Search
Close this search box.
Search
Close this search box.
Search
Close this search box.

Privacy Policy

ABOUT US AND WHO WE DO BUSINESS WITH

Primary Asset Finance Limited T/A Primary Finance (Primary Finance, we, us, our) is a specialist introducer of debt finance, intermediary and consultant. We work with our clients (Client(s)) to arrange third-party financing facilities provided by commercial and specialist lenders (Funders). Primary Finance is an intermediary and not a lender. Our Clients are strictly commercial businesses, most typically Limited Companies. We do not operate in any credit related activities regulated by the Financial Conduct Authority.

As part of our normal activities, we need to contact individuals in various commercial organisations encompassing Clients, providers of finance (Funders) and other specialist firms including those providing professional advice (Advisors). We may also interact with other qualified and expert third parties including valuers, professional bodies, or trade associations. We may also have contact with various different stakeholders with interests or concerns relative to our activities.

As we interact with Clients and other third parties the vast majority of information we collect concerns a Client’s business operations. However, we will need to collect some personally identifiable information (Personal Data) relating to individual people connected with our normal business operations. We would refer to those individuals as Business Contacts, Stakeholders and Professional Relationships (You, or Your).

We are registered with the Information Commissioner’s Office (ICO) as a data controller processing Personal Data for our business operations. Our registration number is ZA386525. Please note that any references to ‘GDPR’ applies to UK GDPR.

This Privacy Statement and description of our Fair Data Processing explains what Personal Data we collect, how we use/process it in our business operations, how we store and protect it, and for how long we keep it. It will also help you to understand what rights and choices you have relating to what we do with your Personal Data.

This Privacy Statement was last updated on 16th November 2023. If it is necessary for us to alter these terms we will post the revised Privacy Statement on our website. We encourage you to frequently review the Privacy Statement for the latest information on our privacy practices.

THE TYPES OF INFORMATION WE COLLECT

We collect and process Personal Data to enable us to conduct our business activities and operations.

We use publicly available sources to identify organisations, or stakeholders, where whose interests may align with ours. We will contact them by direct marketing to see if they would consider using our services and to identify appropriate Business Contacts.

The information we collect relating to Business Contacts and stakeholders includes Personal Data such as:

  • Employer
  • Job
  • Phone number(s), email address(es).
  • Other business-related
  • Home
  • Date of
  • Financial information (where needed to perform our services).

Generally, the information is obtained from:

  • Business Contacts or
  • Third parties connected with
  • Sources that Clients or Business Contacts, or stakeholders have authorised us to obtain information from those
  • Public sources (e.g. Client promotional material, professional networks, and media).

In addition, we may collect data from emails received (sender name, recipient name, date and time) and calendar systems (organiser name, participant name, date and time of event) concerning interactions between Primary Finance and senders or third parties.

We also collect information during meetings with Business Contacts, stakeholders, Clients or thirds parties connected with Clients.

This is information that we would be reasonably expected to obtain and store for businesses purposes.

We would not hold any Special Category data on you unless you had given us your explicit consent to do so.

WHAT WE NEED FROM ANYONE ACTING ON THE CLIENT’S BEHALF

Anyone acting on the Client’s behalf providing us with information on:

  • The Client’s business must ensure they have the Client’s authority to do
  • Any individual or third-party connected to the Client’s business must ensure they have the individual’s authority to do so, and it is their responsibility make sure this permission has been

HOW WE USE/PROCESS THIS INFORMATION

We will use Client information and information about you for purposes including:

Maintaining suppression lists.

To meet your request to exercise your right to erasure (to be forgotten).

Our legitimate interest in being able to comply with the Business Contact’s right to be forgotten.

Our legitimate interest in being able to comply with the Business Contact’s right to be forgotten.

Purpose

Example

Lawful Basis

To make sure our marketing is relevant for recipients.

Identifying contacts within an organisation or private individuals who might have an interest in our business activities.

Our legitimate interest. Recipients would have a reasonable expectation of our doing this. The limited amount of information held for Business Contacts presents negligible risk of harm to the individual.

To ensure that our Contacts List database is accurate.

To maintain an up-to-date Contacts List.

Our legal obligations under data protection laws. Data Subjects would have a reasonable expectation of our doing this.

To undertake initial direct marketing and subsequent marketing campaigns.

To provide Clients/Business Contacts information about our services.

Our legitimate interest. Business Contacts would have a reasonable expectation of our doing this.

To conduct market research surveys.

We will obtain explicit consent for some communication channels and/or Special Category Data should it be required. Any Business Contact can choose to stop receiving our messages at any time using the various opt-out or unsubscribe methods we publicise in the messages issued.

Maintaining suppression lists.

To meet your request to exercise your right to erasure (to be forgotten).

Our legitimate interest in being able to comply with the Business Contact’s right to be forgotten.

Administering, managing and developing our business activities.

To help us run and manage our business efficiently and understand how we can improve our activities (e.g. feedback surveys).

Our legitimate interest. Business Contacts would have a reasonable expectation of our doing this.

Providing information to existing Clients/Business Contacts about changes in our activities.

To also use information in aggregate form (so that no individual Client/Business Contact is identified by name) to build up marketing profiles and aid strategic development.

To deliver our activities and services to Clients.

To carry out the actions necessary to meet the Client’s project/contract objectives.

To perform our contract with our Clients or suppliers. Business Contacts would have a reasonable expectation of our doing this.

To maintain records to confirm or evidence the outcome of activities.

To respond to enquiries, requests or complaints.

To be able to respond appropriately and keep records of the correspondence.

Our legitimate interest. To perform our contract with our Client or suppliers Business Contacts would have a reasonable expectation of our doing this.

To administer employee or member records.

To run our business efficiently within legal requirements and to keep appropriate records.

Our legal obligations and our legitimate interests. All Data Subjects would have a reasonable expectation of our doing this.

To meet any regulatory or legal requirements.

These can vary dependent upon the Client’s project or any changes in future legal or regulatory requirements.

Our legal obligations (including requests from regulators).

To perform our contract with our Client and our legitimate interest.

We take measures to protect the information we hold from unauthorised or unlawful processing, accidental loss, destruction, damage or disclosure, and we will do our utmost to keep it secure.

We do not sell or otherwise release information to third parties for the purpose of allowing them to market their products and services without explicit consent from Clients, or you to do so.

If you have any concerns about the processing of your information, you have the right to object to processing that is based on our legitimate interests. For more information on your rights, please see the “Explaining your rights” section below.

Please bear in mind that an objection by you may affect our ability to carry out the tasks above for the individual or the Client’s benefit.

HOW WE STORE YOUR INFORMATION

Like most businesses and individuals, we store information on our own devices (Server/Laptop/Tablet/Phone) and use cloud service providers for back-up services, remote access by authorised users and collaborative work, and for hosting email, CRM and website services.

WHO WE SHARE YOUR INFORMATION WITH

We may share your information with you or other organisations in any of the following situations:

  • As part of our engagement with you to arrange
  • If you have given us explicit consent to do
  • If we sell or buy any business or assets (as we may share your data with the prospective seller or buyer).
  • If we, or substantially all of our assets, are acquired by another party, in which case your information will be one of the transferred
  • With service providers, business partners, suppliers, sub-contractors for the performance of any contract we enter with them, or you.
  • If we have to share your information to comply with legal or regulatory requirements, or to protect our rights, property or our Clients. This may involve exchanging information with other organisations for the purposes of preventing financial crime.

TRANSFER OF INFORMATION OUTSIDE THE UK

The information may be processed by our service providers at a destination outside the UK. We use well-known service providers (e.g. Google and WeTransfer) which are fully aware of the need to satisfy the relevant data protection legislation for the UK, EEA and the USA. We are also supported by our dedicated IT provider Welgo IT.

If you do not want your information to be transferred to or stored outside the UK, please contact us to let us know using the contact details in the “Contact Us” section at the end of this Privacy Statement, or your main Primary Finance relationship contact.

HOW WE PROTECT DATA

Whilst we consider the amount, nature, and sensitivity of the Personal Data we hold to have a very low level of potential risk of harm from unauthorised or unlawful processing, accidental loss, destruction, damage or disclosure, we will do our utmost to keep it secure.

We have put in place security measures to deal with any suspected breach of security (e.g. access security protocols, firewalls, encryption transmission). This is evidenced by our third party Cyber Essentials accreditation.

We will notify you and any applicable regulator of a breach where we are legally required to do so.

HOW LONG WE KEEP INFORMATION

Business Contact’s Personal Data will be kept for as long as we have, or need to keep a record of, a relationship with the Client, or as required by applicable law or regulation. However, we would expect to replace your contact details in our Contacts List with your successor’s details.

In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is 8 years. However, this may be extended from time to time depending on the specific requirements and/or finance facility delivered to a Client. Our destruction/archiving period is scheduled during periodic intervals.

We consider the amount, nature, and sensitivity of the Personal Data we hold to have a very low level of potential risk of harm to you from unauthorised use or disclosure.

EXPLAINING YOUR RIGHTS

Data protection law gives you the following rights:

Withdraw consent: Where we are using your Personal Data on the basis of your consent, you have the right to withdraw that consent at any time.

Right to be informed: You have the right to be told how your Personal Data will be used. This Privacy Statement, and shorter summary statements used on our communications, are intended to be a clear and transparent description of how your data may be used.

Right of access: You can write to us asking what information we hold on you and to request a copy of that information. This is called a Subject Access Request. We will have 30 days to respond to you once we are satisfied you have rights to see the requested records and we have successfully confirmed your identity. Details on how to submit a Subject Access Request can be made available by emailing enquiries@primaryassetfinance.co.uk or your main Primary Finance relationship contact.

Right of erasure: You have the right to be forgotten (i.e. to have your Personal Data deleted). However, we may not always be able to comply with your request of erasure for specific legal reasons, which will be notified to you. In some cases, we may supress you from future communications, rather than data deletion.

Right of rectification: If you believe our records are inaccurate you have the right to ask for those records concerning you to be updated. This enables you to have any incomplete or inaccurate information we hold about you corrected. We may need to verify the accuracy of the new data provided to us.

Right to restrict processing: In certain situations you have the right to ask for processing of your Personal Data to be restricted because there is some disagreement about its accuracy or legitimate usage.

Right to data portability: Where we are processing your Personal Data under your consent, the law allows you to request data portability from us to another service provider. As this right only applies where we use the information to perform a contract, or service with you this will not apply to most of our Business Contacts.

Right to object: You have an absolute right to stop the processing of your Personal Data for direct marketing purposes. Simply contact us by emailing enquiries@primaryassetfinance.co.uk or your main Primary Finance relationship contact.

Right to object to automated decisions: In a situation where a data controller is using your Personal Data in a computerised model or algorithm to make decisions “that have a legal effect on you”, you have the right to object. We do not undertake this type of processing, but some of our Funders may do.

EXPLAINING OUR RIGHTS

Please note:

  • If you do not agree to our keeping records of information about you, or if you do not allow us to use the information in the way we need, then we may not be able to deliver our
  • We can move our records between our computers and IT systems, provided your details are protected from being seen by others without your

COMPLAINTS

If, for any reason, you have a complaint, please contact Neil Taylor, who is responsible for data protection matters, by email to discuss your concerns at:

neil.taylor@primaryfinancegroup.co.uk.

Following this, if you are still dissatisfied, you are able to contact the Information Commissioner’s Office directly at the contact details below.

Information Commissioner: Contact telephone: 0303 123 1113. Website: ICO website https://ico.org.uk/.

CHANGES TO THIS STATEMENT

Any changes we may make to our Privacy Statement in the future will be posted on our website. You should read the new terms and exercise your rights as described in the statement if you object to the changes.

CONTACT US

If you have any queries about this Privacy Statement, please contact us using any of the below:

Disclaimer: Primary Finance Group is an arranger of finance facilities and not a lender. We do not hold ourselves out to be an adviser to a Borrower. Any assessment and decisions concerning finance facilities sourced by Primary Finance Group reside entirely with a Borrower in conjunction with their own professional advisers. Any decision to make available finance facilities to a Borrower rests solely with a lender and not ourselves. Primary Finance Group strictly arranges finance for businesses, most typically limited companies. We operate by arranging strictly non-regulated commercial finance for companies, therefore Primary Finance Group is not FCA regulated and we cannot consider regulated finance requirements including for sole traders or individuals.

© 2024. Primary Finance Group. All rights reserved. Website designed and developed by TOMD. Privacy Policy | Cookie Policy | Website Disclaimer

Contact us

Whether you are a business seeking advice or a lender interested in joining our panel, we would be delighted to hear from you.

Subscribe to our mailing list here

Join our subscriber community for our latest news and considered insights

Subscribe to our mailing list here

Join our subscriber community for our latest news and considered insights