Credit Debt & Legal Ltd – GDPR Compliance
Incorporated in 1982, Credit Debt & Legal Ltd are Debt Collection Agents and are registered in England under company registration number 1633554. We may answer the phone with the abbreviation “CDL” and it may be used here in this compliance information as a substitute for the full name of the Company. We use information supplied by our clients in the pursuit of bona-fide unpaid Receivables (Invoices) both in the United Kingdom and Abroad. We are registered under the Data Protection Act Registration Z4588308 since 1998.
The subject of Data Protection is the sole responsibility of the Managing Director of CDL. If you need to discuss any issue regarding data please use the following email address: firstname.lastname@example.org or you can write to us at:
Credit Debt & Legal Ltd, C/O: 40 The Parade, Walton-on-the-Naze, Essex, CO14 8AS
Relevant legislation to 25th May 2018 is Regulation EU 216/679 (the General Data Protection Regulation), the Data Protection Act 1998 as revisions to 2018.
CDL stores and uses information that is used to identify a business, be it a Limited liability Company, a sole proprietorship or a Partnership that owes a debt to a client. This information is provided to the Company by our clients and may be in email format with attachments, or via the Post. Rarely is the information supplied by Telephone without a substantiating document being forwarded. Please note that the Company does NOT pursue Consumer Debts regulated or unregulated but only “Commercial Business Debts”.
Where there is a requirement to store information relating to employees and contractors, adequate records are kept to be able to contact, manage and pay them in accordance with Statutory legislation and observe their rights as imposed upon us as an employer.
From time to time we may store names and business contact details of individual people providing us with supplier services.
The Company does not conduct direct marketing activities in order to obtain new business but by the inclusion of the Company business in free Directories and Internet Search Engines. No information contained in the Company’s database of clients or their debtors is used for marketing purposes. The Company website does not gather “Cookies” of any description from visitors to the site.
In order to succeed in providing an effective service to our clients, we collect, store and use identifiable information including Business names, Director identities, addresses, telephone numbers, email addresses and address information obtained via Credit information providers and information publicly available on the internet. Employees of a subject business we approach as Agents on our clients behalf with regard to any bona-fide debt owing, and the subject if contacting us may divulge information which may be noted down in written form or added to a database record depending on its substance. Only in cases of legal action do we provide detail to a third party being the County Courts on matters being pursued by us as Agents to the client.
Data subjects rights
We are obliged to respect the rights of data subjects.
We agree to disclose the source of any data we hold about a business upon the legitimate request of a person (if in writing) on their letterhead stating their status/position in the business. Any email must have an email address identifiable as relevant to the Business and their name clearly as part of the email address. Without this clear identity we may not legally be able to respond to it.
Acquaint yourself with GDPR legislation in full so that your enquiry is topically relevant and note that we cannot respond where a matter is subject to judicial review.
Where a Business believes that information we have obtained from a client is inaccurate we will work with that Business to ensure data subjects’ information is corrected. The Company at all times respects the right to accuracy of information in our charge.
A data subject unhappy with a response by reply to a filed and recorded complaint that they have made to the Company has the right to use the response of the Company in making a complaint to the Information Commissioner’s Office, Wycliffe House, Wilmslow, SK9 5AF.
Data Storage and Security
We store information relating to our business on computer systems and in paper format.
When the information is no longer necessary to keep in paper form it is archived for destruction by appropriate services providing secure means of shredding disposal. Any information provided to us by a subject which pertains to a Credit or Debit Card, is communicated to a client for processing, verbally in part, and by email in coded format so that it requires two separate and secure processes to identify it. The paper document is shredded in house as soon as the client verifies that the payment has been successfully taken.
It is our policy that data stored electronically be protected from unauthorised access, accidental deletion and malicious hacking attempts. Credit / Debit Card or Bank Account information is never recorded on a Database record.
Data stored on a Database remains without removal unless a Business has expressed a wish to have it removed after any liability to the client has been met. Clients on occasions use our Services where we make a recovery of a Receivable debt on their behalf and it may be that the very same Business continues to trade with that client and again becomes indebted at some future time. The historic information in such instances may be updated and used in connection with the new liability.
The Company DOES NOT provide any third party with information as to its Database records, with the exception of matters requiring County Court action.