Our contact details
Name: multifi
Address: Windsor House, Bayshill Road, Gloucestershire, GL50 3AT
Phone Number: +44 0330 113 0669
E-mail info@multifi.co.uk
The type of personal information we collect
We currently collect and process the following information:
How we use your information:
We will use the information that we collect about you for the following purposes:
Marketing/ Promotional
Creating user account
Targeted advertising
Manage customer order
Site protection
Manage user account
If we want to use your information for any other purpose, we will ask you for consent and will use your information only on receiving your consent and then, only for the purpose(s) for which grant consent unless we are required to do otherwise by law.
Retention of your information:
We will retain your personal information with us for 90 days to 2 years after user accounts remain idle or for as long as we need it to fulfill the purposes for which it was collected as detailed in this Privacy Policy. We may need to retain certain information for longer periods such as record-keeping / reporting in accordance with applicable law or for other legitimate reasons like enforcement of legal rights, fraud prevention, etc. Residual anonymous information and aggregate information, neither of which identifies you (directly or indirectly), may be stored indefinitely.
Your rights:
Depending on the law that applies, you may have a right to access and rectify or erase your personal data or receive a copy of your personal data, restrict or object to the active processing of your data, ask us to share (port) your personal information to another entity, withdraw any consent you provided to us to process your data, a right to lodge a complaint with a statutory authority and such other rights as may be relevant under applicable laws. To exercise these rights, you can write to us at kris.makuch@multifi.co.uk. We will respond to your request in accordance with applicable law.
You may opt-out of direct marketing communications or the profiling we carry out for marketing purposes by writing to us at kris.makuch@multifi.co.uk.
Do note that if you do not allow us to collect or process the required personal information or withdraw the consent to process the same for the required purposes, you may not be able to access or use the services for which your information was sought.
Cookies etc.
To learn more about how we use these and your choices in relation to these tracking technologies, please refer to our Cookie Policy.
Security
The security of your information is important to us and we will use reasonable security measures to prevent the loss, misuse or unauthorized alteration of your information under our control. However, given the inherent risks, we cannot guarantee absolute security and consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.
Third party links and use of your information
Our Service may contain links to other websites that are not operated by us. This Privacy Policy does not address the privacy policy and other practices of any third parties, including any third party operating any website or service that may be accessible via a link on the Service. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Lawful bases under GDPR
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for the following reasons:
Data Sharing with Third Parties
In order to provide you with our full range of services and ensure that we meet your business needs, we may share your personal data with selected third-party partners and service providers. This will include, but is not limited to, sharing your data with:
Service Providers: For example, we use Cashflows to white label our Payment Processing, and in such cases, customer details may be shared with their customer service team to facilitate transactions or provide support.
All third-party providers are carefully vetted to ensure they adhere to the highest data protection and privacy standards. We will only share your personal data with third parties with a legitimate business need and agree to protect your data in compliance with GDPR and other applicable data protection laws.
Legal Basis for Data Sharing
The legal basis for sharing your personal data with third parties includes:
We also receive personal information indirectly, from the following sources in the following scenarios:
Credit Reference Agencies
You understand that when we assess any credit application, including any future request for new or increased facilities, we will use the information (including information about the conduct of any existing facility) for credit assessment, which may include credit scoring.
We may make any enquiries relating to you and the business, that we consider necessary (for example, from another financial institution) and search the files of credit reference agencies at your home and business address, who will keep a record of each search. The credit reference agencies will supply both public (including the electoral register) and shared credit and fraud prevention information. This could affect your ability to get credit elsewhere within a short period of time. If you are a director, we will seek confirmation from credit reference agencies that the residential address that you provide is the same as that shown on the restricted register of directors’ usual addresses at Companies House. Details about any applications (whether or not they go ahead) will be recorded at the credit reference agency, including information on the business and its proprietors, and credit reference agencies may create a record of the name and address of your business and its proprietors if there is not one already. A financial link between joint applicants or between you and any named business partner or individual will be created at the credit reference agency. This will link your financial records (including records of any previous and subsequent names), where each will be taken into account in all future applications by either or both of you. If an association linking your financial records with those of any other person already exists at the credit reference agency, any applications will be assessed with reference to these associated records. This situation will continue until one of you successfully files a ‘disassociation’ at the credit reference agency. We will also pass details about you, the business and the conduct of your account (if this application is successful) to credit reference agencies. You understand that this will include any failure to make agreed payments, and that this information may affect your ability to get credit.
multifi are members of the Equifax credit data sharing arrangement. Each organisation that shares financial data with Equifax is also entitled to receive similar kinds of financial data contributed by other organisations. These organisations are typically banks, building societies, and other lenders, as well as other credit providers like utilities companies and mobile phone providers.
In the event a customer enters a Default event, after 30 days, multifi would report this to Equifax under the credit data sharing arrangement.
Verifying your identity and fraud checks
Before we can approve a facility for you, we and other organisations may search and use the records held by credit reference and fraud prevention agencies to prevent and investigate crime, fraud and money laundering, in order to prevent or detect fraud. We may make searches at credit reference agencies who will supply us with information, including information from the electoral register, for the purposes of:
Scoring methods may be used to verify your identity. A record of this process will be kept that may be used to help other companies to verify your identity. If false or inaccurate information is provided and fraud identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.
Processor / Controller
multifi are both the Processor and Controller of your personal data. In circumstances where we process information on behalf of another business, this will entitle the third parties as listed, to be Controllers of your information. Please refer to Schedule 1 below for details of the Processor and Controllers rights between multifi and our third parties. The main third-party who will have access to your personal data will be multifi’s lenders, however we may share this information with the following relevant third parties:
Any third parties that we may share your data with are obliged to keep your details secure, and to use them only to support the fulfilment of the service we provide to you. When they no longer need your data to fulfil this service, they will dispose of the details in line with multifi’s procedures.
Full details of the third-party service providers we use are available from our Data Protection Officer on request.
How we store your personal information
Your information is securely stored on our Platform and on our MS SharePoint system, as well as laptops our employees use.
We keep your personal data for 6 years if a contract is entered into. Details of our record retention schedule is available on request from our Data Protection Officer.
Our Chief Technology Officer is responsible for the monitoring and disposal of your information on each the Platform and IT software belonging to the Company.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances where we have not entered into a formal contract with you
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at Info@multifi.co.uk if you wish to make a request.
We may update this privacy notice from time to time in order to reflect changes in our data processing practices, legal obligations, or best practices. We encourage you to review this privacy notice periodically to stay informed about how we handle and protect your personal data.
When we make a material change to this privacy notice, we will notify you either through a prominent notice on or website, by sending you an e-mail, or by any other appropriate means.
By continuing to use our service or providing personal data after any changes to this privacy notice, you acknowledge and agree to the updated terms.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at Info@multifi.co,uk or call us on +44 0330 113 0669
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane, Wilmslow,
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
SCHEDULE 1
Data privacy- Controller / Processor obligations