Octane Capital Limited, Octane Property Finance Limited and affiliated companies (“Octane”) need to collect and use certain types of information about individuals who come into contact with Octane in order to carry on our work. The purpose of this policy is to ensure that Octane:
The Data Protection Act 1998 is designed to protect individuals and personal data, which is held and processed on their behalf. The Act defines the individual as the ‘data subject’ and their personal information as 'data'. These are further defined:
(a) When you access, browse this website (including when you submit personal information to us through data entry fields on the website), continue to use this website and through our application or verification processes, we may collect information from you, which may include the following personal information:
(i) your name; (ii) your current and previous postal addresses;
(iii) your phone, fax and e-mail details;
(iv) your date of birth;
(v) your passwords and security question answers;
(vi) correspondence with us by email and post;
We may also collect:
(viii) financial information (including bank or building society account details and details of debit cards used in relation to our services);
(ix) sensitive information (such as any medical information you disclose to us (although we will always get specific permission from you before recording this type of information);
(ix) information you provide in our application processes (including, if you are a borrower, agent or investor, certain personal, identity, contact and financial information about directors, partners, members, shareholders, beneficial owners and guarantors);
(x) data about your activities using Octane, including information about your computer (for example, your IP address, operating system and browser type): for more information please see our Cookies policy below.
(b) We may also obtain information about you from third parties including credit reference agencies, fraud prevention agencies, insolvency practitioners, debt advisers, tracing agents, commercial databases, marketing databases, public records and other publicly available information sources, including information about your business or company (e.g. previous credit applications, personal credit information, electoral register and fraud prevention information).
(c) If you give us false or inaccurate information and we suspect or identify fraud, we will record this.
(d) If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies
Your information will be used to provide you with information and services that you request from us, to enable us to provide you with information that we feel may be of interest to you and for other legitimate business purposes. This may include for the purposes of assessing your application, opening and maintaining accounts, verifying your identity, transferring or receiving money and, if you are a borrower, enforcing loan provisions or tracing you in the case of a default. Where you have consented to us doing so, we may use your information to contact you about our products and services we think may be of interest to you and may provide your details to carefully selected third parties for the same purpose.
We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
(i) checking details on applications for credit and credit related or other facilities
(ii) managing credit and credit related accounts or facilities
(iii) recovering debt
(iv) checking details on proposals and claims for all types of insurance
(v) checking details of job applicants and employees
Please contact us if you want to receive details of the relevant fraud prevention agencies.
We and other organisations may access and use from other countries the information recorded by fraud prevention agencies.
(d) We may also collect anonymised details about visitors to the website for the purposes of aggregate statistics or reporting purposes and to calculate referral fees. However, no single individual will be identifiable from the anonymised details we collect or disclose for these purposes.
Information you provide may be shared with the Octane Group and certain of our service providers. We may disclose your information to third parties where you have consented for us to do so, where we are under a legal, regulatory or professional obligation to do so, or where we merge, reorganise or transfer all or part of our business we may disclose information to successors of the business.
Where data is stored on paper or is usually stored electronically but has been printed of for, it should be kept in a secure place where unauthorised people cannot see it or gain access to it, the following guidelines should be followed by all employees:
When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:
The law requires Octane to take reasonable steps to ensure data is kept accurate and up to date. It is the responsibility of all employees who work with data to take reasonable steps to ensure it is kept as accurate and up to date as possible:
It may sometimes be necessary to transfer personal information overseas. In these circumstances, personal information will be transferred as follows:
and appropriately encrypted.
Where personal data is to be transmitted via email or fax appropriate steps must be taken to protect the data. This may include, for instance, confirming that the person is available to receive the fax and encrypting or password protecting personal data being transmitted.
Octane recognises that individuals have the right to prevent their personal data being processed for direct marketing. If an individual wants to prevent their personal data being used in this way they should write to the Managing Director of Octane Capital, Interchange Triangle, London N1 8AB. Once this notice has been received Octane will comply with the request within a reasonable time. In normal circumstances electronic communications should stop within 28 days of receiving the notice, and postal communications should stop within two months.
Octane acknowledges individuals rights under the Data Protection Act 1998 to delete and/or correct data held by Octane if it is proven to be inaccurate, excessive or out of date. If an individual is concerned about the accuracy of the data Octane holds on them they should contact Octane via the website the Managing Director of Octane Capital, Interchange Triangle, London N1 8AB. Octane will consider whether the data is incorrect and if so if it should be corrected or deleted. Whilst the matter is being resolved the data under review will be recorded as being in dispute.
Octane acknowledges individuals rights under the Data Protection Act 1998 to access any personal data held on our systems and in our files upon their request. All individuals who arethe subject of personal data held by Octane are entitled to be:
If an individual or appropriately authorised person on their behalf contacts Octane requesting this information, this is called a subject access request. Subject access requests from individuals should made in writing to the Managing Director of Octane Capital, Interchange Triangle, London N1 8AB.
The data protection officer will provide the relevant data promptly and within 20 calendar days.
Octane will follow the Code of Practice issued by the ICO when developing policies and procedure in relation to data protection. Octane will ensure that Data Processing Agreements are applied to all contracts and management agreements where Octane is the data controller contracting out services and processing of personal data to third parties (data processors). Octane will ensure this agreement clearly outlines the roles and responsibilities of both the data controller and the data processor.
Octane will adhere to and follow the 8 principles of data protection when conducting surveys, marketing activities etc., where Octane collects, processes, stores and records all types of personal data.
Complaints relating to breaches of the Data Protection Act 1998 and/or complaints that an individual’s personal information is not being processed in line with the 8 principles of data protection will be managed and processed by the data protection officer.
All complaints of dissatisfaction will also be processed in accordance with Octane’s Complaints Process and should be sent to:
Managing Director, Octane Capital, Interchange Triangle, London N1 8AB.
Octane will only share information in accordance with the provisions set out in the Data Protection Act 1998. Where applicable, Octane will inform individuals of the identity of third parties to whom we may share, disclose or be required to pass on information to, whilst accounting for any exemptions which may apply under the Data Protection Act 1998.
In certain circumstances, The Data Protection Act 1998 allows personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances, Octane will disclose requested data. However the data controller will ensure the request is legitimate, seeking assistance from the board and from the company’s legal advisers where necessary.