Privacy Policy – Credit Account Scheme

This privacy policy outlines the procedures that Worldline IT Services UK Limited (“Worldine”) have in place to protect your privacy.

It sets out how your personal data is collected and used when you apply for and use our business account service (“Services”).

Worldline is the data controller in relation to carrying out credit checks, identity and fraud checks as well as approving credit limits, granting credit and managing and enforcing any debts that are due.

We respect your privacy and so all personal data is collected and processed to the highest standard in compliance with current data protection legislation

Where you can get more information

If you have any questions on this policy please contact us.

We may update this policy from time to time and would encourage you to revisit it regularly to check you are happy with any changes. This policy is effective from 25 May 2018.

Data that we will collect

In order to apply for and to use the Services, we will need to collect some personal data about you and about your cardholders. This personal data may include your name and contact details and other information that identifies you personally and that you provide when you apply and register for an account. We may also collect additional information if you provide us with feedback on the Services or you use our help desk.

Your cardholders are individuals authorised by you to use the Services. If you have provided us with cardholder names or other personal information, you confirm that you have obtained their consent to process this data.

Retention of your data

We will retain your data until you tell us you no longer wish to use the Services and for a period of seven years thereafter, as required by law.

How we use your data

We need to process your personal data to provide the Services you request in the form that you require. Your data will be used in the following ways:

  • to provide you with the Services – which involves processing your data in order to set up, administer and maintain your business card account and all records relating to it
  • to communicate with you about your account and the Services
  • to enable us and third parties on our behalf to carry out technical, logistical or other functions to support the Services and the technical and management systems upon which they rely
  • to carry out credit checks and to manage and enforce any debts that are due to us
  • to carry out identify checks and fraud prevention checks as we describe below
  • to obtain insurance in relation to the Services
  • to enable us and third parties on our behalf to monitor website use and traffic patterns and carry out data analysis with regard to the Services in order to improve the Services and for our internal business purposes
  • if you apply for another business account card scheme that is operated by Worldline, Worldline may use the data collected for these Services to decide if it will accept your application for the other business account card scheme

Disclosures of your information

In order to provide the Services, we may need to pass on your data to other companies within the Worldline group of companies who help us perform the Services.

Data may also be provided to the following classes of suppliers for us to decide whether to accept an application and to provide the Services:

  • Insurers
  • Credit reference agencies
  • Legal advisors and debt collection agents
  • Printers and suppliers who supply account cards and welcome packs
  • Payment processors
  • Document storage companies

We may also share your data with fraud prevention agencies to help prevent fraud and money laundering and to verify your identity.

When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the Services you have requested.

We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime. You may be refused certain services, finance or employment as a result of this.

Fraud prevention agencies can retain your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held by them for up to six years.

Automated Decision Making

Our decision regarding eligibility for a business account card may be influenced by the credit rating given to us by our third party credit reference agency. Some of this credit rating is determined by the automated processing of your data. You can obtain more information on how credit ratings are produced by clicking on this link.

Overseas transfers of data

Since Worldline operates globally, your data may be transferred to affiliates and third parties outside of the European Economic Area to countries that do not have as strong data protection laws as are in place within the EEA. This is in order that we can provide the services to you. In particular email communications that you receive may be provided via a US based supplier.

In any such cases we will ensure that strict contractual protection applies in order to ensure that adequate safeguards are in place.

If you would like more information on this then please contact us.

Other websites

Our website may contain links to other websites which are outside our control and are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours.

Your rights

You may ask us to provide a copy of the personal information that we hold about you by contacting us.

If you think any information we have about you is incorrect or incomplete, please email us as soon as possible using the link above.

You are also entitled to request the erasure of your data if you wish to stop using the Services.

If you believe that your information has been mis-used in connection with the Services you have the right to lodge a complaint at with the relevant Supervising Authority for your country. For the UK this is the Information Commissioners Office, https://ico.org.uk.

Cookies

A "cookie" is a small text file that is placed on a user's computer hard drive by a website. There are several types of cookie and the most common are often referred to as 'session' cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.

Other types of cookies can be used to track internet activity after the user has left a website. These are usually sponsored by organisations external to the website being visited and are generally known as 'third party' cookies. These usually have a long lifetime with several months being quite common. They are 'harvested' and 'refreshed' whenever the user visits a page where the same or a similar cookie is being used.

We use benign, short lived 'session' cookies to tell whether a website user has logged, in, where to find details that can be used to pre-fill parts of on-line forms and to personalise the user's visit to the website. They are also used to track anonymously which areas of the site are popular and which are not used, this allows us to target carefully our website resources.

We use cookies in email communications to personalise the email and track whether the mail has been opened or read and whether the recipient has used any website links contained in the email communication. This allows us to monitor and improve our email communications and website.

Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third party and long lived cookies.