It's important to know who's handling your data. Here we set out who we are, why we have this policy in place, and how you can get in touch with us if you have any questions or would like to talk to us about your data.
Personal data is any information which can (or could be used to) identify you. It doesn't include data which is not possible to relate to a specific person (anonymous data).
The Selina website is not intended for children and we do not knowingly collect data relating to children, unless explicitly requested in a very limited number of cases.
At Selina, we take your personal data seriously. This policy:
We collect the information necessary to be able to assess whether you are eligible to use our product, to determine the terms corresponding to your risk profile and to deliver our product/services to you. We may collect, use, store and transfer different kinds of personal data about you which are grouped follows:
Apart from the information customers provide to us directly, we may also record information about potential vulnerabilities where we think this is appropriate to meet the obligations placed on us by the Financial Conduct Authority (FCA) with regard to vulnerable customers. You can find out more about our obligations to potentially vulnerable customers here.
We use your personal data to:
We will use your personal data for the purposes stated above, unless we reasonably consider that we need to use it for another reason and it is compatible with the original purpose. Please note that we may process your personal data without your knowledge or consent, where this is required or permitted by law.
While you are a customer of ours, we'll only retain your personal data including call recordings for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. This enables us to adhere to our regulatory requirements, ensure we provide suitable advice (where applicable), and to answer any questions you may have later down the line. If you don't transact with us, depending on the stage of your application, we may delete your information sooner in accordance with our data retention policy.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Please note that if your personal information is shared with third parties, they may have different retention policies. Fraud prevention agencies can hold your personal data for different periods of time; if you are considered to pose a fraud or money laundering risk, note that your data can be held by them for up to six years.
After termination of your contract, we may continue to use aggregated anonymised data for data analysis, profiling and research purposes, for example to gain insights about our customers. Aggregated anonymised data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
If you make an application to use our services, we will obtain copies of your credit report and score from designated credit scoring agencies on your behalf. We will also share your information with such credit scoring agencies in order to provide our services to you.
Credit scoring agencies collect and maintain information about consumers’ and businesses’ credit behaviour. This includes fraud prevention, credit information (including details of your previous applications and the conduct of your bank accounts) and publically accessible information (such as information from the Electoral Register, County Court Judgements, decrees, and bankruptcies). Credit scoring agencies may form a link between any previous or subsequent names that you use in the records they hold about you.
The identities of the credit scoring agencies used, and further data management details are available through the links below;
Additionally, you can contact any of the credit scoring agencies as follows, if you wish to obtain a copy of your credit report.
Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0844 4818000 or log on to www.experian.co.uk.
Equifax PLC, Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 335 0550 or log on to www.equifax.co.uk
We may provide information to other organisations about you, your financial associates (individuals you have made a joint application with or are otherwise linked to your credit history) and your business (if you have one). This information is used by them and us to:
We also have processes and systems that protect our customers and ourselves against fraud and other crime. We will share your personal information with fraud prevention agencies and government agencies in order to help us to identify instances of fraud and trace those responsible. If false or inaccurate information is provided and fraud is identified, details of this fraud will be passed to these agencies. Law enforcement agencies may access and use this information.
Other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
We and other organisations may access and use from other countries the information recorded by fraud prevention agencies.
Selina needs the information you provide us when you register and that we collect about you from third parties to allow us to provide you with our services as agreed in our contract with you. We are unable to provide our services to you without collecting relevant information that will allow us to be able to assess your suitability for the financial products and services we provide.
Selina may also use your personal data to comply with our legal obligations, including our obligations to regulators. We will always seek your consent to process certain types of information where we are legally required to do so such as marketing but may also rely upon legitimate interest for direct marketing where we can reasonably show the product or services may be of interest to you.
For other kinds of information we process (such as from the land registry or individual home appraisals), this is necessary in pursuit of our legitimate interests in establishing a charge over your property or adequately assessing your risk profile and property value.
While there are some risks with this type of activity, on balance, we consider the risk to your data protection rights is outweighed by the significant benefits in being able to provide you with:
Selina implements protections for your rights by establishing adequate cyber security in order to protect your data privacy.
We understand how important it is to keep your personal data secure, and have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your data to those employees, agents, contractors and other third parties who have a business need to know. They will process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we're legally required to do so.
If you do not provide the personal data necessary, or (where we are relying on your consent) if you withdraw your consent for the processing of your personal data, we may not be able to provide you with our products or services.
Selina may use an automated decision-making system to perform credit scoring/property value assessment activities and make determinations concerning your suitability for certain financial products and services.
We use this system to verify the financial details you provide us against those held by third-party providers, as well as benchmark them against our risk scoring guidelines. If you do not pass the relevant checks using the automated system, we cannot provide our goods or services to you.
Moreover, using an automated decision-making system enables us to provide you with the fairest rate possible, as well as minimise the risk to grant you a loan for which you are possibly not eligible.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal consequences for you or similarly significant effects. While Selina is confident that the technology works, we understand that not everyone is comfortable with decisions being left entirely up to machines. If you have any questions about our automated decision-making system, please contact us on email@example.com or +44 20 8133 0157.
Selina uses third party processors to provide our services; these companies will process or store your information on our behalf. Here are the types of entities we share information with, for a full list please contact us:
We abide by the UK data protection laws. And, if we ever have to send data outside the UK, we take care that it's covered by the same high standards.
Your personal data may be processed in the USA by Selina or the third parties we use. Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. We'll be happy to discuss these and how they might apply to you. If you wish to exercise any of the rights set out below, please contact us.
Selina attempts to act on all legitimate requests within 30 days. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we'll notify you and keep you updated.
You won't have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge an administrative fee if your request is clearly unfounded, repetitive or excessive and/or further copies of the same information. Alternatively, we may be entitled to refuse to act on the request in these circumstances. Please consider your request responsibly before submitting it.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
In summary, you have:
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.
2. The right of access
You have the right to obtain access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we're lawfully processing it.
3. The right to rectification
You are entitled to have the personal data that we hold about you corrected.This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
4. The right to erasure
Also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to restrict processing (see below). Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you.
5. The right to restrict processing
You have rights to ‘block’ or suppress further use of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you don't want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability
You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider. We'll provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
7. The right to object to processing
You have the right to object to certain types of processing of your personal data where we're relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. This includes processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
8. The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. The contact details for the UK Information Commissioner’s Office is provided below.
9. The right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time; although this won't affect the lawfulness of any processing carried out before you withdraw your consent. This includes your right to withdraw consent to us using your personal data for marketing purposes. If you withdraw your consent, we may not be able to provide certain products or services to you. We'll advise you if this is the case at the time you withdraw your consent.
Selina may contact you by phone, email, post or through our mobile application. If you prefer a particular contact over another please just let us know.
Where you have consented we may send you messages by text (SMS), post, email and other digital methods (including new methods that may become available in the future) about products and services which may be of interest to you – these are marketing messages. You can ask us to stop or start sending you marketing messages at any time by contacting us or using the opt in or out links in our emails.
Where we make any significant changes to this privacy notice, we will contact you to ensure that you are aware of the changes. We may also make minor updates to this privacy notice without notifying you but will ensure that the updated version is available online.
Post: Selina Finance Ltd, HYLO 103-105 Bunhill Row, London EC1Y 8LZ.
Telephone: 020 3984 8578
We are Selina Finance Ltd, a company registered in England and Wales under company number 11497606. We are authorised and regulated by the Financial Conduct Authority (FCA), under firm reference number 820183. You can check this on the Financial Services Register by visiting the FCA website.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK independent supervisory authority for data protection issues. We'd always appreciate the chance to deal with your concerns before you approach the ICO however, so please contact us in the first instance.
If you have any questions or complaints relating to how we use your personal data, or if you wish to exercise any of your rights regarding your personal data, please contact us by emailing firstname.lastname@example.org. We will respond to you as soon as possible. The length of time will depend on the type and complexity of the request, but you will receive a response no later than one month from the initial request.
This version was last updated in December 2023, and historic versions can be obtained by contacting us.
It's important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.