This is the Privacy Notice for Mortgage Evolution Ltd.
The purpose of this notice is to inform you about how and why your personal data is used so that we are as transparent as we possibly can, and to ensure that you are aware of your rights under UK data protection legislation.
Mortgage Evolution Ltd, is a company registered with Companies House under registration 12358806 and with the ICO under registration ZA626736.
Our postal address is 10a High Street, Chislehurst, Kent, England, BR7 5AN. You can contact us at firstname.lastname@example.org or on 0203 393 3610.
The purpose for processing your data and our basis for doing so.
Mortgage Evolution is a data controller and we process personal data so we can provide mortgage and insurance advice services to clients and to engage with prospective clients and partners.
In processing your data, we must establish our legal basis for doing so and the legal basis can be different depending on circumstances in which we process it. References to the basis of processing e.g.,"(Article. 6.1.f)" are a reference to the article of the UK General Data Protection Regulation under which we undertake the processing in question.
If you are a client, we will hold the following information about you:
We process this information so we can provide you with advice about the most suitable mortgage or insurance product, invoice you as well as maintain our communication with you. Our legal basis for doing this is Article 6.1.b – performance of a contract, this is necessary to deliver the service to you.
We will process your personal data to enable us and our mortgage and insurance providers to perform affordability and due diligence checks on you. This will require you to produce documentary evidence. We will also collect data about your financial position, residential and employment status. This allows and our providers to perform the requirements of the UK’s anti-money laundering legislation as well as comply with the requirements of the Financial Conduct Authority. Our legal basis for doing this is Article 6.1.c – compliance with a legal obligation.
Where we require your data in the pursuance of a contract, if you fail to provide that data, we will not be able to provide you with our products or enter into a commercial agreement.
We will process your personal data for the purposes of marketing as we would want to send you occasional updates on our services. As existing clients, we can do this lawfully without consent as allowed by the Privacy and Electronic Communications Regulations 2003 (amended). You can ask us to stop sending you communications at any time.
Recipients of your data
As a general principle, we will not transfer your personal data to other recipients without your permission. There are some exceptions to this:
Data processed by third parties on our behalf
We use the services of other organisations in the processing your data. We use a cloud-based CRM platform and data is resident in the EU by virtue of the UK / EU agreement. We also use a cloud-based email and document storage platform, and this data is held in the UK. We utilise the Zoom video conference platform to conduct remote interviews and meetings.
Those organisations that process personal data on our behalf are subject to a data processing contract as required by Article 28 of the UK GPDR. This ensures that your data is handled in accordance with the UK GPDR.
Transferring your data outside of the UK
We do not transfer or process data outside the UK unless the processor we use requires it. If your data is sent out of the UK, we ensure that there are approved mechanisms to do so under Article 46 UK GDPR, such as adequacy decisions, standard contractual clauses or in exceptional circumstances, derogations.
We will retain your data only for the time we require it for the purposes stated and / or where we have a legal obligation or other legitimate purpose. We use the criteria set out by the Financial Conduct Authority to identify how long we must retain personal data. This could range from 3 to 10 years or more, depending on the product provided.
Automated Decision Making
Mortgage Evolution does not make lending decisions solely by automated means.
The UK GDPR requires us to implement technical and organisational measures to protect your data. This means our IT systems are protected by anti-virus and anti-malware software. We use Transport Layer Security (TLS, also known as SSL) to encrypt any data you supply to us through our website.
The UK GDPR provides you with several rights in relation to the data of your we process. The rights relevant to our activities are:
If you want to exercise any of these rights, contact us on the above email address.
You also have the right to lodge a complaint about our processing with a supervisory authority — the UK's Information Commissioner's Office:
Information Commissioner's Office
Telephone: 0303 123 1113
Copyright © 2021 Mortgage Evolution, all rights reserved. Mortgage Evolution Ltd is registered in England and Wales (Companies House registration number 12358806). Mortgage Evolution Ltd (FCA 920652) is an appointed representative of Paxton UK Ltd, which is authorised and regulated by the Financial Conduct Authority (FCA 300341).
Think carefully before securing other debts against your home. Your home may be repossessed if you do not keep up repayments on a mortgage or any other debt secured on it.