Any reference to “We” or “Us” in this Policy shall mean Horizon Finance Limited. This Policy applies to Horizon Finance Limited and www.finance.gi (Site) which is owned and operated by Horizon Finance Limited.
Our contact details
Name: Horizon Finance Limited.
Address: Unit 16 Honey Suckle House, Waterport Terraces, Gibraltar, GX11 1AA.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Policy.
If you have questions or complaints regarding this Policy or practices, please contact us at firstname.lastname@example.org.
The type of personal information we collect
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics including name and contact details.
- Financial Data, including income, expenditure, assets, liabilities, bank account details and payment card details.
- Employment information, including Employer’s name, contact details, job title, length of employment and employment history.
- Transaction Data, including details about payments to and from you.
- Technical Data, including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Site.
- Marketing and Communications Data includes your preferences in receiving marketing from us and third parties and your communication preferences.
- Criminal convictions and offences.
- We do not collect any Special Categories of Personal Data about you, including details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health or genetic data.
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- Application for Credit Facilities.
- Know Your Customer (KYC) or other legal or compliance requirements.
- Contact with us in person or via one of our channels of communication.
- When you subscribe to our publications, request marketing, or enter in our promotions or surveys.
We also receive personal information indirectly, from the following sources in the following scenarios:
- Public registries and various third parties for our credit and compliance requirements.
We use the information that you have given us in order to:
- To register you as a new customer.
- To search Credit Reference Agencies’ and Fraud Prevention Agencies’ records (including information from overseas).
- To process an application and to make, or assist in making, credit decisions about you, assess lending and insurance risks, and to check the details that you have let us and others have.
- To operate and manage our relationship with you and your account and manage any application, agreement or correspondence you may have with us.
- To carry out, monitor and analyse our business.
- To contact you by Whatsapp, chat, SMS, phone, e-mail, mail or otherwise about an enquiry or our products and services, unless you tell us that you prefer not to receive marketing.
- To identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes.
- To form a view of you as an individual and to identify, develop or improve products, that may be of interest to you.
- To carry out market research, business and statistical analysis.
- To provide information to independent external bodies such as governmental departments and agencies, universities and similar to carry out research.
- To carry out audits and perform other administrative and operational purposes including the testing of systems.
- To trace your whereabouts and to recover any debt you owe us.
- To comply with our legal and regulatory obligations.
- To notify you about changes to our service, prize draws, competitions or to complete a review or a survey.
- To make suggestions and recommendations to you about goods or services that may be of interest to you.
- To ensure that our Site is up to date and its content is presented in the most effective manner for you and for your computer.
We may share this information with
- with a purchaser, in the event our business or substantially all of its assets are acquired by a third party (in which case Personal Data held about customers will be one of the transferred assets).
- in order to enforce any of our terms and conditions.
- our suppliers and partners.
- with fraud prevention or law enforcement agencies, in the event false or inaccurate information is provided and fraud is identified. We and other organisations may also access and use this information to prevent fraud and money laundering, for example when checking details on applications for credit and credit related and other facilities; managing credit and credit related accounts or other facilities; recovering debt; checking details on proposals and claims for all types of insurance; and checking details of job applicants and employees. For further details of the relevant fraud prevention agencies please contact us by email email@example.com
- in case of default; we may share with your guarantor, your employer, debt collection agencies, law enforcement agencies.
- with individuals who you nominate as your referees to verify certain information that you provide to us.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting firstname.lastname@example.org.
- We have a contractual obligation.
- We have a legal obligation.
- We have a vital interest.
- We need it to perform a public task.
- We have a legitimate interest.
How we store your personal information
We are aware of the importance of the data we collect from you and therefore we use advanced technology to protect your information. We take reasonable precautions to protect Personal Data from loss, misuse and unauthorised access, disclosure, alteration and destruction.
For example, we store data in encrypted form on computers and control access via secure web pages. We also employ other security technologies to protect ourselves from external attack. In addition, we train our employees in the proper handling of Personal Data and when we use other companies to provide services for us, we require them to protect the confidentiality of Personal Data they receive.
When you enter certain more-sensitive information (such as your bank sort code or account number) on the application form, we encrypt that information using secure socket layer technology.
We only keep your Personal Data for as long as necessary(see the Data Retention section), for the purposes for which it was collected, to provide you with services and to conduct our legitimate business interests or where otherwise required by law. In addition, we take reasonable steps to ensure that the data we collect is relevant for its intended purposes, and is accurate, and up to date.
We keep the Personal Data of customers and visitors for a minimum of five years after closure of your account or from the date you last used one of our services. We may hold information relating to loan accounts falling under the non-personal information category for longer where necessary for active or potential legal proceedings, to resolve or defend claims, and for making remediation payments.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at email@example.com if you wish to make a request.
This policy was last updated on 7th November 2023