Privacy Policy

Your privacy is very important to us. We promise to respect and protect your personal information and try to make sure that your details are accurate and kept up to date. This Privacy Policy sets out details of the information that we may collect from you and how we may use that information. Please take your time to read this Privacy Policy carefully. When using our website, this Privacy Policy should be read alongside the website terms and conditions.

Click on the menu items below to quickly navigate to the individual sections of the Privacy Policy.

  1. About PS&P
  2. Our processing of your personal information
  3. How do we protect your personal information when sending it abroad?
  4. What marketing activities do we carry out?
  5. How long do we keep personal information for?
  6. Automated processing
  7. Your rights
  8. How we protect your information
  9. Contact us
  10. Updates to this Privacy Policy

1. About PS&P

In this Privacy Policy references to “we” or “us” or are to PS&P Limited. We are part of the Outsourcing Inc. group of companies.

In order to provide our services, we will collect and use data about individuals. This means that we are a ‘data controller’ and we are responsible for complying with data protection laws.

We have appointed a data protection officer to oversee our handling of personal information. If you have any questions about how we collect, store or use your personal information, you may contact our data protection officer using the details set out in the contact us section.

2. Our processing of your personal information

The personal information that we collect will depend on our relationship with you. Please look in the section below that best describes your relationship with us.

In this privacy policy, we refer to individuals who we collect debt from as “Customers”.

For example, we will collect more detailed information about you if you are a Customer than we would if you simply made an enquiry about the services that we offer.

Sometimes we will ask for information relating to your health which is known as ‘special categories of information’. When we are carrying out enforcement activities, we are required to determine whether those subject to enforcement action could be regarded as vulnerable. In order to make this determination we may ask you for, or you may volunteer to give us, information about your vulnerability.

If you provide personal information to us about other people you must provide them with a copy of this Privacy Policy and obtain any consent where we indicate that it is required for the processing of that person’s information in accordance with this Privacy Policy.

2.1. Individuals who we collect debt from and carry out enforcement action against.

This section will detail what personal information we collect about you and use if we have been asked to collect debt from you on behalf of our clients.

2.1.1. What personal information will we collect?
  • Name (surname, forename, middle name)
  • Title
  • Age range
  • Deceased date (where applicable)
  • Address
  • Email address
  • Phone number
  • Gender
  • Identity (NI number, Driving Licence number)
  • Business or company name
  • Profession
  • Job title
  • Employment status
  • Employer details (employer name, occupation, office, registered office, start date, salary)
  • Car registration and keeper details
  • Visual and audio images of you through our use of body worn video, vehicle camera and audio recording equipment
  • Council tax band of your address
  • Credit reference data
  • The location of your address or vehicle
  • Financial information such as credit/debit card information
  • Bank details that you have permitted us to use on your behalf
  • Date of birth
  • Information relating to your financial status / solvency
  • Information relating to your debt
  • Any information in client’s notes
  • Details about the property associated with a visit
  • Personal information collected pursuant to the debt collection process
  • Means form information
  • Information obtained from credit and tracing checks including lifestyle information such as whether you are ex-directory, have active credit or do online shopping
  • Information obtained from public sources such as social media profile names
  • Caller line identification
  • Recording of telephone calls
  • Technical information about any visit that you make to our website, including IP address, login information and information about your web browser and operating systems.
2.1.2. What special categories of information will we collect?
  • Information about your physical and mental health, in particular information about any disabilities you may have, illnesses or medical conditions or whether you are pregnant.
2.1.3. How will we collect your personal information?
  • From information provided by our clients when they register a new case with us
  • From third party Credit Reference and Tracing Agencies
  • From public sources such as Google
  • From specialist third parties who we liaise with to carry out our services such as hire purchase information providers, removal companies and auction houses
  • Where we visit your address, from our agents’ body worn video, vehicle camera and audio recording equipment
  • Other parties residing or otherwise present at your property when it is attended by field collectors
  • From information you provide when you register an online account or update your profile on our Customer Portal
  • From our website through the use of cookies.
2.1.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We have a legitimate business need to use your personal information. Such need will cover all activities required to carry out everyday business activities and will include: keeping business records; using your personal information to carry out our debt collection services; ensuring that we have up to date records; management information; statistical analysis; developing and testing our systems; analysing our business; improving the services we offer; carrying out strategic reviews of our business model. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your personal information unless we can demonstrate a legitimate business need.
  • It is necessary to comply with a legal obligation. For example our obligations under the law to protect vulnerable people.
  • We have your consent. Your consent is required for us to process personal information provided by you on our Customer Portal, and to share information with the Money and Pensions Service. You do not have to provide your consent and you can withdraw your consent at any time. You do not have the right to withdraw consent where we are not relying on your consent.

When we use your “special categories of personal information” (such as information about your health), we need to have an additional “legal ground” and we will rely on the following “legal grounds”:

  • That it is in the substantive public interest. Such as where it is necessary under the law in order to protect the interests of vulnerable people.

Please see the table below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processingLegal grounds for using your personal informationLegal grounds for using your special categories of information
To collect debt on behalf of our clientsWe have a legitimate interest to fulfil our contractual obligations to our clientNot applicable
Processing information and evidence about individuals to assess their vulnerabilityIt is necessary to comply with a legal obligationIt is in the substantial public interest to protect the interests of vulnerable people
Recording all call centre and visit interactions with all individuals who we collect debt fromWe have a legitimate interest to have records of all interactions with customers for business records and, to record any incidents with our staff. Recordings will be used to monitor compliance to legislative requirements, Process, the National Standards, Codes of Practice and for any complaints that arise.Not applicable
Taking payment details from customersWe have a legitimate interest to ensure payment can be made in relation to debt we are collectingNot applicable
Storing and processing of previous cases for the purpose of enforcing potential future claimsWe have a legitimate interest to effectively enforce future claims by our clientsNot applicable
Construction of a Single Customer View so that all customer cases can be viewed under a single recordWe have a legitimate interest to collate information in this way to reduce fees for customers and to ensure that customers are not visited multiple times for different casesNot applicable
Augmenting information provided by our clients with information provided from third parties such as credit reference agenciesWe have a legitimate interest to supplement information in this way to avoid disproportionate efforts of having multiple collections for our clientsNot applicable
Augmenting information provided by our clients and third parties with information provided by you on our Customer PortalWe rely on your consent to process this dataNot applicable
Provide individuals with the option to obtain access to independent debt adviceWe rely on your consent to process this dataNot applicable

2.1.5. Who will we share your personal information with?

From time to time, we may share your personal information with companies in the CDER group or with the following third parties for the purposes set out above:

  • Our clients who have instructed us to carry out debt collection from you
  • Self-employed field collectors to assist in delivery of our debt collection services
  • Credit reference and tracing agencies including Experian Ltd, TransUnion International UK Ltd and Equifax Ltd. See links below for their privacy notices:
  • GB Group Plc, Data OD Ltd, UK Search Ltd, Data8 Ltd for tracing, address cleansing and telephone appending
  • Cardstream Limited acting as a credit and debit card payment service provider – see linked privacy notice https://cardstream.com/privacy-policy/
  • Streamline and Verifone for the processing of PDQ payments
  • Adare SEC Ltd for the provision of correspondence and mailing services
  • Google for the geocoding of addresses
  • Esendex for the sending of SMS to get in touch with you, to remind you of payments that are due and to provide receipts of payments made
  • The Police and Courts
  • Legal advisers
  • Other parties residing or otherwise present at your address when it is attended by field collectors
  • Other 3rd parties with whom you have authorised us to discuss your personal circumstances
  • Insurance Companies, in the event of a relevant insurance claim
  • Money And Pensions Service (MAPS) with your consent
  • Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business.
  • Worldpay Limited acting as a credit and debit card payment service provider – see linked privacy notice https://www.worldpay.com/en-gb/privacy

If you would like further information regarding the disclosures of your personal information, please see the contact us section below for our contact details.

2.1.6 Credit and debit card payment service providers we work with

We use credit and debit card payment service providers including Cardstream Limited and Worldpay (UK) Limited to help customers pay debts. When you provide your name and postcode, we will share this with the service provider in order to assist in validating payment. When you provide your card details you interact with the credit or debit card payment service provider, you do so on their terms and conditions and in accordance with their separate privacy policies. We do not control these third-party service providers and are not responsible for their privacy statements. We encourage you to read the privacy policy and terms and conditions of the relevant credit or debit card payment provider to whom you are directed.

2.2. New Occupiers

This section will detail what personal information we collect about you and use if you are a New Occupier of an address that our records indicate was previously occupied by a customer.

2.2.1. What personal information will we collect?
  • Name and address
  • Evidence that you are the current occupier of the address
  • Recording of telephone calls and any information contained in notes of the call
  • Visual and audio images of you through our use of Body Worn Video and audio recording equipment
  • Photos and any information contained in any notes made by our field collectors when they visit your property
  • Technical information about any visit that you make to our website, including IP address, login information and information about your web browser and operating systems
  • New occupier evidence that you send us via post, website forms or email.
2.2.2. What special categories of information will we collect?
  • We do not collect any special categories of information about you.
2.2.3. How will we collect your personal information?
  • From call recordings and where we visit your address, from our field collectors’ body worn video and audio recording equipment
  • From details you provide when sending correspondence or completing a form on our website
  • From our website through our use of cookies.
2.2.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We have a legitimate business need to use your personal information. Such need will cover all activities required to carry out everyday business activities and will include: keeping business records; using your personal information to carry out our debt collection services; ensuring that we have up to date records; management information; statistical analysis; developing and testing our systems; analysing our business; improving the services we offer; carrying out strategic reviews of our business model.

When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your personal information unless we can demonstrate a legitimate business need.

  • Your consent is required for us to process new occupier evidence provided by you via post, email or a form on our website. You do not have to provide your consent and you can withdraw your consent at any time. You do not have the right to withdraw consent where we are not relying on your consent.

Please see the table below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processingLegal grounds for using your personal informationLegal grounds for using your special categories of information
To check that the Customer, from whom we are collecting, on behalf of our Client, is no longer resident at the address occupied by the New Occupier.We have a legitimate interest to ensure that we have accurate and up to date records of customers to ensure that we can properly carry out our services to our clientsNot applicable
Recording all interactions with all New OccupiersWe have a legitimate interest to have records of all interactions with New Occupiers for business records and, to record any incidents with our staff. Recordings will be used to monitor compliance to legislative requirements, Process, the National Standards, Codes of Practice and for any complaints that arise.Not applicable
To check that the Customer, from whom we are collecting, on behalf of our Client, is no longer resident at the address occupied by the New Occupier by reviewing evidence you have sent us via post, email or a form on our websiteWe rely on your consent to process this dataNot applicable
2.2.5. Who will we share your personal information with?

From time to time, we may share your personal information with companies in the CDER group or with the following third parties for the purposes set out above:

  • In limited circumstances, with our clients, in order to resolve complaints.
  • Insurance Companies, in the event of a relevant insurance claim.

If you would like further information regarding the disclosures of your personal information, please see the contact us section below for our contact details.

2.3. Web Site Users

This section will detail what personal information we collect about you and use if you use our website, either browsing or interacting with the website to send us a message or register a complaint.

2.3.1. What personal information will we collect?
  • Any information you may share with us when you visit our website
  • Technical information about any visit that you make to our website, including IP address, login information and information about your web browser and operating systems.
2.3.2. What special categories of information will we collect?
  • We do not collect any special categories of information about you.
2.3.3. How will we collect your personal information?
  • Via our website.
2.3.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

We have a legitimate business need to use your personal information. Such need will cover all activities required to carry out everyday business activities and will include: keeping business records; developing and testing our systems; diagnosing any problems with our website; responding to enquiries; assessing usage of our website; improving the services we offer.

When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your personal information unless we can demonstrate a legitimate business need. Please see the table for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processingLegal grounds for using your personal informationLegal grounds for using your special categories of information
To respond to any enquiries you makeWe have a legitimate interest to respond to all enquiries made on our websiteNot applicable
2.3.5. Who will we share your personal information with?

From time to time, we may share your personal information with companies in the CDER group or with the following third parties for the purposes set out above:

  • No one at this stage.

If you would like further information regarding the disclosures of your personal information, please see the contact us section below for our contact details.

2.4. 3rd Parties

This section details what personal information we collect about you if you are a 3rd party who happens to have be captured by our video and/or audio recording capability.

2.4.1. What personal information will we collect?
  • Visual and audio images of you through our use of Body Worn Video, Vehicle Cameras and audio recording equipment
2.4.2. What special categories of information will we collect?
  • We do not collect any special categories of information about you.
2.4.3. How will we collect your personal information?
  • Where we visit an address where you are present, from our field collectors’ Body Worn Video and audio recording equipment.
  • Our vehicles may be equipped with both internal and external cameras which may capture footage of you.
2.4.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

We have a legitimate business need to use your personal information. Such need will cover all activities required to carry out everyday business activities and will include: keeping business records.

When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your personal information unless we can demonstrate a legitimate business need. Please see the table below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processingLegal grounds for using your personal informationLegal grounds for using your special categories of information
Recording all interactions during a visitWe have a legitimate interest to have records of all interactions during a visit for business records and, to record any incidents with our staff. Recordings will be used to monitor compliance to legislative requirements, process, Codes of Practice and for any complaints that arise.Not applicable
In the event of a Road Traffic accidentWe have a legitimate interest to have records when a Road Traffic accident occurs so that we can provide evidence where required.Not applicable
In the event of a complaint or insurance claimWe have a legitimate interest to have records of interactions with a 3rd parties as these may give rise to complaints or insurance claims.Not applicable
Sharing your personal data with the police and insurance companies where necessaryWe have a legitimate interest [or have a legal obligation] to share recordings with the police and Insurance companies where an investigation deems this to be necessary.Not applicable
2.4.5. Who will we share your personal information with?

From time to time, we may share your personal information with companies in the CDER group or with the following third parties for the purposes set out above:

  • In limited circumstances, with our clients, in order to resolve complaints
  • The Police and Courts
  • Insurance Companies, in the event of a relevant insurance claim

If you would like further information regarding the disclosures of your personal information, please see the contact us section below for our contact details.

3. How do we protect your personal information when sending it abroad?

We do not send your personal information outside of the EEA. In the event that this changes, we will notify you.

4. What marketing activities do we carry out?

We do not perform any marketing activities that use your personal information.

5. How long do we keep personal information for?

We will only keep your personal information for as long as reasonably necessary to fulfil the purposes set out in section 2 above and to comply with our legal and regulatory obligations.

Our Customers: All customer data in all datastores (with the exception of Body Worn Video (BWV) footage) will be scheduled for deletion 6 years after the year in which the customers last case is returned to the client. This means that customer data older than the 6-year threshold will be retained where there is a live case or there has been a live case within the last 7 years (i.e. 6 years plus the year in which the last customer case was returned).

BWV recordings of visit interactions will be deleted 1 year after the date on which the recording was made unless the case is subject to investigation or complaint at this point. In these circumstances BWV footage will be deleted 1 year after the year in which the complaint/investigation is closed.

Vehicle camera recordings will be deleted after 60 days from date on which the recording was made unless the case is subject to investigation or complaint at this point. In these circumstances footage will be deleted 1 year after the year in which the complaint/investigation is closed.

Where we receive vulnerability evidence which contains your personal information, that evidence will be assessed by our back-office team and all photos or scanned documents will be deleted the next working day.

New Occupiers: where we receive evidence, which contains your personal information, that evidence will be assessed by our back-office team and all photos or scanned documents will be deleted 2 working days after completion of the assessment.

For further information regarding how long your personal information will be kept, please see the “Contact us” section.

6. Automated processing

We currently undertake some automated processing of your personal information in order to inform our businesses practices, such as comparing your personal information against trends or other data subjects with similar characteristics. None of this processing results in any legal or similar decision making in respect of you.

7. Your rights

You have a number of data protection rights which entitle you to request information about your personal information, to dictate what we do with it or to stop us using it in certain ways.

If you wish to exercise the rights set out below, please contact us at any time using the details set out in section 9. There will not normally be a charge for this.

We respect your rights in relation to personal information we hold about you, however we cannot always comply with your requests. For example we may not be able to delete your information if we are required by law to keep it for a longer period of time or if should we delete your information we would not have the necessary information we need in order to fulfil the purpose for which it was collected.

Your rights include:

  • The right to access your personal information

You can request a copy of the personal information we hold about you and certain details of how we use it.

Unless requested otherwise, your personal information will be provided to you by electronic means. If we do not hold an email address the information will be sent by post.

  • The right to rectification

We make reasonable efforts to keep your personal information where necessary up to date, complete and accurate. We encourage you to ensure that your personal information is accurate so please regularly let us know if you believe that the information we hold about you may be inaccurate or incomplete. We will correct and amend any such personal information and notify any third party recipients of necessary changes.

  • The right to erasure

You can request that we delete your personal information. For example, where we no longer need your personal information for the original purpose we collected it.

Whilst we will assess every request, this request is subject to legal and regulatory requirements that we are required to comply with.

  • The right to restriction of processing

Subject to the circumstances in which you exercise this right, you can request that we stop using your personal information, such as where you believe that we no longer need to use your personal information.

  • The right to data portability

Subject to the circumstances in which you exercise this right, you can request that we port across personal information you have provided to us to a third party in a commonly used and machine-readable format.

  • The right to object to marketing

We do not carry out any marketing activities using your personal information.

  • The right to object to processing

In certain circumstances, where we only process your personal data because we have a legitimate business need to do so, you have the right to object to our processing of your personal data.

  • Rights relating to automated decision-making

We do not currently carry out any automated decision-making. In the event that this changes, we will notify you and inform you about your rights relating to automated decision-making.

  • The right to withdraw consent

We do not rely on your consent to process personal information obtained from other sources, for example our client when they refer your debt to us for collection.

If you have provided us with additional information on our Customer Portal you may withdraw your consent for us to process this information at any time.

  • The right to lodge a complaint with the ICO

You have a right to complain to the Information Commissioner’s Office if you believe that any use of your personal information by us is in breach of applicable data protection laws and/or regulations. More information can be found on the Information Commissioner’s Office website: https://ico.org.uk. This will not affect any other legal rights or remedies that you have.

8. How we protect your information

We will use all reasonable efforts to safeguard your personal data. We have put in place strict physical, electronic and managerial procedures to safeguard and secure the information we collect.

We put in place confidentiality clauses or confidentiality agreements (including data protection obligations) with our third party service providers.

If you would like more information on how we protect your information please contact us using the details below.

9. Contact us

You may contact our data protection officer if you have any questions about how we collect, store or use your personal information:

Data Protection Officer
PS&P Limited
9th Floor, Peninsular House
Monument Street
London EC3R 8LJ
dpo@psandp.co.uk

10. Updates to this Privacy Policy

We may need to make changes to this Privacy Policy periodically, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. Our most up to date Privacy Policy will always be shown on our website and will be signposted in all of our communications.

This Privacy Policy (version 18) was last updated on: 19 June 2024.