Introduction and Purpose
This notice sets out how NewDay Compliance (trading name of MKR Associates Ltd – 10345782) uses and protects any information that you give us when you use this website. For simplicity throughout this notice, ‘we’ and ‘us’ means NewDay Compliance.
We are committed to ensuring that your privacy is protected. Most of the information we collect and use will be about your business or your firm, but in the course of providing you or your firm with our services, we will also process information that is commonly known as being personal data.
This notice describes how we collect, use, share, retain and safeguard personal data. This notice also sets out your individual rights and who you should contact if wishing to discuss the use of your data.
NewDay Compliance may change this policy occasionally by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
Please read this Privacy Notice carefully. By visiting our website or using any of our services, you indicate your agreement to our use of your personal information as set out in this Privacy Notice.
Controller and Processor
NewDay Compliance is a boutique consultancy focussed on providing tailored regulatory and compliance support services to Lenders (Mortgage and Consumer Credit), Administrators and Brokers on regulatory transactions, which includes authorisations, change of control, variation of permissions, cancellation and ongoing compliance.
We are registered with the Information Commissioner’s Office under registration number ZA318880.
The legal bases we rely on
The law on data protection sets out a number of different reasons for collecting and processing your personal data, including:
- Consent: In specific situations, we collect and process your data with your consent. For example, when you tick a box to receive email newsletters.
- Contractual obligations: In certain circumstances, we need your personal data to comply with our contractual obligations. For example, if you instruct us to manage your FCA authorisation application then we will collect the necessary information to provide the service.
- Legitimate interests: in specific situations, we require your data to pursue our legitimate business interests in a way which might reasonably be expected as part of running our business. We make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
If you have any concerns about this processing, you have the right to object to processing that is based on our legitimate interests. You can do that by contacting us using one of the options in the ‘How To Contact Us’ section.
How we collect your personal data
Under General Data Protection Regulation (GDPR) personal information is defined as “any information relating to an identified or identifiable natural person”. Personal data, or personal information means any information about an individual, from which that person can be identified. We collect personal data, or personal information, directly from you, for example when you:
- Visit any of our websites, and complete a form;
- Contact us by any means to enquire about us, our services etc.
- Engage with one of our marketing emails or on social media.
- Engage us to provide services;
- Subscribe to our services;
Other data controllers (including our clients) may also provide your personal data to us.
The personal data we collect
The different types of personal data we may collect about you could include:
- Identity Data: includes your title, full name and maiden name if applicable, date of birth, sex, marital status, passport, driving licence data or other identity card;
- Contact Data: includes email address, telephone numbers and home address;
- Financial Data: includes bank account details and related information;
- Transaction Data: includes details about payments to and from you and other details of products and services you have purchased from us;
- Usage Data: includes information about how you use our website, products and services;
- Recruitment Data.
How information is used
We may use your information in the following ways:
- To provide compliance advice and to answer your specific questions;
- Carry out our obligations arising from any contracts entered into by you and us;
- To fulfil our legal and regulatory obligations;
- Seek your views or comments on the services we provide;
- Notify you of changes to our services;
- Send you communications which you have requested and that may be of interest;
- Process a job application;
- For marketing purposes and based on ‘Legitimate Interests’. You are free to opt out of at any time;
- For other legitimate business purposes.
If you wish to change how we use your data, you’ll find details in the ‘Your Rights’ section below. Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.
Retention period for using your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, regulatory or reporting requirements. To determine the appropriate retention period for personal data, we consider:
- the amount, nature, and sensitivity of the data;
- the potential risk of harm from unauthorised use or disclosure of the data;
- the purposes for which we process the data; and
- the applicable legal requirements.
Personal data will generally not be held for more than six years after the end of the relationship/appointment, unless otherwise prescribed by law or regulation.
How we share your information
We do not sell or distribute your personal data for commercial gain. We may process your personal data without your knowledge where this is required or permitted by law.
We may have to share your personal data with
- Trusted third party service providers;
- Our auditors, insurers or regulatory bodies;
- Our mutual clients, whom you have given permission for us to share your data with;
- Third parties to whom we may sell or merge our businesses or assets.
All our third party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We work closely with them to ensure that your privacy is respected at all times. We only permit them to process your personal information for specified purposes and in accordance with our instructions.
Where your data may be processed
Sometimes we will need to share your personal data with firms that provide support services to Compliancy Services and who are outside the European Economic Area (EEA). Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.
Links to other websites
Whenever we process data we will ensure that we always keep your personal data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, by contacting us using one of the options in the “Contact Us” section. Please bear in mind that if you object this may affect our ability to carry out tasks for your benefit.
We want to make sure that your personal information is accurate and up to date. You have the right to request a copy of the information that we hold about you. You may ask us to correct or remove information you think is inaccurate.
If you would like a copy of some or all your personal information, please contact us using one of the options in the “How To Contact Us” section. If you are not satisfied with our response or believe that we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
Security precautions for loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it’s treated securely. Policies and procedures are in place to safeguard it from loss, misuse and improper disclosure. We, also, have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Any information submitted using website forms is encrypted and protected.
How to contact us