When we refer to our website we are referring to any website in the domain shrewsburymortgage.co.uk and the website www.shrewsburymortgage.co.uk.
What are cookies?
Cookies are one of the building blocks of most websites for enhancing the user experience of the website visitor. These small text files on users’ computers allow websites to store information.
Cookies can allow websites to remember that a user is logged in, what they have added to their shopping basket and the current ‘state’ of a webpage. They are also used to produce targeted advertising based on users’ behaviour and assist statistics packages such as Google Analytics.
We use them to remember that you are logged in after you enter your username and password and then navigate to a different page. They also enable us to generate statistics about the number of visitors we have and how they use our websites and the internet – this allows us to constantly improve our website and services.
You can set your browser to reject our cookies if you wish, but this might restrict your use of our and other websites. For instructions on deleting or controlling cookies please consult your browser help section or see http://www.allaboutcookies.org.
Definition of cookies and their function
i. Session cookies
These are temporary cookie files, which are erased when you close your browser. They are used to store your browsing information while you are using Our websites and will be active until you leave the website and close your browser.
ii. Persistent cookies
Persistent cookies help Us remember your information and settings for any future visits. This results in faster and more convenient access. On your first visit, the website is presented in default mode. During your visit, you select your preferences and these preferences are remembered, through the use of the persistent cookie, for the next time you visit the website. A persistent cookie enables a website to remember you on subsequent visits, speeding up or enhancing your experience of services or functions offered.
iii. CMS specific – session cookies
iv. CMS specific – persistent cookies
These types of cookies are placed by our content management software (CMS) to remember your display preferences.
v. Google Analytics (3rd party) cookies
These cookies are used to collect information about how visitors use Our websites. We use the information to compile reports and to help improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.
An overview of privacy at Google can be found here http://www.google.com/analytics/learn/privacy.html
vii. Third party cookies
To improve your experience of using Our website, We sometimes embed content or functionality from third party websites. Pages with this embedded content may present cookies from these websites. We do not control the dissemination of these cookies. You should check the relevant third party website for more information about these. Examples of such third party cookies are:
YouTube: Clicking on an embedded YouTube video may set a cookie on your computer, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page.
We are firmly committed to respecting your privacy and complying with applicable data protection and privacy laws.
We wish to help you make informed decisions, so please take a few moments to read the sections below and learn how we use your personal information.
Personal information collection
We endeavour to collect and use your personal information only with your knowledge and consent.
On our website, we may collect your personal information for the following purposes:
• Product & Services Sales
• General Enquiries
The type of personal information we collect could include, for example, your name and postal address, date of birth, telephone number, email address or other general information.
We will not process any personal data collected through the website unless we have first told you that we are going to do so, and it is clear how we will use it.
Non-Personal Information Collection
We may collect information about the software on your computer (your browser version etc.) and your IP address (your connection with the internet) in order to improve your interaction with the Website. This may happen automatically without you being aware of it.
Cookies also enable us to generate statistics about the number of visitors we have and how they use the website and the internet to improve the service we provide. You can set your browser to reject our cookies if you wish (you should consult your browser help section for details), but this might restrict your use of the website and other websites. For more information about cookies, please see our cookies statement.
How will we use your information?
The lawful bases for processing data are set out in Article 6 of the General Data Protection Regulation (GDPR). The processing of your personal data is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
We use personal data for the following purposes:
• Processing orders.
• Managing or administering your account.
• To provide you with the services you have requested through the website.
• Responding to complaints or account enquiries.
• To respond to requests for information submitted by you on the website.
• For research purposes and to improve the services we offer.
• In order to comply with our legal and regulatory obligations.
• In order to protect our contractual and other rights. For example, we may pass your details onto a third party should we believe that you have used another person’s credit card fraudulently.
• Share it with 3rd parties (Lenders & Insurance companies) for the purpose of arranging a mortgage or protection contract
Disclosure of Your Personal Data
AFP Shrewsbury will not use client’s data for any purpose other than to process, maintain & manage the mortgage or insurance contract for which the data was obtained. We will not sell or pass your personal information to third parties, unless you have given us permission or unless it is strictly necessary to deliver products or services ordered or used by you and you are notified beforehand.
For example, we may disclose your data to a credit card company to validate your credit card details and obtain payment when you buy a product or service.
We may be obliged to disclose personal data to a third party if we have a legal or regulatory obligation to do so, for example to comply with a court order, or meet obligations in accordance with applicable law.
Social media, blogs, reviews
Any social media posts or comments you send to us (on our Facebook page, for instance) will be shared under the terms of the relevant social media platform (e.g. Facebook / Twitter) on which they are written and could be made public.
Other people, not us, control these platforms. We are not responsible for this kind of sharing. We recommend you should review the terms and conditions and privacy policies of the social media platforms you use. That way, you will understand how they will use your information, what information relating to you they will place in the public domain, and how you can stop them from doing so if you are unhappy about it.
Any blog, review or other posts or comments you make about us, our products and services on any of our blogs, reviews or user community services will be shared with all other members of that service and the public at large.
Any comments you make on these services and on social media in general must be not offensive, insulting or defamatory. You are responsible for ensuring that any comments you make comply with any relevant policy on acceptable use of those services.
How long do we keep your information for?
To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we actually need it for the purposes we acquired it for in the first place.
In most cases, this means we will keep your information for as long as you continue to use our services and are deemed a client, and for a reasonable period of time afterwards if you stop doing so, to meet out regulatory obligations.
After that we will delete it other than where we lawfully can keep any data for audit, regulatory or legal reasons.
Requesting removal of your information
You can write to us at any time to request removal of the personal information we may hold about you. Please write to: firstname.lastname@example.org or the Data Protection Officer, AFP Shrewsbury, Windsor House, Windsor Place, Shrewsbury, Shropshire, SY1 2BY.
Any removal will be subject our regulatory requirements
We will not make any charge for removing any personal information we hold about you.
We may take reasonable steps to confirm your identity before removing the personal information we may hold about you, this is for your security.
Access to your information
You can write to us at any time to obtain details of the personal information We may hold about you. Please write to: email@example.com or the Data Protection Officer, AFP Shrewsbury, Windsor House, Windsor Place, Shrewsbury, Shropshire, SY1 2BY.
Please quote your name and address together with your account number, if relevant. We would be grateful if could also provide brief details of what information you want a copy of – this will help us to more readily locate your information.
We will not make any charge for providing you with a copy of the personal information we hold about you.
We will take all reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.
We recognise that people are becoming increasingly concerned about how companies protect personal information from misuse and abuse and about privacy in general.
All personal data that you supply us with from our website is stored on servers provided by our hosting provider. We understand that our hosting provider (SIRUSS Ltd) only employs servers sited in data centres that have the highest level of security accreditation at the time of implementation. For your protection, we never store any payment details and where possible we store personal data such as passwords, encrypted.
We use industry standard TLS certificates to provide encryption of data in transit, for example, all access to our website is covered by HTTPS.
Please also be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the World Wide Web/Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy. The Information Commissioner’s website is https://ico.org.uk/.