The Buy to Let Business is committed to protecting the privacy and confidentiality of information provided by its customers and upholding data protection principles.
The Buy to Let Business privacy notice provides information on how The Buy to Let Business and any of its third party providers collect, use, secure, transfer and share your information. The Buy to Let Business and its affiliates (Buy to Let Club, Countrywide Mortgage Line and The Good Mortgage Company) is a leading provider of residential and investment mortgages, pure protection and general insurance.
The Buy to Let Business head office is located at:
Countrywide House
6 Caldecotte Lake Business Park
Caldecotte Lake Drive
Milton Keynes
MK7 8JT
The Buy to Let Business trading office is located at:
Building Eight
Watchmoor Park
Camberley
Surrey
GU15 3YL
The Buy to Let Business services most major lenders and the general public via the following business
units/divisions.
| Financial Services | Marketing |
| This division includes the UK’s largest specialist buy to let brokerage and also offers expert advice on pure protection. | The Buy to Let Business markets its services via a suite of websites and other means. |
Typically The Buy to Let Business collects:
| 1. Forename(s) | 2. Details of personal/secure loans | 3. Bank statements* |
| 4. Surname | 5. Existing mortgage details | 6. Mortgage statements* |
| 7. Date of birth | 8. Existing insurance details | 9. ASTs* |
| 10. Gender | 11. New property details | 12. Proof of deposit* |
| 13. Nationality | 14. New mortgage details | 15. Payslips &/or P60* |
| 16. Telephone number(s) | 17. New insurance details | 18. Self-employed accounts* |
| 19. Email address | 20. Solicitors details | 21. SA302s & SA100s* |
| 22. Current address | 23. Doctors details | 24. Tax Year Overviews* |
| 25. Residential status | 26. Employers name | 27. Details of mortgages/loans refused |
| 28. Previous addresses | 29. Employers address | 30. Details of any repossessions |
| 31. Marital status | 32. Salary | 33. Personal expenditure |
| 34. Number of dependents | 35. Previous employers details | 36. Details of personal debt |
| 37. Dependents date of birth | 38. Health | 39. Credit/debit card details |
| 40. NI number | 41. Primary ID* | 42. IP address |
| 43. History of adverse credit | 44. Address ID* | 45. Cookies |
*Copies will be taken of the original document and stored on file in line with the retention period detailed.
We, our service providers and partners collect certain information by using automated means, such as cookies and web beacons, when you interact with our advertisements, or visit our websites, pages or other digital assets.
The information we collect in this manner may include: IP address, browser type, operating system, referring URLs and information on actions taken or interaction with our digital assets.
We may use third-party web analytic services on our websites. The analytic providers that administer these services use technologies such as cookies and web beacons to help us analyse how visitors use our websites.
“Your Rights and Choices” section of this Privacy Notice specifies your ability, to opt in or limit the usage of the information collected.
In the general conduct of business, The Buy to Let Business collects information relevant to the services being
sought across the range of services offered (listed previously) from:
In addition, you may choose to submit information directly to us via several methods, including:
You may also agree to third parties disclosing information about you to us which those third parties have
collected.
Generally, we will collect, use and hold your information for the purposes of:
In addition, to help you with a property related service we have to comply with certain regulations. For example
the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017
(referred to as the Regulations). The information provided will only be used by The Buy to Let Business in relation
to complying with the Regulations and will not be shared with any other party unless we are required to do so
under law.
If you decide to enter in to a business relationship with The Buy to Let Business we will require a minimum of
two separate identification documents; one primary and one secondary document (even if it appears on both
lists). The information may be required at various stages of the process depending on the service being provided.
Primary documents – proof of ID
Secondary documents – proof of residence/address
We reserve the right to employ third party electronic verification for the purpose of verifying identity. This search
will show as a soft search on your credit report, but will not affect your credit rating.
The Buy to Let Business processes your information under the following lawful basis:
• Performance of a contract: where you enter into a contract with The Buy to Let Business and we need
to process your information as part of this contract
• Legitimate interests: some information is processed by The Buy to Let Business as part of its legitimate
interests which include: Fraud, risk assessment, due diligence, network and information security,
suppressions and managing opting out of communications, profiling, direct marketing, monitoring, web
analytics, cloud storage, acquisitions, updating customer details, lettings, sales, financial services and
other core products and service provided by the data controller
• Public interest: some information is processed in accordance public interest such as relocations
• Consent: where we process information under consent we will seek you clear and unambiguous
consent prior to processing your data
We do not sell or otherwise disclose personal information we collect about you, except as described in this
Privacy Notice or as indicated via the consent process at the time the data is collected. We share the information
we collect with, but not limited to:
We may provide your data to a number of mortgage lenders and other service providers during the provision of your requested service(s).
Please to view the full list of links to their individual privacy policies.
We contractually require these service providers to safeguard the privacy and security of personal information
they process on our behalf and authorise them to use or disclose the information only as necessary to perform
services on our behalf or comply with legal requirements
On websites, features can be accessed where we partner with other entities that are not affiliated with The Buy to Let Business. These include social networking, geo-location tools etc. are operated by third parties (indicated appropriately) who may use or share personal information in accordance with their own privacy policies. It is recommended that you review the third parties’ privacy policies if you use the relevant features.
The Buy to Let Business reserve the right to transfer your information in the event of a sale or transfer (wholly or partially) of our business or assets, with reasonable efforts for the acquirer protect / use your information consistent with our Global Privacy Notice. You can exercise your rights to contact the acquiring entity with questions concerning the protection and processing of your information.
How long do we keep information for?
We will keep information for a reasonable amount of time in order to perform the purposes listed above.
We only keep your information for as long as necessary. We generally keep personal information for 7 years
after last contact with you. However The Buy to Let Business reserves the right to keep information for longer if we feel that this is in the legitimate interests of The Buy to Let Business.
International data transfers
The Buy to Let Business may transfer the personal information collected about you to recipients in countries
other than the country in which the information was originally collected. Those countries may not have the same
data protection laws as the country in which you initially provided the information. When we transfer your
information to other countries, we will protect that information as described in this Privacy Notice or as
otherwise disclosed to you at the time the data is collected.
We currently engage a company called WNS who are based in India. We have ensured that WNS meet the
required privacy and security requirements through our contract with WNS. You can find out more about WNS here.
For the purposes of business conduct, enhancement, identification of fraud, money laundering and other
potential un-authorised activities, The Buy to Let Business engages profiling activities via direct use or
anonymisation of sensitive personal information.
Direct profiling is engaged for the fair and lawful purposes, to provide The Buy to Let Business the ability to
enforce The Buy to Let Business “Terms of Use”, legal reporting as may be required by applicable laws,
regulations, policies/standards or requested by any judicial process or governmental agency having or claiming jurisdiction over The Buy to Let Business or its affiliates; including, but not limited to:
Indirect profiling via anonymisation of personal information is also used for preparing and furnishing aggregated
data reports showing anonymised information, including, but not limited to, the following:
• Compiling and communicating promotional and marketing information about products and services that
Your rights regarding the sensitive/personal information we maintain about you enable you to exercise choices about what personal information we collect from you, how we use that information, and how we communicate with you.
You may have the right to:
The right to access personal information may be limited in some circumstances by local law requirements.
To exercise these rights, please contact us as set forth below.
If you feel that the information we hold about you in incorrect or inaccurate you can contact us outlining the
information you feel is incorrect of inaccurate.
If we refuse to correct your personal information, we will provide you with a written notice that sets out the
reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a
statement regarding the mechanisms available to you to make a complaint. We will provide you with access to information we hold about you:
If you would like to object to any processing of your information by The Buy to Let Business you can contact us outlining what processing of information you would like to object to.
If you would like The Buy to Let Business to delete, block or anonymise information we hold about you, you can contact us outlining what information you would like deleted, blocked or anonymised.
To update your preferences, ask us to remove your information from our mailing lists or submit a request to
access, update, correct or delete your personal information, please contact us as specified in the “How to
Contact Us” section below.
You can at any time tell us not to send you marketing communications by:
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in
order to make websites work, or work more efficiently, as well as to provide information to the owners of the
site. The following explains the cookies we use and why.
A list of cookies used on this site follows. Please note that providers may change cookie names and expirations,
so you are advised to visit their privacy pages for further information.
Essential Site Cookie
Every time our site is visited, a cookie is used to hold the unique session ID. This cookie is deleted when you
close the browser.
| Name | Expires |
|---|---|
| PHPSESSID | When user exits browser |
Google Analytics Cookies
These cookies are used to collect information about how visitors use our site. We use the information to compile
reports and to help us improve the site. The cookies collect information in an anonymous form.
A – stores each user’s amount of visits, the time of the first visit, the previous visits, and the current visit. B&C –
are used to check approximately how long you stay on a site, when a visit starts and ends. Z – Store where a
visitor came from (search engine, search keyword, link). To opt out of being tracked by Google Analytics across
all websites visit:http://tools.google.com/dlpage/gaoptout
| Name | Expires |
|---|---|
| _utma | 2 years |
| _utmb | Less than a day |
| _utmc | End of session (Date not set) |
| _utmz | 6 months |
Facebook Cookies
This website carries embedded ‘share’ facebook buttons to enable users of the site to easily share articles with their friends through Facebook.
| Name | Expires |
|---|---|
| Datr | 2 years |
| Lsd | End of session (Date not set) |
| reg_ext_ref | End of session (Date not set) |
| reg_fb_gate | End of session (Date not set) |
| reg_fb_ref | End of session (Date not set) |
Twitter Cookies
Twitter may use both session cookies and persistent cookies to improve their service including understanding user interaction, monitor aggregate usage and webs traffic routing.
Twitter’s privacy policy page.
| Name | Expires |
|---|---|
| K | 7 days |
| guest_id | 2 years |
| original_referer | End of session (Date not set) |
| external_referer | 1 day |
| _twitter_sess | End of session (Date not set) |
LinkedIn Cookies
LinkedIn cookie, introduced by the LinkedIn share button. Used to track which pages the user visits to collect them. For more information visit Linkedin’s privacy policy page.
LinkedIn’s privacy policy page.
| Name | Expires |
|---|---|
| leo_auth_token | Less than one day |
| JSESSIONID | Date not set |
| bcookie | 730 days |
| Visit | 730 days |
| PersistenceCookie | Less than one day |
| NSC_MC_QH_MFP | Less than one day |
| lang | Date not set |
| leo_auth_token | Less than one day |
| NSC_MC_WT_DTQ_IUUQ | Less than one day |
Stumble Cookies
Stumbleupon cookie, introduced by the Stumbleupon submitter button, used to enable uses of the site to
easily share a link to the current page via StumbleUpon. For more information visit: http://www.stumbleupon.com/privacy/
Opting out of cookie usage
If you want to control which cookies you accept, you can configure your browser to accept all cookies or to
alert you every time a cookie is offered by a website’s server. Most browsers automatically accept cookies. You
can set the browser option so that you will not receive cookies and you can also delete existing cookies from
your browser. You may find that some parts of the site will not function properly if you have refused cookies.
Most web browsers allow control of most cookies through the browser settings. To find out more about
cookies, including how to see what cookies have been set, how to manage and delete them: visit
http://www.allaboutcookies.org/
If we obtain your information by consent you have the right to withdraw any consent you previously provided to us.
If we process your information under legitimate interest you can object at any time on legitimate grounds, to
the processing of your personal information.
The Buy to Let Business will apply your preferences going forward. Doing so will mean that you cannot take advantage of certain The Buy to Let Business and affiliate products, services and promotions.
The right to consent removal may be limited in some circumstances by local law requirements and you will be informed appropriately.
If you wish to make a complaint about a breach of your personal information, applicable privacy laws/principles, a concern about The Buy to Let Business privacy practices or would like access and/or to update information of preferences you to us, please email us at compliance@thebuytoletbusiness.com
Or write to us at:
Ying Tan – Local Data Protection Officer
The Buy to Let Business
Building Eight
Watchmoor Park
Camberley
Surrey
GU15 3YL
If we fall short of your expectations in processing your personal information, or you wish to make a complaint
about our privacy practices, please contact us via the details above.
To assist us in responding to your request, please give full details of the issue. We attempt to review and respond to all complaints within a reasonable time.
If we are unable to complete your request due to lawful reasons we will explain this to you to the extent that
we lawfully can.
The security of your personal information is very important and The Buy to Let Business is committed to
protecting the information we collect. We maintain administrative, technical and physical safeguards designed to protect the personal information you provide or we collect against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use.
We use SSL encryption on a number of our websites from which we transfer certain personal information.
The Buy to Let Business stores personal information only for as long as it is necessary for the fulfilment of the purpose for which the personal information was collected, unless otherwise required or authorised by applicable law. We take measures to destroy or permanently de-identify personal information if required by law or if the personal information is no longer required for the purpose for which we collected it.
We will update this statement from time to time so we suggest that you review this statement at regular
intervals. Where we undergo substantial changes to our privacy statement we will endeavour to inform you
directly about these changes.
November 2018
