Squirrel Privacy and Cookies Policy
- About us
- What personal information do we collect and use and who do we collect it from?
- How do we collect your information
- What are the purposes for which your personal information is used
- How will your personal information be used?
- Who do we share your information with?
- What marketing activities do we carry out?
- Data anonymisation and aggregation
- How long do we keep personal information for?
- What is our approach to international data transfers
- Your rights under applicable data protection law
- Keeping your information up to date
- Further information
1. About us
Squirrel Financial Wellbeing Limited is a company registered in England and Wales (company registration number 08621129) with its registered office at Lower Ground Floor, 10 Finsbury Square, London EC21 1AF. Squirrel Financial Wellbeing Limited is regulated by the Financial Conduct Authority under registration numbers 619488 & 9000036.
Squirrel acts as data controller in respect of your personal information that we process.
If you have any questions about how we collect, store or use your information, please contact us on email@example.com.
2. What personal information do we collect and use and who do we collect it from?
We will collect personal information like your name, address and date of birth when you apply for, or use any of our products or services. We will also collect data from your use of our website and app. The type of information that we collect from you will depend on your relationship with us:
- Information requested from you when you make an application for one of our products or services (including, but not limited to name, postal address, telephone number, email address, date of birth) or at any time about your personal and financial circumstances or which we gather about you from the way you use and manage any account which we open for you.
- Details of any transactions (including any purchases of goods or services and other payments to and from your account) such as the amount, date and currency of a purchase and the supplier category (such as petrol station, supermarket or medical services).
- We will keep details and records of when you contact us and we contact you, like calls, emails, text messages, social media messages or other communications.
- User interactions and log data when you use our website(s) and app and click on our adverts on other websites (see information on cookies on our website)
- Mobile device specific data.
- Information we receive about you from third parties, such as credit reference or fraud protection agencies.
- Information that is publicly available.
- Information from social media sites.
- Information requested from you when you register for the Squirrel app including, but not limited to external security details for your linked accounts from the sites of external providers active on the Squirrel App,
- Financial details (balances and transactions) of your linked accounts from external providers active on the Squirrel App.
- Information requested from you which is required to complete a switching process via the Squirrel App
Please note that your external security details will be stored on a third party secure server and not on your mobile phone. Your external security details will be encrypted when stored and encrypted when data is transmitted – we will never see or have access to your external security details.
3. How do we collect your information
We collect information from you:
- when you apply for our products and services via our websites or our app
- when you talk to us on the phone, over email, by letter, via chat or social media
- when you make transactions using our products and services
- when you connect to our products and services using devices, such as computers and mobile phones, using cookies and other internet tracking software
4. What are the purposes for which your personal information is used
Data protection law says that we are allowed to use personal information only if we have a proper reason to do so. We’ll process your personal data on the following legal basis and for the following purposes:
- As necessary to perform our contract with you for the relevant account, product or service:
- To take steps at your request before entering into the contract;
- To decide whether to enter into it, and, if you are applying for credit, the level of credit to offer you (including automated decision making relating to this);
- To manage and perform that contract;
- To complete a supplier switch that you have requested;
- To keep our records up to date; and
- To trace your whereabouts to contact you about your account and recovering money that is owed to us
- As necessary for our own legitimate interests, that is when we have a business or commercial reason to use your information, for example:
- For good governance, accounting and managing and auditing our business operations;
- To keep our records up to date;
- Working out which of our products and services may be of interest to you;
- To search at credit reference agencies if you apply for credit;
- To monitor emails, calls other communications and activities on your account;
- For market research, analysis and developing statistics; and
- To send you marketing communications (including automated decision making relating to this).
- As necessary to comply with a legal obligation, for example:
- To comply with our legal and regulatory requirements and related disclosures;
- To establish and defend our legal rights;
- For activities relating to the prevention, detection and investigation of crime;
- To verify your identity, make credit, fraud prevention and anti-money laundering checks;
- To monitor emails, calls and other communications and activities on your account.
Based on your consent, for example:
- When we process any special categories of personal data about you at your request (e.g. information concerning your health);
- To send you marketing communications where we’ve asked for your consent to do so.
You’re free to withdraw your consent at any time, however this will mean that we will not be able to do certain things for you.
5. How will your personal information be used?
We will use the personal information we hold about you, and data from the technology/devices you use to access your account(s) to:
• Provide, manage and develop our products and services
• Understand your preferences and advise you about our other products and services
• Undertake market research, transactional analysis, statistical analysis and system testing
• Update our records
• Recover debt
• Confirm your location
• Assess whether you can afford any credit you’ve applied for
• Prevent and investigate fraud, money laundering and other crimes
If we believe that you have tax obligations in another country, we may disclose personal information of yours with those tax authorities, or with HM Revenue and Customs, who may share the information with the other tax authorities.
We may search, use and share the records held by domestic and international credit reference agencies and fraud prevention agencies, as well as our own internal records to:
• Confirm your identity and prevent fraud or money laundering
6. Who do we share your information with?
- Third parties acting on our behalf, including our service providers and agents who help us manage your products and services, for example our aggregation or switching partners;
- Relevant government bodies, authorities and regulatory bodies in order to comply with our regulatory and reporting obligations;
- IT providers/hosted IT solution providers to enable us to provide our products and services to you;
- Our professional advisors (lawyers, accountants and consultants);
- Any other parties connected with your account e.g. guarantors and joint account holders;
- Market research companies to assist us in improving our product or service delivery;
- Any third party who is restructuring, selling or acquiring our assets, as long as that party uses the personal information in accordance with the terms of any agreements between you and us;
- If you have cards linked to your account, we’ll share transaction details with MasterCard, who provide our cards. They may transfer this information overseas to deal with transactions, resolve disputes and/or for statistical purposes.
- Anyone else where we have your consent or where it is required by law.
We will make sure that anyone acting on our behalf only uses your personal information in line with our instructions and that they keep the data safe.
We won’t share or give your personal information to external companies for their own marketing purposes.
7. What marketing activities do we carry out?
We may also use your personal information to provide you with information about products or services which may be of interest to you where you have provided your consent for us to do so.
We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you wish to unsubscribe from emails sent by us, you may do so at any time by clicking on the “unsubscribe” link that appears in all emails. Otherwise you can always contact us at firstname.lastname@example.org to update your contact preferences.
8. Data anonymisation and aggregation
Your personal data may be converted into statistical or aggregated data which cannot be used to identify you, then used to produce statistical research and reports. This aggregated data may be shared and used in all the ways described above.
9. How long do we keep personal information for?
After you stop being a customer, we may keep your data for up to 7 years for one of these reasons:
- To maintain records according to laws and regulations that apply to us
- To show that we treated you fairly
- To respond to any questions or complaints
We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons.
10. What is our approach to international data transfers
11. Your rights under applicable data protection law
You have certain rights under applicable data protection law, these rights are:
- The right to be informed about our processing of your personal data
- The right to request access to your personal data and information about how we process it
- The right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed (the “right to rectification”)
- The right to have your personal data deleted (the “right to be forgotten”)
- The right to restrict processing of your personal data
- The right to move, copy or transfer your personal data (“data portability”); and
- The right to object to the processing of your personal data
- Rights in relation to automated decision making including profiling
You can find out more information about your rights at the Information Commissioner’s website: www.ico.org.uk
If you choose not to give us the personal information that we request either during an application process or during the life of an account or product, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform the services needed to manage your accounts/provide your chosen products and services. It could mean that we have to cancel a product or service you have with us.
Please let us know if you are unhappy with how we have used your personal information. You can contact us at email@example.com. You also have the right to complain to the Information Commissioner’s Office who can investigate our compliance with data protection law. Find out how at www.ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. Our ICO registration number is ZA017754.
12. Keeping your information up to date
We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, please notify us of any changes to the personal information that you have provided to us by updating your details on the Squirrel App or by contacting us at firstname.lastname@example.org.
13. Further information
We are required to employ adequate technical and organisational security measures to protect your personal information from any loss, destruction, damage or unlawful disclosure. However, please remember that no transmission over the Squirrel App or the Squirrel Website can ever be guaranteed as secure. Consequently, please note that we cannot guarantee the security of any personal information (including external security details) which you transfer via the Squirrel App or the Squirrel Websites.
When you interact with our content and services, we try to make that experience simple and meaningful. When you visit our Site or App our web server sends a cookie to your device. Cookies are small pieces of information which are issued to your device when you visit a website and which store and sometimes track information about your visit. A number of cookies we use last only for the duration of your browser session and expire when you close your browser. Other cookies are used to remember you when you return and will last for longer. Some of the cookies used by the Site or App are set by us, and some are set by third parties who are delivering services on our behalf.
We use the following types of cookies:
- Strictly necessary cookies
- We use a session cookie on our Site so that users can move easily from one page to another within the Site and so that page requests are loaded in smooth manner. We also use login-in session cookies for security purposes to authenticate valid users accessing the secure area of the App.
- We use functional cookies that enable the user to operate the Site or App by storing their preferences and selections. In particular we use a cookie to set the correct language in the App for the user.