Privacy Policy

Perch Verify Limited “Verify” (company registration number 14754399) is a specialist field customer verification and reconnection service provider, registered with the Information Commissioners Office (“ICO”) with the ICO registration number ZB560731.

We are data processor when servicing accounts on behalf of another company.

Personal data is defined under the UK GDPR as any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

In essence, personal data is your personal information. Please see section 3 for the type of personal data that we collect. We collect and process personal data primarily to provide our clients with a service. Section 4 of this privacy notice tells you what you can expect us to do with your personal data.

The Website is not intended for children and we do not knowingly collect data relating to children.

When we collect your personal data, we will let you know if any of it is optional. If it is, we will explain why it would be useful to us, and you can decide whether it is something you are happy for us to have.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

• Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
• Contact Data includes address, previous addresses, email address, telephone numbers
• Account Information includes details about accounts held by you with our client, including balances, account numbers, payments to and from you, details of any arrears, details of arrears charges and associated costs.
• Online Information – Includes IP address (your computer’s internet address) if you use our websites.
• Profile Data includes your username and password, payments made by you, your financial situation, marketing preferences, communication preferences, feedback and survey responses, certain publicly available data such as details of property that you own and details of business interests.
• Usage Data includes information about how you use our website.
• Voice Recordings - Our calls are recorded for training and monitoring purposes and may be shared with our regulators, professional advisors, clients and other companies within the Group. The call recordings will be retained in accordance with our Data Retention Policy.
• Special Categories of Personal Data (Sensitive Personal Data) - We do not generally collect special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership. However, we may on occasion collect information about your health, which may affect your ability to manage your finances or communicate with us. We will not hold this information without your express permission.
• Aggregated Data - We also collect, use, and share data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Where we need to communicate with you.
• To perform our contractual obligations with other Group companies.
• Where we need to instruct third parties to act on our behalf, which may be outside of our Group of companies.
• To report to our external advisors and investors.
• Where we need to consider relevant circumstances when making decisions about the progression of cases.
• Where we need to enquire about your Identity and Contact Data from online tracing tools.
• Where we need to comply with a legal or regulatory requirements and obligations.
• To deal with queries and complaints.
• Verifying your identity, preventing fraud and financial crime.
• Identifying vulnerable customers to help determine whether we need to take further steps to ensure these customers are not disadvantaged in any way.
• Assessing, developing, and managing our services, systems, business, and brand
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

• Our clients - Initially we are provided with your personal data by our clients who may be the lender which originally provided you with your loan, a lender who has purchased your loan from the original lender, or from a company managing the account on behalf of a lender / current owner of the account – All of these being the Data Controller. We become a Data Processer of your personal data when they place the account with us.
• Directly from you - You may give us your personal information when interacting with you during our visits or by corresponding with us by post, telephone, email, or other medium.
• County Court – we may collect information as part of the County Court Claim / enforcement process.
• Automated technologies or interactions. As you interact with our website(s), we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other Website(s) employing our cookies.
• Credit Reference agencies – we may obtain Identity and Contact Data
• Tracing companies - Where we need to collect personal data by law, or as part of the collections process or as part of the County Court Claim/ enforcement process and you fail to provide that data when requested, or we have been provided with out-of-date personal data by the original lender, we may have to obtain this personal data via online tracing tools and/or third-party tracing agents.

As you would expect, our employees and field agents will access your personal information for the purposes mentioned above. For example, our staff and field agents need access to your information to deliver the service or to support you if you get in contact with us.

We will also share your personal information with our clients and the following categories of third parties. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

• Companies within the Group that may act as data controllers or data processors.
• Service providers - including I.T. providers, SMS messaging services, call recording services and system administration services, survey
• Professional advisers - including lawyers, debt recovery agents, bailiffs, auditors, and insurers who provide consultancy, banking, legal, debt recovery services, tracing agents, repossession agents, insurance, and accounting services.
• Legal & Regulatory bodies including HM Revenue & Customs, regulators, HM Courts & Tribunals Service, and other authorities.
• Mediators
• Court Advocates
• Process Servers
• Third parties, including Debt Management Companies who you may authorise to deal with matters on your behalf.
• Customer satisfaction survey administrators.
• Investors

In the event Verify was to merge or sell any part of its business or assets, it may be necessary to pass your personal information on to the prospective buyer/party.

Data Protection legislation sets outs specific grounds under which your personal data may be lawfully processed. The legal grounds for the processing of personal data by us will depend on the purpose for which the processing is being carried out. We will only use your personal data when one of these grounds has been satisfied. Below you can see how we use your personal data and the legal grounds for processing this:

Necessary for legitimate interests

We also use your personal data when we or more commonly, our clients have a “legitimate interest”, and that interest is not outweighed by your privacy rights. Each activity is assessed, and your rights and freedoms are considered to ensure that we are not being intrusive or doing anything beyond your reasonable expectation. We will assess the information we need, so we only use the minimum.
If you want further information about processing under legitimate interests, you can contact us using the details below. You also have the right to object to any processing done under legitimate interests. We will re-assess the balance between our interests and yours, considering your circumstances. If we have a compelling reason, we may continue to use your personal data.

We may sometimes use third parties located in other countries to provide us with support services, such as back-office services and system development and maintenance. If we do, your personal data will be processed in countries outside the EEA.

These services will be carried out by experienced and reputable organisations on terms which safeguard the security of your information and comply with the European data protection requirements. Some countries have been assessed by the European Commission (EC) as being ‘adequate’, which means their legal system offers a level of protection for personal information which is equal to the EC’s protection. Where the country hasn’t been assessed as adequate, the method we have chosen to safeguard your information is ‘standard contractual clauses’ within the legal agreement to safeguard the processing of your personal data.

The European Commission and the UK have recognised ‘standard contractual clauses’ as offering adequate safeguards to protect your rights and we’ll use these where required ensuring adequate protection for your information as prescribed by the GDPR. The European Commission approved standard contractual clauses are available here.

We will use these recognised ‘standard contractual’ clauses if and when we conduct any activity that involves processing personal data outside the EEA.

We will always ensure your personal data is provided with adequate protection and all transfers of personal information outside the EEA are done lawfully and carefully.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

In the event of a potential data security breach, we will notify you and the Information Commissioner’s Office if we are legally required to do so, or there is a risk to your rights and freedoms because of the breach.

The Website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

We will keep your personal data for as long as it is considered necessary for the purpose for which it was collected, and to comply with our legal and regulatory requirements. This will involve retaining your personal data for a reasonable period after our relationship with you has ended.

This will typically be within a relatively short period of time after our contract with our client has ended and we have returned all their data. At this point we will delete or anonymise your personal data.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

In certain circumstances you can ask us to delete your data: see Right to Erasure below for further information.

Automated decisions are where a computer makes a decision about you without a person being involved. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a person.

We do not make any solely automated decisions or profile your data.

Your rights are outlined below. The easiest way to exercise any of your rights would be to contact our Data Protection Officer at the contact details provided. We will provide a response within one month, if not sooner. There is normally no charge for exercising any of your rights. We may ask you for proof of identity when you request to exercise some of these rights to ensure we are dealing with the correct individual.

• Access to your personal data - You have the right to find out what personal data we hold about you, in many circumstances.
• Correcting or adding to your personal data - If any of your details are incorrect, inaccurate, or incomplete, you can ask us to correct them or to add information.
• Withdrawing your consent - If you have provided consent for us to use your personal data, you have the right to withdraw it at any time. If you withdraw consent, then we are not allowed to use the personal data you previously provided consent for going forward. However, it would not invalidate processing that was carried out before you withdrew consent.
• Transferring your personal data to another organisation (Data portability) - In some circumstances, you can ask us to send an electronic copy of the personal data you have provided to us, either to you or to another organisation.
• Objecting to the use of your personal data for legitimate interests - You also have the right to object to any processing done under legitimate interests. We will re-assess the balance between our interests and yours, considering your circumstances. If we have a compelling reason, we may continue to use your personal data if that interest is not deemed to be outweighed by your privacy rights. However, we will inform you of that decision and reasoning for continuation of processing.
• Objecting to direct marketing - You have a specific right to object to our use of your personal data for direct marketing purposes.
• Objecting to automated decision making - You have a right to object if we have made an automated decision, including profiling, which has legal and significant effect against you. You may also have the right to challenge the decision and ask for a human review. These rights do not apply if we are authorised by the law to make such decisions and appropriate safeguards are in place to protect your rights.
• Restricting the use of your personal data - If you are uncertain about the accuracy or our use of your personal data, you can ask us to stop using your personal data until your query is resolved. We will let you know the outcome before we take any further action in relation to this personal data.
• Right to Erasure - You can ask us to delete your personal data in some circumstances. we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you when you make a request.

We use cookies in connection with the operation of our website. A cookie is a small file that is sent by a web server (where we host our website) to a web browser (from where you view our website), and which is then stored by the browser.

Usually, cookies do not hold any data by which you can be identified, although if we do hold personal data about you (for example, because you have an account with us or you have subscribed to a service that we offer) the cookie may be linked to that data.

In addition to cookies used by us, our service providers may also use cookies, and those cookies may also be stored in your browser when you visit our website.

Usually you can prevent cookies from being downloaded to your browser and you may be able to delete those that have already been downloaded. How this is achieved varies between different browsers. Consult the website of your browser provider for more details.

The types of cookies that we use fall under the following categories:

• Strictly necessary (can't be switched off)
  Data collected in this category is essential to provide our services to you. The data is necessary for the website to operate and to maintain your security and privacy while using the website. Data is not used for marketing purposes, or the purposes covered by the other three categories below. These strictly necessary cookies are always on, as the services you've asked for can't be provided without this data.
• Performance
  Data collected in this category is used to inform us how the website is used, improve how our website works, and help us identify issues you may have when using our services. This data is not used to target you with online advertising and is collected and reported anonymously. Currently Verify use Mouseflow and Google Analytics as a third party to supply this service.
• Targeting
  Data collected in this category is used to help make our messages more relevant to you. The data is shared with other internal systems or third parties, such as advertisers and social media platforms we may use to deliver personalised advertisements and messages. If you don't wish to consent to this category, it's important to note that you may still receive generic advertising or service messages, but they will be less relevant to you.
• Functional & Profile
  Data collected in this category enables the website to remember your choices. This means a more personalised experience for features of the website that can be customised. It may also be used to provide services you've asked for, such as watching a video or commenting on a blog.

You should be aware that if you block or delete cookies this may have a detrimental impact upon your ability to access our website or parts of our website, and the services that we provide.

For further information about the cookies, we use please contact our Data Protection Officer.

If you are unhappy with how we are using your personal data, you have the right to complain to the Information Commissioner’s Office. We would encourage you to contact us first to give us the opportunity to deal with your concerns in the first instance.

The Information Commissioner's office can be contacted by

• Visiting their website www.ico.org.uk
• Phone on 0303 123 1113/li>
• Write to Information Commissioner`s Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF/li>

Making sure that we keep you up to date with privacy information is a continuous responsibility and we keep this notice under review. We will update our notice as changes are required.

If we need to use your personal data for a new purpose which we have not previously told you about, we will contact you to explain the new use of your personal data. We will set out why we are using it and our legal reasons.

This privacy notice was last updated on the 7 May 2025.

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details below:

Email: DPO@perchgroup.co.uk
Post: Data Protection Officer, Unit 10, Whitehills Business Park, Whitehills Drive, Blackpool, Lancashire, FY4 5LW