In this Privacy Notice "we" , "our" or "us" refers to NewDay Ltd, its parent company NewDay Cards Ltd and any other companies in the group to which they belong (the NewDay Group) and "you" or "your" refers to anyone whose personal data we process. Reference to "the retailer" is to the retailer whose name appears on the front of your card and references to "the retailer group" refer to any company in the group to which the retailer belongs. The retailer credit cards are issued and administered by NewDay Ltd.
Details of the products offered by the NewDay Group and the retailers to whom this Privacy Notice applies can be found on our website www.newday.co.uk/products/our-own-brands and www.newday.co.uk/products/our-co-brands. These pages may be updated from time to time.
We may hold personal information about you even if we do not offer you a card the first time that you apply to us. We will continue to keep information about you after your account is closed. For more details about how long we retain your information please see section "How long we retain your personal information for". We will not hold information that is excessive or where there is no reason to continue to hold the information.
We and the retailer will keep your personal information confidential and secure and will only provide it to others for the purposes explained in this Privacy Notice. For more details about how we share your information with third parties please see section "Information we disclose to third parties and other organisations".
All our employees and those of the retailer are personally responsible for keeping your personal information confidential. We provide training to all employees to remind them about their obligations under data protection legislation.
We may change this Privacy Notice from time to time and we will put any changes on our website www.newday.co.uk and, where appropriate, changes will be notified to you by e-mail or by post. Please check our website frequently to see any updates or changes to our Privacy Notice.
NewDay Ltd and NewDay Cards Ltd are registered on the register of data controllers maintained by the UK Information Commissioner's Office (ICO). NewDay Ltd's registration number is Z272680X and NewDay Cards Ltd's registration number is Z5599433.
Should you wish to contact us about any aspect of this Privacy Notice you can contact our data protection officer using the following email address firstname.lastname@example.org. Details of the retailer’s data protection officer can be found in the retailer’s privacy notice or on their website. If you are unable to find these details please contact NewDay Ltd’s data protection officer using the email address above.
If you are unhappy with any aspects of this Privacy Notice or the way in which NewDay Ltd is processing your personal information you have the right to raise a complaint directly with the ICO. Their contact details are Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. You can call or email the ICO on 0303 123 1113 or email@example.com.
We get personal information about you from a number of sources. For example, personal information that:
NewDay Ltd are a data controller for the information that NewDay Ltd obtain when providing your card, however, the retailer may also hold personal information where the retailer processes your personal information for their own purposes and in this case the retailer will provide you with a separate privacy notice.
NewDay hold and use the following personal information about you:
When we are managing your account we and the retailer may be provided with sensitive personal information such as information about your health or medical information which we may hold and process to provide you with the services that you require.
We will keep your personal information confidential and only share it with others including the retailer for the purposes explained below and elsewhere in this Privacy Notice. We and the retailer have trusted relationships with carefully selected third parties who carry out services on our behalf. All these third parties have a contract with us and have agreed to keep your personal information confidential and secure and only to use it for the purposes that we allow.
We and the retailer may share your information with the following people and organisations for the purposes detailed below:
Following changes to the law, from 13 January 2018 you can allow an authorised Third Party Provider (TPP) to have access to your online servicing account. These TPPs are sometimes known as Account Information Service Providers and offer such services as the ability for you to look at all your bank and credit card accounts through one Mobile App or Website. You can only use a TPP where you have registered for Online Account Manager.
If you choose to use a TPP, please ensure you understand how their service works, such as how they access your account with us and how they will protect your data. Please be aware that:
The terms and conditions of your card will still apply.
All TPPs must be authorised by the Financial Conduct Authority and so you must check, from the information that the TPP gives you before you use their services, that the TPP is authorised. If you give your security details to a TPP that is not authorised, we will assume it is you authorising us to give access to your account. If we become aware that an unauthorised third party is using your security details, we will block access to your account.
We will use your personal information to:
Your personal information may also be used for other purposes for which you give your permission or where we are permitted to do so by law or it is in the public interest to disclose the information or is otherwise permitted under the terms of the Data Protection Act 1998.
In the event that NewDay receives any funds from a third party which have been incorrectly attributed or applied to your account, NewDay shall have the right to disclose all your available relevant information (including personal information) to the third party’s payment service provider (for example their bank) in order to assist the third party to recover such funds. Additionally, in the event that the third party’s payment service provider is unable to recover such funds on behalf of the third party, NewDay will upon receipt of a written request, provide all your available relevant information (including personal information) to the third party to enable them to recover the funds.
We will only retain your personal information for as long as it is required in relation for the purposes it was obtained.
We hold your personal information for the periods listed below:
We only keep details of your personal information and details of your account for such period of time to permit us to comply with any legal or statutory obligations after your account is closed.
When you apply for an account but are declined credit
We will keep your personal information for statistical analysis, fraud prevention and credit scoring purposes.
We know how important it is to keep your personal information secure. We protect that information using strong encryption when personal information is both being transferred and when at rest. Access to personal information is strictly controlled.
We use firewalls and other security measures to protect our servers and networks from external attack.
Our security systems meet or exceed industry standards.
By using our websites (through any device) you agree that this Cookies Policy applies to that use in addition to any other terms and conditions which may apply.
There are different types of cookies. They all work in the same way, but have minor differences:
Session cookies – Session cookies last only for the duration of your visit and are deleted when you close your browser. These facilitate various tasks such as allowing a website to identify that a user of a particular device is navigating from page to page, supporting website security or basic functionality. Many of the cookies we use are session cookies. For example, they help us to ensure the security of your online account servicing session, and can also keep you signed in while you move between pages or service your account. Our session cookies used for security are designed to be very difficult to read, change, access or use except by us when you have an active Internet Banking session. They contain no personal information that can be used to identify an individual. Their names typically start with the letters IB e.g. IBSESSION, IBCOOKIE01, IBCOOKIE02.
Persistent cookies – Persistent cookies last after you have closed your browser, and allow a website to remember your actions and preferences. Sometimes persistent cookies are used by websites to provide targeted advertising based upon the browsing history of the device. NewDay uses persistent cookies in a few ways, for example, to remember your username for log in so you don’t have to (cookie named IBUserID). We also use persistent cookies to allow us to analyse customer visits to our site, for example our cookie named WT_fpc. These cookies help us to understand how customers arrive at and use our site so we can improve the service.
First and third party cookies – Whether a cookie is a first or third party cookie depends on which website the cookie comes from. First party cookies are those set by or on behalf of the website visited. All other cookies are third party cookies. We use both first party and third party cookies.
Strictly necessary cookies – These cookies are essential in order to enable you to move around the website and use its features, and ensuring the security of your online banking experience. Without these cookies services you have asked for, such as applying for products and managing your accounts, cannot be provided. These cookies don’t gather information about you for the purposes of marketing.
Performance cookies – These cookies collect information about how visitors use a web site, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor although they may collect the IP address of the device used to access the site. All information these cookies collect is anonymous and is only used to improve how a website works, the user experience and to optimise our advertising. By using our websites you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings.
Functionality cookies – These cookies allow the website to remember choices you make (such as your user name). They may also be used to provide services you have requested such as watching a video. The information these cookies collect is anonymised (i.e. it does not contain your name, address, account details, etc.) and they do not track your browsing activity across other websites. By using our websites you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings.
Targeting cookies – These cookies collect several pieces of information about your browsing habits. They are usually placed by advertising networks. They remember that you have visited a website and this information is shared with other organisations such as media publishers. These organisations do this in order to provide you with targeted adverts more relevant to you and your interests. This type of advertising is called online behavioural advertising and those companies providing this advertising are working with the UK’s Internet Advertising Bureau to deliver more information to consumers. To highlight this information, publishers of advertising will, in the future, look to place an icon in the top right hand corner of an advert. This icon when clicked, will take you through to the website "youronlinechoices" (www.youronlinechoices.com/uk) where there is more help and guidance. In addition, NewDay seeks to only use advertising networks which are signed up to the IASH code of conduct for the placement of adverts. This code requires members to have their processes audited by a third party to ensure compliance. For more information on IASH please visit www.iash.org.uk. By using our websites you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings.
What if I don't want to accept cookies?
If you wish to restrict or block the cookies which are set by any website - including NewDay websites, you should do this through the browser settings for each browser you use, on each device you use to access the internet.
Please be aware that some of our services, for example Internet Banking, will not function if your browser does not accept cookies. However, you can allow cookies from specific websites by making them "trusted websites" in your internet browser.
You may wish to visit the website "allaboutcookies" www.allaboutcookies.org which contains comprehensive information on how to do this on a wider variety of browsers.
We may transfer your personal information so that we can manage your account and provide other services from:
We may process payments through other financial institutions such as banks and the worldwide payments system operated by the SWIFT organisation. These external organisations may process and store your personal information abroad in order to fulfil any payment instructions for example when you use your credit card. Additionally, they have to disclose your personal information to overseas authorities to help them to prevent and detect crime and terrorism. If these authorities are outside the EEA, your personal information may not be protected to the same standards as in the EEA.
When you apply to us for credit we may use an automated system known as credit scoring to help us decide whether to lend to you. It is a way of assessing how much you are able to afford to borrow and how you are likely to manage your account. Most lenders use credit scoring to help make fair and informed decision about lending.
Credit scoring takes account of information from three sources:
Credit scoring methods are regularly reviewed to ensure they remain fair, effective and unbiased. Using credit scoring helps us to lend responsibly.
As well as searching CRAs, we may ask you to provide physical forms of identity when you apply for credit for example a copy of your passport and/or driving licence and other information for us to validate your identity.
If you apply to us but we are unable to offer you credit, you can contact us within 21 days of the date of your application to ask to have the decision reconsidered.
Under the Data Protection Act 1998 you have a number of data subject rights. Details of these rights and how you can exercise these are set out in the following sections:
You have a right to access certain personal records that we hold about you. This is called a data subject access request and you can make a request by writing to Customer Services Team, NewDay Ltd, PO Box 700, Leeds LS99 2BD. A £10 fee is payable and we may require further information from you in order to identify your identity before disclosing any personal information to you.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove any personal information that you think is no longer up to date.
You have a right under the Consumer Credit Act 1974 to request a CRA to provide you with information they hold about you. A fee is payable.
We and the retailer, or members of either group, may send you information directly related to your card and from which you may benefit about, for example, retailer offers, loyalty points or cardholder promotions where these are features of your card. We may also send you marketing and details of how and why we do this and your right to opt out of receiving such communications are set out in section below "Marketing Communications"
We want to make sure that we provide excellent customer service and we use various means of communication to do this including phone, post, email and SMS.
As part of the application process we ask whether you wish to receive marketing from us.
We will not send you marketing communications if you ask us not to.
If you ticked yes to receiving marketing on your application form, but no longer wish to receive such communications, please let us know by writing to Customer Services Team, NewDay Ltd, PO Box 700 Leeds LS99 2BD or phoning us on the number set out on your card or statement.
We may monitor or record phone calls with you in case we need to check that we have carried out your instructions correctly, to resolve queries or issues, for regulatory purposes, to help improve the quality of our service, to manage your account and to help detect or prevent fraud or other crimes. Conversations may also be monitored for staff training purposes.
As part of our commitment to understand our customers better, we may research comments and opinions made public on social networking sites, such as Twitter and Facebook.
When you apply to us to open an account, we will:
Any account you and, if you have one, your "financial associate" (as defined in the next paragraph) may have or have had with us.
A "financial associate" is someone with whom you have a personal relationship that creates a joint financial unit in a similar way to a married couple. You will have been living at the same address at the time. It is not intended to include temporary arrangements such as students or rented flat sharers or business relationships.
CRAs may link together the records of people that are part of a financial unit. They may do this when people are known to be linked, such as being married or have jointly applied for credit or have joint accounts. They may also link people together if they, themselves, state that they are financially linked.
Search at FPAs for information on you and any addresses at which you have lived and on your business (if you have one)
Information that is supplied to us will be sent to the CRAs.
If you are making a joint application or tell us that you have a spouse or financial associate, we will:
If you give us false or inaccurate information and we suspect or identify fraud we will record this and may also pass this information to FPAs and other organisations involved in crime and fraud prevention.
Your personal information may also be used by us to offer you other products, but only if you have given your permission as part of any application that you have completed.
Assess this application for credit and/or;
Check details on applications for credit and credit related or other facilities;
Verify your identity and the identity of your spouse, partner or other directors/partners (if any) and/or;
Undertake checks for the prevention and detection of crime, fraud and/or money laundering.
We may use scoring methods to assess this application and to verify your identity.
Any or all of these processes may be automated for more information please see section entitled "Using credit scoring and automated decision making".
Where you borrow or may borrow from us, we will give details of your personal and/or business account (if you have one), including names and parties to the account and how you manage it/them to CRAs.
If you borrow and do not repay in full and on time, we will tell CRAs.
We may make periodic searches of our own group records and at CRAs to manage your account with us, including whether to make credit available, increase the amount of credit available or to continue or extend existing credit. We may also check at FPAs to prevent or detect fraud.
Place a search "footprint" on your credit file whether or not this application proceeds. If the search was for a credit application the record of that search (but not the name of the organisation that carried it out) may be seen by other organisations when you apply for credit in the future.
Link together the records of you and anyone that you have advised is your financial associate including previous and subsequent names of parties to the account. Links between financial associates will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs.
Credit information such as previous applications and the conduct of the accounts in your name and of your associate(s) (if there is a link between you) and/or your business accounts (if you have one).
Public information such as County Court Judgments (CCJs) and bankruptcies.
Electoral Register information.
Fraud prevention information.
CRAs will record the details that are supplied on your personal and/or business account (if you have one) including any previous and subsequent names that have been used by the accountholders and how you/they manage it/them.
If you borrow and do not repay in full and on time, CRAs will record the outstanding debt.
Records shared with CRAs remain on file for 6 years after they are closed, whether settled by you or defaulted.
It will not be used to create a blacklist.
It will not be used by the CRA to make a decision.
The information which we and other organisations provide to the CRAs about you, your financial associates and your business (if you have one) may be supplied by CRAs to other organisations and used by them to:
ii.Check the operation of credit and credit-related accounts
iii.Verify your identity if you or your financial associate applies for other facilities.
iv.Make decisions on credit and credit related services about you, your partner, other members of your household or your business.
v.Manage your personal, your partner’s and/or business (if you have one) credit or credit related account or other facilities.
vi.Trace your whereabouts and recover debts that you owe.
vii.Undertake statistical analysis and system testing.
i.The information which we provide to the FPAs about you, your financial associates and your business (if you have one) may be supplied by FPAs to other organisations and used by them and us to prevent crime, fraud and money laundering by, for example;
a.checking details provided on applications for credit and credit related or other facilities
b.Managing credit and credit related accounts or facilities
c.Cross Checking details provided on proposals and claims for all types of insurance.
d.Checking details on applications for jobs or when checked as part of employment.
ii.Verify your identity if you or your financial associate applies for other facilities including all types of insurance proposals and claims.
iii.Trace your whereabouts and recover debts that you owe.
iv.Conduct other checks to prevent or detect fraud
v.We and other organisations may access and use from other countries the information recorded by FPAs.
vi.Undertake statistical analysis and system testing.
You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.
Please contact us at Customer Services Team, NewDay Ltd, PO Box 700, Leeds LS99 2BD if you want to receive details of the relevant FPAs.
Q: What is a CRA?
A: CRAs collect and maintain information on consumers’ and businesses’ credit behaviour, on behalf of organisations in the UK.
Q: What is a FPA?
A: FPAs collect, maintain and share, information on known and suspected fraudulent activity. Some CRAs also act as FPAs.
Q: Why do you use CRAs and FPAs when I have applied to your organisation?
A: Although you have applied to NewDay and we will check our own records, we will also contact CRAs to get information on your credit behaviour with other organisations. This will help us make the best possible assessment of your overall situation before we make a decision.
Q: Where do CRAs and FPAs get the information?
A: publicly available information:
Q: How will I know if my personal information is to be sent to a CRA or FPA?
A: You will be told when you apply for an account if your application personal information is to be supplied. The next section of this leaflet will tell you how, when and why we will search at CRAs and FPAs and what we will do with the information we obtain from them. We will also tell you if we plan to send payment history information on you or your business, if you have one, to CRAs. You can ask at any time the name of CRAs and FPAs.
Q: Why is my personal information used in this way?
A: We and other organisations want to make the best possible decisions we can, in order to make sure that you, or your business, will be able to repay us. Some organisations may also use the information to check your identity. In this way we can ensure that we all make responsible decisions. At the same time we also want to make decisions quickly and easily and, by using up to date information, provided electronically, we are able to make the most reliable and fair decisions possible.
Q: Who controls what CRAs are allowed to do with my personal information?
All organisations that collect and process personal information are regulated by the Data Protection Act 1998, and compliance with the Data Protection Act 1998 is overseen by the UK Information Commissioner’s Office. All CRAs are in regular dialogue with the Information Commissioner's Office. Use of the Electoral Register is controlled under the Representation of the People Act 2000.
Q: Can just anyone look at my personal information held at CRAs?
A: No, access to your information is very strictly controlled and only those that are entitled to do so, may see it. Usually that will only be with your agreement or (very occasionally) if there is a legal requirement.