Finance and Insurance Products to Meet Your Needs
Website Privacy Policy
1. INTRODUCTION
Please read this Website Privacy Policy carefully as it explains how RCI Financial Services Limited (“RCI Financial Services”) and our related businesses within RCI Group (referred to as “we”, “our” or “us”) uses the personal data that you’ve provided or that we have obtained about you when you visit our website, located at https://www.daciafinanceuk.com/.
The personal data that you provide (referred to as your “information” in this Website Privacy Policy) is data which by itself or with other data available to us, can be used to identify you.
Nissan Finance is a trading name of RCI Financial Services Limited which is part of the RCI Group of companies whose intermediate parent company is RCI Banque SA trading as “RCI Bank and Services” and whose ultimate parent company is Renault SA which is part of the Renault-Nissan-Mitsubishi Alliance and includes RCI Bank UK Limited, as well as your selected vehicle manufacturer’s group companies including Renault UK Limited, Renault UK Limited trading as Dacia, Renault UK Limited trading as Alpine, and Nissan Motor (GB) Limited (all of which comprise the, “RCI Group” or “Group”). The RCI Group therefore includes, RCI Banque SA, RCI Financial Services, RCI Bank UK Limited, our ultimate parent company’s group of companies, the Renault-Nissan-Mitsubishi Alliance and your selected vehicle manufacturer’s group companies and brands. If the RCI Group changes from time to time, we will inform you of any changes. If you would like more information on the companies that make up the RCI Group, please get in touch or go online to www.rcibs.com and group.renault.com.
Where this Privacy Policy refers to your "Dealer", this means the car dealership that has contacted us on your behalf regarding vehicle finance. Please be aware that the Dealer is not part of RCI Financial Services or the RCI Group. Your Dealer may retain your information for its own purposes, for example, to contact you about its products and services. If you would like to know more about how the Dealer may use your information, please ask the Dealer for a copy of its Privacy Notice.
From time to time, we may need to update or amend this Website Privacy Policy. Please check this page occasionally to ensure that you’re happy with any changes. Please see the section Changes to This Policy at section 13 for more information.
Please read this Website Privacy Policy in conjunction with our Customer Privacy Policy, which applies if you apply for finance with RCI Financial Services and become one of our customers.
2. WHAT INFORMATION DO WE COLLECT?
We’ll only process personal data you provide to us in accordance with applicable data protection and privacy laws (as amended from time to time). Whether you become a customer or not, we’ll use your information for the reasons set out below and if you do become a customer, we’ll use it to manage your finance agreement in accordance with our Customer Privacy Policy.
The categories of information we collect about you and the way in which we collect it are as follows:
Personal data you give to us: This is information about you that you voluntarily give to us by entering information via our website https://www.daciafinanceuk.com/, our social media platforms (such as Twitter and Facebook), or when you correspond with us by instant chat, phone, email, or otherwise.
This includes information provided at the time of registering to use our site, contacting us in relation to the services we provide or making an enquiry about our services, requesting further services, and engaging in correspondence with us by phone, email or otherwise.
We may also ask you for information when you report a problem with our website.
We may also collect other information such as information you provide through customer surveys, feedback, complaints and correspondence or communications. Some information is required information, but other information is optional and if you do not want to give it to us, you do not need to. We are always grateful for information you do provide though because this helps us to improve our products and services.
The categories of personal data that may be collected voluntarily includes: title, full name, email address, address, contact telephone number, enquiry details, cardholder and payment details, dates and details of your event, legal information relating to claims made by you or against you, information contained in our correspondence or other communications with you about our services or business (including responses to any surveys), and your marketing preferences.
Personal data we collect about you: We may automatically collect the following information: details of transactions you carry out through our website, and your visits to our website, including, but not limited to, the date and time you used our services, traffic data, location data, weblogs and other communication data, the resources you access, and the number and frequency of your visits. We may also automatically collect technical information, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also collect any personal data which you allow to be shared that is part of your public profile or third party social network.
Personal data we may receive from other sources: We may also receive information from third parties, suppliers and partners about the products and services you have purchased. We may also collect information about you from enquiries we make, including from the searches we do with fraud prevention and credit reference agencies and enquiries we may make internally, or with any other RCI Group company, about your performance of any other agreement you have with us or an RCI Group company.
Before we provide any services to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process your information. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies and may result in other organisations refusing to provide services, financing or employment to you. Please see our Customer Privacy Policy for more details.
3. WHAT DO WE DO WITH THE INFORMATION WE COLLECT?
The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are as follows:
It is necessary for our legitimate interests or that of a third party. This includes:
to help us understand how our website is used and by whom, to research customer demographics, interests, and behaviour, and to assist, enhance and personalise customer experience (including with customised services and to make improvements to our services and website);
creating a profile to offer you tailored products and services for direct marketing purposes;
using ‘list-based’ targeting tools via social media platforms to offer you and like-minded individuals tailored products and services for direct marketing purposes;
making available personalised offers and promotions to you;
identifying trends to develop new products and services;
advising you about the products and services that we provide to you in response to a request about this;
in some cases, we may use automated methods to analyse, combine and evaluate information that you have provided to us (including the sharing of your personal information within our RCI Group of companies as mentioned in this Website Privacy Policy);
collecting and analysing information so that we can deliver the most appropriate customer experience to you by tailoring and making relevant all our service and communications;
preventing fraud, money laundering and other criminal activities, and to verify your identity, in order to protect our business and to comply with laws that apply to us;
for product development, statistical analysis and market research including customer surveys so that we can better understand you as a customer and provide tailored offers, products and services that we think will be of interest to you (we may want to contact you from time to time for market research, however you can ask us not to contact you for this purpose at any time);
providing you with customer support and services, including answering questions and responding to feedback and complaints;
monitoring communications between us (calls, letters, emails and texts) to prevent and detect crime, to protect the security of our communications, systems and procedures, and for quality control and training purposes;
for management and audit of our business operations, including accounting and analysis;
to verify the accuracy of information that we hold about you and create a better understanding of you as our customer;
for network and information security purposes i.e. in order for us to take steps to protect your information against loss, damage, theft or unauthorised access;
to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
for improving our processes, systems, operations and services (including testing) and for business continuity and disaster recovery purposes; and
for the establishment and defence of our legal rights.
It is necessary for compliance with a legal obligation, this includes: when you exercise your legal rights under data protection law, to verify your identity, for the establishment and defence of our legal rights, for activities relating to the prevention, detection and investigation of crime, to conduct credit, fraud prevention and anti-money laundering checks and for compliance with our legal and regulatory responsibilities. We may process your personal information to comply with our other legal requirements.
You have given us your consent to use it for direct marketing communications. Please see Marketing Communications at section 7 below for more information on marketing, including details on how to stop receiving marketing communications. You can change your marketing preference at any time; for email and SMS, please follow the unsubscribe instructions in those communications.
4. DATA ANONYMISATION AND USE OF AGGREGATED INFORMATION
Your information may be converted into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from it. Aggregated data cannot be linked back to you as a natural person. We might pass on this information to companies in our Group for analytical and statistical purposes or to other companies, such as advertisers, to use for our business and research purposes.
5. WHO MAY RECEIVE OR HAVE ACCESS TO YOUR INFORMATION?
We may share your information with:
Companies and consultants providing services to us. Such third parties may include advertising and marketing agencies, mail outsourcing service providers, information technology service providers who provide and maintain our systems, our website host and administrative service providers. Those companies and consultants providing services to us will only use your information to provide those services to us.
Our Dealer network and third party suppliers who fulfil business activities for us. Such third parties may include marketing, advertising, events and market research companies. When we use third party service providers, we only disclose to them any personal data that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
Selected partners who help us to provide you with the information, products and services that you request.
Other members of the RCI Group for purposes set out in this Website Privacy Policy and for product development, statistical analysis and audit purposes.
A purchaser or potential purchaser of our business or otherwise in the event of a merger, acquisition, re-organisation or similar event.
A third party company that may take over your contract so that you can continue with your contract.
A third party involved in the funding, liquidity, capital or treasury and/or related services in relation to your contract with us.
Any associated or connected motor manufacturer from whom we purchase or hire goods (and their group companies), including, without limitation, Renault UK Limited, Renault UK Limited trading as Dacia, Renault UK Limited trading as Alpine, and Nissan Motor (GB) Limited. For example, to handle complaints or provide you with services and information.
Franchise car dealers, including their business partners and when the Dealers opens, closes or moves premises.
Third party insurance and services providers.
Credit reference, identity authentication and fraud prevention agencies to help us make credit decisions and fraud prevention checks (they may also share information about you with us).
The police, fraud prevention and identity authentication entities, other law enforcement agencies, government and tax authorities in the United Kingdom or abroad in order to detect, investigate and prevent crime (please note that fraud prevention agencies may also enable law enforcement agencies to access and use your information to detect, investigate and prevent crime).
The courts in the United Kingdom or abroad as necessary to comply with a legal requirement, for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations.
Our legal and other professional advisors.
Anyone else where you have given consent or as required by law.
Please be aware that we engage third party agencies, who on occasion, may contact customers by post, email, telephone or SMS message on our behalf (for example, to discuss customised offers based on information we hold about you). Any information that you provide to the agency or any requests that you make for further information will be passed onto RCI Financial Services and we will deal with your query. Please be assured that any information you provide to the agency will be kept secure and confidential.
When disclosing your information to third parties, we will always take steps with the aim of ensuring that your privacy rights continue to be protected.
6. COOKIES
Like many other websites, our website uses cookies to obtain an overall view of visitor habits and visitor volumes to our website. 'Cookies' are small pieces of information sent to your computer or device and stored on its hard drive to allow our website to recognise you when you visit.
It is possible to switch off cookies by setting your browser preferences. For more information on how we use cookies and how to switch them off on your device, please visit our Cookies Policy on our website.
7. MARKETING COMMUNICATIONS
We would like to contact you with exciting and relevant information about our promotions, events, information, products and services which may be of interest to you. We may do this by post, email, SMS and/or telephone where you have indicated that you would like to receive marketing information from us in such ways.
You have the right to opt-out of our use of your information to provide marketing to you. For email and SMS, please follow the unsubscribe instructions in those communications. Please see section 11 for further details on your rights.
8. MARKETING AND SOCIAL MEDIA
We may share your information with certain third-party social media platforms for direct marketing purposes to make our products and services more responsive to your interests and/or those of like-minded individuals. We may use your email address on ‘list-based’ targeting tools offered by social media platforms and match you on social media for the purposes of direct marketing. For example, we may aggregate your email address together with the email addresses of other customers that visit our website, hash such data, and transmit the hashed data to Facebook for the purposes of creating “Custom Audiences” (where targeted ads are sent to people on Facebook who have already been on our website). We may also use your email address to build “Lookalike Audiences” based on your characteristics or interests using targeting tools on social media platforms, for example, where targeted ads are sent to people on Facebook who have similar characteristics to people on our Custom Audience list.
You can opt-out of this use of your personal information for targeted ads at any time by contacting us at the details in section 14 and we will take steps to remove your information from our social media marketing lists.
9. WHERE WE STORE YOUR INFORMATION / TRANSFERS TO THIRD COUNTRIES
Sometimes our service providers or other group companies may be located in other countries, in which case we may send your personal information to countries which have different standards of data protection than the UK. We have put in place protections to ensure that your information is always safeguarded.
We store your information on servers located within the UK or European Economic Area (EEA). We may change the location of servers in the future to improve services to you, but we shall always ensure that we put in place protections to ensure that your information is safeguarded. Due to the international nature of our business, there may be some instances where your information is processed or stored outside of the UK and/or EEA. In those instances, we will ensure that appropriate safeguards are in place for that transfer and storage as required by applicable law.
Whenever fraud prevention agencies transfer your information outside of the UK and/or EEA, they impose contractual obligations on the recipients of that information to protect your information to the standard required in the UK and/or EEA. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
10. HOW LONG WE KEEP YOUR INFORMATION
If we collect your information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under applicable laws. We do not retain personal information in an identifiable format for longer than is necessary for the purposes for which we collect it unless we believe that the law requires us to preserve it.
If you have made an enquiry or contacted us (via our website or otherwise) in relation to our services, we will store your information for as long as is reasonably required to deal with your enquiry or query.
If you have signed up to receive email marketing from us, we will store your information for as long as you are subscribed to our email marketing list (even if you are no longer an active customer). If you unsubscribe, we will keep your email address on our suppression list to ensure that we do not send you marketing emails.
If your application for finance is not automatically approved or if your application is accepted but you do not proceed, we keep your information for as long as necessary to deal with any ongoing queries you may have and/or compliance with laws and regulations. If your application is accepted and you proceed, we hold your information for a maximum of 7 years from the date on which your relationship with us ends.
Credit reference agencies will retain the information that we give to them for 6 years after your account is closed. Fraud prevention agencies can hold your information for different periods of time, and if you are considered to pose a fraud or money laundering risk, your information can be held for up to 6 years.
We will not hold your personal information in an identifiable format for any longer than is necessary. We hold your personal information for the periods mentioned to establish, bring or defend legal claims.
The only exceptions to the periods mentioned above are where:
The law requires us to hold your personal information for a longer period, or delete it sooner;
Where you have raised a complaint or concern regarding a product or service offered by us, in which case we will retain your information for a period of 7 years following the date of that complaint or query for the purposes of bringing or defending any legal claims;
You exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or requirement under the law; or
In limited cases, the law permits us to keep your information indefinitely provided we put certain protections in place.
At the end of the retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
11. YOUR RIGHTS
Under data protection laws, you have the following rights in respect of your information:
To be informed about the processing of your personal information (this is what this Website Privacy Policy sets out to do).
To have your information corrected if it’s inaccurate and to have incomplete information completed. If you change your details or you discover that any of the other information that we hold is inaccurate or out of date, please let us know.
To object to processing of your information provided we do not have any continuing lawful reason to continue to use and process the information. When we do rely on our legitimate interests to use your personal information for direct marketing, we will always comply with your right to object. If you would like to do so, please contact us at the details at the end of this policy.
To withdraw your consent at any time where we rely on it to process your information. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can do so using the unsubscribe tool in the communications or by contacting us using the details at the end of this policy. If you withdraw your consent, our use of your information before you withdraw is still lawful.
To restrict processing of your information where you believe it is unlawful for us to do so, provided we do not have any continuing lawful reason to continue to use and process that information;
To have your information erased from our systems by contacting us using the details at the end of this policy, provided we do not have any continuing lawful reason to continue to use and process that information.
To request access to your information and information about how we process it by contacting us using the details at the end of this policy. We may not provide you with a copy of your information if this concerns other individuals or we have another lawful reason to withhold that information.
To move, copy or transfer your information in a structured data file (“data portability”). Where we rely on your consent as the legal basis for processing your information or need to process it in connection with your contract, you may ask us to provide you with a copy of that information in a structured data file.
In certain circumstances, to contest a decision made about you based on automated decision making, including profiling.
You have a number of rights in relation to your personal information as mentioned above under data protection law. In relation to most rights, we will ask you for information to confirm your identity to protect the confidentiality of your personal information and, where applicable, to help us search for your personal information. Except in rare cases, we will respond to you within 30 days after we have received any request (including any identification documents requested).
The way we process your information and the legal basis on which we rely to process it may affect the extent to which these rights apply. If you would like to discuss or exercise any of these rights, please contact us using the details provided below.
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (or other relevant data protection authority) where your information has or is being used in a way that you believe does not comply with data protection laws. Please visit the ICO’s website at www.ico.org.uk for further details. We encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have. You can also contact our Data Protection Officer with any data protection concerns. We’ve included how to contact them in section 14 below.
12. SECURITY
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure of information, we have physical, electronic and managerial procedures in place to keep your information safe.
Our website may contain links to other websites run by other organisations. This policy does not apply to those other websites‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links that we provide. In addition, if you linked to our website from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
13. CHANGES TO THIS POLICY
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website and/or by contacting you by email or post. Any changes will take effect 7 days after the date of our email/letter or the date on which we post the modified terms on our website, whichever is the earlier. We recommend you regularly check for changes and review this policy whenever you visit our website. If you do not agree with any aspect of the updated policy, you must immediately notify us and cease using our website.
This policy was last updated on 4th May 2021.
14. CONTACT US
If you have any specific data protection questions, concerns or a complaint, you can address it to our Data Protection Team using the details below:
Data Controller: RCI Financial Services Limited, Rivers Office Park, Denham Way, Maple Cross, Rickmansworth, WD3 9YS.
Contacting us by post:
Data Protection Officer, RCI Financial Services Limited, Rivers Office Park, Denham Way, Maple Cross, Rickmansworth, WD3 9YS .
Contacting us by phone:
You can call our team on 0345 6056 050. To help us improve our service we may record and monitor calls. Calls are charged at local rate.
Contacting us by email:
dataprotectionofficer-uk@rcibanque.com. When you email us, we collect some personal details like your name, address and phone numbers. Email isn’t 100% secure – so we advise that you keep personal information to a minimum. With this in mind, please don’t transmit account information using email.