At Loanitt, we know that your privacy is important to you. This privacy notice (“Notice”) describes the types of information we collect and use, who that information relates to, how and why we use such information, who we share it with and your legal rights.
Loanitt complies with the requirements of the General Data Protection Regulation (GDPR) 2018 and the Irish Data Protection Act 2018
When we talk about “information” in this Notice, we mean any information relating to you (your “personal data”).
Unless indicated otherwise, this Notice applies to all our website, domains, apps, and to arranging or offering to arrange the provision of credit from providers of credit through our online platform and the retrieval of transactional and financial information from your payment account provider (with your consent) to assist with your credit application (the “Services”).
Loanitt(“we”, “us” or “our”) is licenced by the Competition and Consumer Protection Commission to act as a credit intermediary pursuant to the Consumer Credit Act, 1995. Loanitt is a company registered in Ireland under registration number 643708. Our registered address is Knockeen, Piltown, Co. Kilkenny.
We are authorised by the Central Bank of Ireland as a Mortgage Credit Intermediary. We act as the service provider between you and the lenders with which we can place business and we provide advice, support, assistance and placement facilities in relation to Mortgages.
Loanitt is responsible for collecting information about you and looking after your personal data (your “data controller”). We are aware of our responsibilities to handle your personal data with care, to keep it secure and comply with applicable privacy and data protection laws.
We collect and process information which relates to a variety of categories of individuals. These include individuals who may not have a direct relationship with Loanitt. We have described below the main types of individuals whose information we collect, use and otherwise process:
|Personal Details||Employment Details||Income Details||Bank Details||Other|
|Title and Full Name||Occupation||Monthly Net Salary||Bank Name||PPS number|
|Mobile Number||Employer Name||Other Monthly Income||Bank Address||Customer Expected credit history|
|Email Address||Employer Address||Mortgage/Rent Payments||Time with Bank (in years)||Affordable credit repayments|
|Date and Country of Birth||Employer Phone Number||Other monthly Repayments||IBAN|
|Mothers Maiden Name||Time at current employer||Account Number|
|Marital Status||Transactional information|
|Number of dependants|
The provision of the above pieces of information by you are necessary and proportional for us to be able to provide the requested Services to you. If the requested information is not provided, we may not be able to provide the requested Services.
In the course of providing the Services, we collect or receive information in different ways and relating to various groups of individuals (described in section 4 above). We use this information for a number of purposes described further below.
If you provide information to us about any person other than yourself, you should ensure that you have a legal basis for doing so and that you have complied with your transparency obligations under data protection law.
We will only request information we require to provide the Service.
In order to collect, use, share, and otherwise process your information for the purposes described in this Notice, we rely on a number of legal bases, some of which are mentioned above, including where:
Where we collect, use, disclose and otherwise process your information based on legitimate interests, we may rely on the following interests:
In the course of providing the Services, we share information with various third parties, including financial institutions, data storage providers and service providers such as Microsoft.
We do this based upon the legal bases and exceptions mentioned in section 7 of this Notice.
In certain cases, we may need to transfer your information to recipients outside the European Economic Area (“EEA”), such as where it is necessary to provide our Services.
Where we transfer your information, we do so in accordance with EU data protection law. We only transfer personal information to these countries when it is necessary for the services we provide you, or it is necessary for the establishment, exercise or defence of legal claims or subject to safeguards that assure the protection of your information. We may rely on different legal mechanisms to ensure the transfer is lawful. If the recipient is in a country that is not deemed ‘adequate’ by the European Commission, we may enter into the ‘standard contractual clauses’ with the recipient. These are contracts that contain standard commitments approved by the EU Commission protecting the privacy and security of the information transferred.
Our third-party service providers may rely on Binding Corporate Rules for Processors (“BCR-P”), which are a global, company-wide privacy framework that allows the transfer of customer personal data outside of the EEA once approved by the European DPAs.
Please note that the privacy protections and the rights of authorities to access your information in some of these countries may not be the same as in your home country. We will only transfer information as permitted by law.
Microsoft, a third-party provider, is certified to the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the EU to the United States.
For further information, please contact us on dataprotection@Loanitt.ie.
Automated Decision Making refers to a decision which is taken solely on the basis of automated processing of your personal data. This means processing using, for example, software code or an algorithm, which does not require human intervention.
Profiling means using automated processes without human intervention (such as computer programmes) to analyse your personal data in order to evaluate your behaviour or to predict things about you which are relevant in an financial services context, such as your likely credit risk profile. As Profiling uses automated processing, it is sometimes connected with automated decision making. Not all profiling results in automated decision making, but it can do.
We may use automated decision making to carry out a credit check on prospective customers. In an underwriting context, profiling is routinely carried out on your information provided in your credit application to assess your individual risk in order to make a prediction about the likelihood of success in obtaining credit and to determine which financial institutions are most suitable to send your application to
You have certain rights in respect of automated decision making, where that decision has significant effects on you, including where it produces a legal effect on you. See Section 12 for more information about your rights.
We will maintain appropriate technical and organisation measures to protect against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your information. We will provide a level of security that is proportionate to the risks that are presented by the processing activity, having regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing.
We will retain your personal data for as long as is necessary for the purposes set out in this Policy for as long as your account is active or as needed to provide you services or to perform our contract with you. We will retain and use your personal data to the extent necessary to comply with our legal obligations, to resolve disputes and to enforce our agreements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We also consider regulatory and guidance issued by Central Bank of Ireland and the Data Protection Commission.
You have a number of rights in relation to your information that we process. To exercise these rights, please contact us at dataprotection@Loanitt.ie.
While some of these rights apply generally, certain rights apply only in specific circumstances. We describe these rights below.
You can ask us to:
Data Protection Commissioner
21 Fitzwilliam Square, Dublin 2, D02 RD28, Ireland
Ph: 1890 252 231
Fax +353 57 868 4757
Our websites, domains and apps may contain links to other websites and services, which are managed and controlled by third parties. Please note that this Notice does not apply in those cases and we are not responsible for the privacy practices of such third parties.
If you want to exercise you rights (described above), or if you have any questions about this Notice, please contact us as follows:
Telephone No.: +353 56 449 1422
Last updated: September 2021