European General Data Protection Regulations (‘GDPR’), the Data Protection Act 2018 (‘DPA’) and the United Kingdom General Data Protection Regulations (‘UKGDPR’). The controller of your personal data is Ibex Finance Limited (‘Ibex Finance’) incorporated and registered in England and Wales, registration number 4944214.

What does Ibex Finance hold your data for?

We will process certain personal data for the purpose of doing business with your company. We will record and use certain personal data relating to contact persons at companies to which we provide services and with whom we are in correspondence with, directors, partners, shareholders, persons with significant control and guarantors of these companies, directors of affiliates and contact persons at suppliers mainly being financial institutions owned by banks. Personal data is your name, address, e-mail address, date of birth, occupation, phone number and other contact details to provide and improve products and services for your business, the operation of your business’ accounts and for information updates or marketing purposes to your business to enable financial institutions to provide finance. We will also collect or use your name, occupation, contact details, identification documents and any other personal information to comply with legal obligations to enable financial institutions to provide finance and enter into a financing contract.

Lawful Bases

Our lawful bases for collecting or using personal information for the purposes above are:

  • Consent – we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
  • Contract – we have to collect or use the information so we or a financial institution can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.
  • Legal obligation – we have to collect or use your information so we can comply with the law. All of your data protection rights may apply, except the right to erasure, the right to object and the right to data portability.
  • Legitimate interests – we collect or use your information because it benefits you, our business or someone else, without causing an undue risk of harm to anyone. All of your data protection rights may apply, except the right to portability. Our legitimate interests to see if the finance product is of benefit to their business.

Where we get personal information from

We will obtain personal information directly from you, recommendations, introductions, credit reference agencies such as Companies House and other publicly available sources.

How long we keep information

We keep personal data in any event for as long as is necessary to achieve the purpose. GDPR does not stipulate specific storage periods for personal data. Other legislation may specify minimum storage periods, however. If it does, we are under the obligation to observe these periods.

Who we share information with

We have a joint controller relationship with a large panel of financial institutions, the majority being subsidiaries of banks. We may share personal information with that joint controller being potential lenders for their risk assessment, credit, Know Your Customer and Anti Money Laundering processes to provide funding for your business. We may also share personal information with professional or legal advisors, suppliers and service providers.

Sharing information outside the UK

Personal information will be transferred to recipients located outside of the UK. In particular your data will be stored locally, whether in the UK or within the European Economic Area (‘EEA’). It also could be stored and backed up on servers (such as cloud hosted services) outside of the UK and the EEA. We may also share your personal data with trusted service providers and suppliers located outside of the UK and the EEA. We and some financial institutions we share personal data with will share personal data outside the UK and EEA for back-office purposes or providing you with information on other relevant products and services provided by other members of their group or other overseas financial institutions. When doing so, we comply with GDPR and UK GDPR, making sure appropriate safeguards are in place.

For further information for any of the transfers below, please contact us using the contact information provided below.

Contact

If you have any concerns about our use of your personal data or have a complaint, please contact Jeremy Salmon, Director at jeremysalmon@ibexfinance.co.uk or call on 020 7487 4177.

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
Website: https://www.ico.org.uk/make-a-complaint