Careers with the Think Money Group of Companies

Think Money Group Logo

Privacy Policy

The Think Money Group of companies, which includes the companies listed below (collectively referred to as “us”, “we”, “our” or “the Group”) are committed to protecting the privacy and security of your personal information.

  • All About Money Limited (trading as think2claim)
  • Freeman Jones Limited
  • Gregory Pennington Limited
  • Ideal Finance Limited
  • Intelligent Lending Limited (trading as Ocean and Ocean Finance)
  • Think Insure Limited
  • Think Money Limited
  • Think Money Group Limited
  • Wilson Andrews Limited

This privacy policy describes how we collect and use personal information about you during and after your working relationship with us, in accordance with the General Data Protection Regulations (GDPR).

This privacy policy applies to potential, current and former employees, workers and contractors. This notice does not form any part of any contract of employment or other contract to provide services.

If you have any questions about how we may use your personal information you can contact us using the details below or speak to your manager.

HR Manager
Think Money Group
Think Park
Mosley Road
Trafford Park
Manchester
M17 1FQ

Email:[email protected]

It is important that you read and retain this privacy policy, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information and what your rights are under the data protection legislation.

Date last updated: 24/05/2018

  • 1. What personal information do we collect?

    We will collect, store, and use the following categories of personal information about you:

    • Personal contact details such as name, title, address, telephone numbers and personal email addresses
    • Date of birth
    • Gender
    • Marital Status and dependants
    • Next of kin and emergency contact information
    • National Insurance number
    • Bank account details, payroll records and tax status information
    • Salary, annual leave, pension and benefits information
    • Start date and, if different, the date of your continuous employment
    • Leaving date and your reason for leaving
    • Location of employment or workplace
    • Copy of driving licence (for ID purposes or if your role requires this)
    • Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process)
    • Employment records (including job titles, work history, working hours, holidays, training records and professional memberships)
    • Compensation history
    • Performance information
    • Disciplinary and grievance information
    • CCTV footage and other information obtained through electronic means such as swipe card records
    • Information about your use of our information and communications systems
    • Photographs
    • Results of HMRC employment status check, details of your interest in and connection with the intermediary through which your services are supplied
    • Information from fraud prevention agencies

    We may also collect, store and use the following “special categories” of more sensitive personal information:

    • Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions
    • Trade union membership
    • Information about your health, including any medical condition, health and sickness records, including:
      • records relating to the decision to leave employment, where the reason for leaving is determined to be ill-health and where the records are also needed for pensions and permanent health insurance purposes;
      • details of any absences (other than holidays) from work including time on statutory maternity or parental leave and sick leave; and
      • occupational health records or where reasonable adjustments may be required.
    • Genetic information and biometric data
    • Information about criminal convictions and offences

    Processing special categories of information requires a higher level of protection.

  • 2. Information about criminal convictions

    We may only use information relating to criminal convictions where the law allows us to do so. This will usually be where such processing is necessary to carry out obligations and provided we do so in line with our data protection policy.

    We will only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally able to do so. Where appropriate, we will collect information about criminal convictions as part of the recruitment process or we may be notified of such information directly by you in the course of you working for us.

    We are allowed to use your personal information in this way to carry out our legal obligations for employee vetting requirements. We have in place an appropriate policy and safeguards which we are required by law to maintain when processing such data.

  • 3. How we use your personal information?

    We can only use your personal information where it falls into one or more of the following categories:

    • it is necessary to fulfil a contract we have with you;
    • you have provided your consent;
    • we have a legal or regulatory obligation to do so;
    • it is necessary to carry out a task which is in the public interest;
    • it is necessary to protect your vital interests; or
    • it is in our legitimate interest to do so and it is not against your rights.

    The table below sets out how we will use your personal information and under what lawful basis.

    If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit), or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our employees).

  • 4. How we use special categories of personal information

    We will use special categories of personal information in the following ways:

    • We will use information relating to leaves of absence, which may include sickness absence or family related absences, to comply with employment and other laws.
    • We will use information about your physical or mental health, or disability status, to ensure your health and safety in the workplace and to assess your fitness to work, to provide appropriate workplace adjustments, to monitor and manage sickness absence and to administer benefits including statutory maternity pay, statutory sick pay, pensions and permanent health insurance.

    Do we need your consent?

    We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations or exercise specific rights in the field of employment law. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.

  • 5. Who we may share your personal information with

    We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so. This may include the following types of organisations:

    • IT Service Providers who provide technology platforms or other IT services.
    • Banks and finance companies and insurers that process payroll, pension contributions and any other payments or deductions made before, during or after the termination of employment
    • HMRC for tax purposes
    • Child Support Agency, where required to do so for any investigations or Attachment of Earnings Orders
    • Communication providers (e.g. telephone line providers and email and text service providers).
    • Printers who print the letters and information packs which we may send to you.
    • Third parties who may have introduced you to our company e.g. recruiters.
    • Benefit Scheme providers who provide our employees with benefits during the course of their employment.
    • Credit Reference Agencies
    • Regulators

    These companies help us to provide our services to you. We will have a contract in place with any provider who directly provides us with such services to ensure that they comply with their data protection obligations and ensure that they have appropriate security measures in place.

    We may also share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. In this situation we will, so far as possible, share anonymized data with the other parties before the transaction completes. Once the transaction is completed, we will share your personal data with the other parties if and to the extent required under the terms of the transaction.

    We may also need to share your personal information with a regulator or to otherwise comply with the law. This may include making returns to HMRC, disclosures to our regulators such as the Financial Conduct authority or the Information Commissioner’s Office, and disclosures to shareholders such as directors’ remuneration reporting requirements.

  • 6. Automated Decision Making

    An automated decision is one which we rely on a computer or system to assess the information you provide to us to make a decision about you. This may include:

    • detecting any fraudulent activity which may be taking place, or there is a risk that it could take place
    • checking identity and residency statuses

    You will not be subject to decisions that will have a significant impact on you based solely on automated decision making, unless we have a lawful basis for doing so and we have notified you.

  • 7. Credit Reference Agencies

    When you apply for a roles with the Group, and during the course of your employment we carry out identity checks, and for some roles within the Group we also carry out credit checks. We will share your personal information with Credit Reference Agencies (CRAs) and they will give us information about you. The data we may exchange can include:

    • Name, address (including previous addresses) and date of birth
    • Credit applications and details of any shared credit
    • Financial situation and history
    • Fraud prevention information
    • Public information, from sources such as the Electoral Register and Companies House

    This information will be used to verify your identity and assess your suitability for the role.

    For further information on how CRAs may use your personal information you can view the credit reference agency information notice here or from the three main cras – callcredit; equifax; and experian.

  • 8. Using Fraud Prevention Agencies

    General

    1. We will check your details against the Cifas databases established for the purposes of allowing organisations to record and share data on their fraud cases, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct (“Relevant Conduct”) carried out by their staff and potential staff. “Staff” means an individual engaged as an employee, director, trainee, homeworker, consultant, contractor, temporary or agency worker, or self-employed individual, whether full or part time or for a fixed-term.
    2. The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and other Relevant Conduct and to verify your identity.
    3. Details of the personal information that will be processed include: name, address, date of birth, and maiden or previous name, contact details, document references, National Insurance Number, and nationality. Where relevant, other data including employment details will also be processed.
    4. We and Cifas may also enable law enforcement agencies to access and use your personal data to detect, investigate, and prevent crime.
    5. We process your personal data on the basis that we have a legitimate interest in preventing fraud and other Relevant Conduct, and to verify identity, in order to protect our business and customers and to comply with laws that apply to us. This processing of your personal data is also a requirement of your engagement with us.
    6. Cifas will hold your personal information for up to six years if you are considered to pose a fraud or Relevant Conduct risk.

    Consequences of Processing

    1. Should our investigations identify fraud or any other Relevant Conduct by you when applying for or during the course of your engagement with us, your new engagement may be refused or your existing engagement may be terminated or other disciplinary action taken (subject to your rights under your existing contract and under employment law generally).

    Data Transfers

    1. A record of any fraudulent or other Relevant Conduct by you will be retained by Cifas and may result in others refusing to employ you. If you have any questions about this, please contact us.
    2. Should Cifas decide to transfer your personal data outside of the European Economic Area, they will impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.

    Your Rights

    1. Your personal data is protected by legal rights. Further information on your rights can be found in Section 11
    2. You also have the right to complain to the Information Commissioner’s Office which regulates the processing of personal data. Further information can be found in Section 14
  • 9. Sharing your information outside of the EEA

    We will only share your personal information outside the European Economic Area (EEA), where we have your consent; to comply with a legal obligation; or where we work with a business partner who provides services to us, and they process information outside of the EEA.

    If we do share your information outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA to ensure appropriate safeguards are in place. This may include putting in place a contract with the business partner that means they must protect the personal data to the same standards as the EEA (this may include defined model clauses), or only share the data to a business partner in a non-EEA country where the privacy laws provide the same protection as within the EEA or where they are part of a Privacy Shield.

    More information on this can be found on the European Commission Justice Website.

  • 10. Security

    We take the protection of personal information very seriously, and we will maintain appropriate measures to maintain the confidentiality, integrity and availability of the information you have provided. Such measures include:

    • Company security policies and standards.
    • Staff security awareness.
    • Role-based access controls to prevent unauthorised access to the information.
    • Encryption and anonymisation technology.
    • Anti-malware technologies.
    • Security monitoring.
    • Security testing.
    • Secure archiving and deletion.
    • Compliance with industry regulation and legislation.
  • 11. Your Rights

    Access to your personal information

    You have the right to request from us a copy of the personal information that we may hold about you. This is often called a “Data Subject Access Request”. You can request this information by contacting us as set out below.

    Before providing this information to you or to another person or company where you have requested this personal information to be sent to, we may ask for proof of identity or ask sufficient questions to enable us to locate the information and ensure that we’re only providing it where you have given your agreement.

    Right to have your personal information corrected

    If the personal information we hold about you is incorrect, you have the right to request that we correct this.

    Right to stop or limit the processing of the information we carry out

    You may request that we stop processing the information if we’re no longer entitled to process it. There may be occasions where we are unable to delete the information due to our legal or regulatory obligations. We will, however, discuss this with you if you request for your information to be deleted.

    Right to object to processing

    You have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

    Right to request your personal information be deleted

    In some circumstances you may request for us to delete or remove personal information where there is no good reason for us to continue to process it, for example, we have no legal or regulatory requirement to keep the information.

    Right to transfer your personal information

    In some cases, you may be able to request for your information to be provided to yourself or another party in a format that can be processed electronically by yourself or the other party. If you want to request this, you’ll need to contact us.

  • 12. How long do we keep your personal information for?

    We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

    If you apply for a role within the Group but were either unsuccessful or decided not to take the position, in most cases your personal information will be retained for at least six months from when the application was made, unless you agree for us to keep this information for longer.

    If you become an employee, worker or contractor of the Group your personal information will be retained for at least six years, starting from the date your employment ceases. You can find more information on the retention and deletion of personal data in our Data Retention Standards which is available on the Group Intranet.

    To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

    In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

  • 13. Recording calls

    We will record any telephone calls made to or from the Group, which may include calls you make in the course of your employment. This is for training, monitoring and quality purposes and to meet our legal and regulatory obligations. Some telephone calls may be observed by staff for training and development purposes.

    We may keep a copy of the telephone calls for at least six years from the date the telephone call was made.

  • 14. Contact us

    If you have any questions or queries about how we use your personal information you can contact us or our Data Protection Officer using the address or email below:

    Data Protection Officer
    Think Park

    Mosely Road
    Trafford Park
    Manchester
    M17 1FQ

    Email: [email protected]

    If you are not happy with how we process your personal information you should contact us. If you’re not happy with how we have dealt with your complaint, you have the right to make a complaint with the Information Commissioner’s Office. You can find their details on their website at https://ico.org.uk/.

  • 15. Updates to this privacy policy

    Any updates to this privacy policy will be found on this page. If we make *-any important or significant changes to the way we may collect and use your personal information we will endeavour to notify you of this change as soon as reasonably practical.

  • 16. Cookies

    When using this website, some information may be collected automatically using 'cookies'. These are small text files that facilitate the processing of your data and enable us to analyse how the website is being used. Cookies can be temporary or permanent.

    Temporary cookies form part of the security process while you are using the website; permanent cookies identify the link you used to find our website, check your browser so that we can make sure that our website and services work well with your computer and to help us monitor traffic on our website.

    Why are cookies used?

    They help visitors. Cookies allow sites to do things like provide personalised content and remember their log-in details and settings. You can turn them off - this won't stop a website from working, but it might mean it won't work as well as it could, or that you have to do the same thing more than once.

    They help website owners. Cookies tell website owners things like: what search engine a visitor used to find the website, how often they've visited it, how long they've spent on it, and so on.

    We've set out below the cookies that we may use and those that are set by third parties on our website.

    Except for essential cookies, all cookies will expire after 10 years.



    Disabling/Enabling Cookies

    You have the ability to accept or decline cookies by modifying the settings on your browser and by clicking on the disable button below. Please remember though that disabling certain cookies may affect the functionality of our website.

    Cookies are enabled

    If you are using Microsoft Windows Explorer:

    • Open 'Windows Explorer'
    • Click on the 'Search' button on the tool bar
    • Type 'cookie' into the search box for 'Folders and Files'
    • Select 'My computer' in the 'Look In' box
    • Click 'Search Now'
    • Double click on the folders that are found
    • 'Select' any cookie file
    • Use the 'Delete' button on your keyboard

    If you are not using Microsoft Windows Explorer, then you should select 'cookies' in the 'Help' function for information on where to find your cookie folder.

    We do not pass on, or sell cookies to any other companies. Further information on the use of and managing cookies can be found at http://www.allaboutcookies.org.

  • We're social