Privacy notice

Protecting your personal data is of high importance to Harmer Collection Services Ltd. The way we collect and share your information is just as important. As you expect, it’s a matter of high importance that we manage your information privately and securely.

Our Privacy Notice sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us and properly safeguarded in a manner consistent with your rights and our obligations under applicable laws and regulations relating to privacy and the protection of personal data.

The below will help you to understand our views and practices regarding your personal data and how we will treat it.

  • In accordance with theGeneral Data Protection Regulations 2016(“GDPR”), Harmer Collection ServicesLtd is registered with the Information Commissioner’s Office (“ICO”) as the data controller and our registration number is Z6049004.
  • Our Site is operated by HarmerCollectionServicesLtd, a limited company registered in England under company number 03544837. We are registered in England at 181Hermitage Road, LONDON, N4 1NW

  • This Privacy Policy applies only to your use of our websiteand to the personal data that we collect from and/or about you. It does not extend to any other websites that are linked to or from our Site (whether we provide those links or whether they are shared by other users). We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
  • Information we may collect from/about you-We may collect your personal information through various means, including via our Site (through email or other electronic correspondence, by telephone, by direct contact, or if you voluntarily submit it, and where we are required by law to collect personal data).

Some or all of the following data may be collected about you:

  • Name;
  • Date of birth;
  • Gender;
  • Business/company name;
  • Job title;
  • Profession;
  • Contact information such as email addresses andtelephone numbers;
  • Demographic information such as postcode and preferences;
  • Financial information such as credit / debit card numbers;
  • Personal data collected arising out of the debt collection and enforcement process (some of which may include sensitivedata related to the customer or other third parties), such as information on the physical or mental health or condition of the debtor and details of incidents occurring during debt enforcement visits;
  • IP address (automatically collected);
  • Web browser type and version (automatically collected);
  • Operating system (automatically collected);
  • A list of URLs starting with a referring site, your activity on our Site, and the site you exit to (automatically collected);
  • Caller line identification;
  • Banking details that you have permitted us to use on your behalf.
  • Sensitive personal data

GDPR defines certain personal data as ‘sensitive’ such as personal data regarding your ethnic origin, physical health and mental health. We are required to understand whether the people that we deal with could be regarded as vulnerable and this may involve collecting and using sensitive personal data. We may, for debt collection purposes, therefore ask you for some sensitive details or you may voluntarily give such personal data to us. We will only use this personal data for debt collection purposes and we will obtain your consent to process this data. We may share any of your sensitive personal data with our client to ensure your case is managed appropriately for debt collection purposes only.


Any sharing of your sensitive personal data with clients will be on the basis of your explicit consent or if we are required or permitted to do so under the General Data Protection Regulations 2016.

All personal information is stored securely in accordance with the principles of the General Data Protection Regulations 2016. For more details on security, see section 14.


We use your personal data to provide the best possible services to you, in our legitimate interests and to fulfil our legal obligations as set out in detail below. This includes:

  • providing and managing your access to our Site;
  • supplying our services to you on behalf of our clients;
  • personalising and tailoring our services for you;
  • responding to communications from you, including any complaints;
  • enabling payments to be made by debtors on behalf of our clients;
  • collecting information (where appropriate) on the vulnerability of individual customers who we are collecting or enforcing debts against, to ensure that they are treated fairly

Where permitted by law, we may also use your data for marketing purposes which may including contacting you by email, telephone and/or post with information, news and offers on our services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the General Data Protection Regulations 2016 and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.


When contacting us directly by telephone, this may result in our collection of Calling Line Identification information. Calls are recorded for training purposes and for the analysis and management of internal staff performance. Call recordings may be reviewed also as part of a complaint investigation. The use of this information assists with the improvement of our efficiency and effectiveness.

We will always process your personal information on lawful grounds and in particular on the grounds set out below:-


  • Legal and Statutory Obligation
  • We may use or disclose your personal data to perform a legal and statutory obligation
  • For example, enforcement of criminal or civil court orders. This information is likely to include your name, contact details, payment details, and details of the court order
  • We may also be re required to disclose your personal data by a law enforcement or taxation agency for the purposes of preventing crime
  • Performance of a Contract/Service

We will use your personal information to allow us to provide services you or your organisation have ordered, or to enter into a contract with you.This information is likely to include your name, contact details and payment details, information about your business and needs and any additional information we may need to help meet your specific requirements.


If you do not provide us with the information set out in this paragraph, then we may not be able to provide you with the products and/or services you have ordered/requested.

We may use your data for marketing purposes which may include contacting you by email, telephone and/or post with information, news and offers on our services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the General Data Protection Regulations 2016 and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.


You can ask us to stop doing so at any time.


We may share your email address with Google (acting as data processors) for them to use on our behalf in connection with the creation of marketing and promotion for us.


They may use this to serve targeted advertising/content to you via their platform. You can control what advertisements you receive via the privacy settings on the relevant platform.


Google and Facebook may also use socio-demographic information about you to identify other people like you, with similar interests to present our marketing to. This socio-demographic information is not used for any other purpose nor shared with any other party. No information about other individuals identified from these networks is shared with us at any time.


We may use some of your personal information for statistical purposes when we evaluate our range of services.

We may ask for your explicit consent to collect and share your sensitive personal data as set out in the section above.


We may ask your consent to share your name and contact details with selected third parties so that they can tell you about their products and services.


If you agree, we may also pass on your information, in certain cases, for the purposes of conducting a credit check.


We will always ask you before we do this, and you can withdraw your consent at any time.

We only keep your personal data for as long as we need it for one of the lawful grounds set out in section 6 and/or for as long as we have your permission to keep it.


We have a system of retention periods in place to ensure that your information is only stored whilst it is required for the relevant purposes or to meet legal requirements. Where your information is no longer required, we will ensure it is disposed of or deleted in a secure manner.


If you have any questions in relation to our retention periods, please contact the data protection officer at 181 Hermitage Road, London, N4 1NW.


The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“the EEA”) to third party suppliers (the EEA consists of all EU member states, plus Norway, Iceland and Liechtenstein).


We will only transfer your data to a recipient outside the EEA where we are permitted to by law (for example (A) where the transfer is based on standard data protection clauses adopted or approved by the European Commission, (B) where the transfer is to a territory that is deemed adequate by the European Commission, or (C) where the recipient is subject to an approved certification mechanism and the personal data is subject to appropriate safeguards, etc)


Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Site.


Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us via the internet.

We may sometimes contract with third parties to supply services to you on our behalf. These may include payment processing, correspondence management and mailing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.


If Harmer Collection Services Ltd or substantially all of its assets are acquired by a third party, personal data held by it about its customers and website users will be one of the transferred assets and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use the data for the purposes for which it was originally collected by us.


We may compile statistics about the use of our Site including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying information. We may, from time to time, share such data with third parties such as prospective investors, affiliates, partners and advertisers. Data will only be shared and used within the bounds of the law.


In certain circumstances we may be legally required to share certain data held by us, which may include your personal information, for example, for compliance purposes, where we are involved in legal proceedings, where we are complying with the requirements of legislation, a court order, or a governmental, investigative or taxation authority. We do not require any further consent from you in order to share your data in such circumstances and will comply, as required, with any legally binding request that is made of us.


We may share your data in pursuing an interest that corresponds with a general public interest or a third party’s legitimate interest. This may include situations where we are required to go beyond its specific legal obligations set in laws and regulations to assist law enforcement or private stakeholders in their efforts to combat illegal activities, such as money laundering, fraud prevention or misuse of services. However the use of personal data in such circumstances will be restricted to data which is relevant to our services and necessary to identify you.

When we investigate a complaint, we may need to share personal information with the organisation you have an outstanding debt with and with other relevant bodies (e.g. the Civil Enforcement Association or the Local Government Ombudsman to adjudicate on disputed complaints).


Upon receipt of a complaint, we open a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide.


We may compile and publish statistics showing information such as the number of complaints we receive, but not in a form which identifies anyone. We are usually required to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant does not want information identifying him or her to be disclosed, we aim to respect that. However, it may not always be possible to handle a complaint on an anonymous basis.


We will keep personal information contained in complaint files in line with our retention policy. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle. Similarly, where enquiries are submitted to us, we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
When we take enforcement action against someone, we may publish the identity of the defendant in our Annual Report or elsewhere. We do not usually identify any complainants unless the details have already been made public.


If you are not satisfied with the manner in which we have sought to redress your complaint, or if you wish to seek further advice with regard to the use of your data, you are within your right to contact the ICO for a further determination.

When you submit information via our Site, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us, which you may do by unsubscribing using the links provided in our emails and at the point of providing your details).


You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service the Corporate Telephone Preference Service and the Mailing Preference Service. These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.

You may access certain areas of our Site without providing any data at all. However, to use all features and functions available on our Site you may be required to submit or allow for the collection of certain data.


You may restrict your internet browser’s use of Cookies. For more information, see our Cookie Policy

You have the legal right to request details of any personal information we hold about you under the General Data Protection Regulations 2016. There are some exemptions, which means you may not always receive all the personal information we hold, however where this is the case we will clearly explain it to you.


If you would like a copy of the information held on you, please write to us using the ‘Contact Us’ page.


It would help us to if you could address your letter to the Data Subject Access Request Team
Ensuring the accuracy of your information.


If you believe that any information we are holding on you is incorrect or incomplete, please contact us as soon as possible using the ‘Contact Us’ page. We will promptly correct or remove any information that is incorrect.


You have the right to settle or close your account and request that your personal information be removed from our website or other records. Upon the closure of your account we are not obliged to retain your information and may delete any or all of your account information without liability.
If you request a change of details and/ or account closure, we may retain residual information about you in our backup and/or archival copies of our database. This will be deleted in accordance with our data retention policy.

We will use all reasonable efforts to safeguard your personal data. We have put in place strict physical, electronic and managerial procedures to safeguard and secure the information we collect online.


You should note that when using the Site and our related services, your information may travel through third party infrastructures that are not under our control. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.


We use high level encryption software to prevent access to your personal information. Unfortunately, the internet is never a completely secure environment. Therefore, we cannot guarantee that hackers or unauthorised personnel will not gain access to your personal information despite our best efforts.


We have put in place confidentiality clauses or confidentiality agreements (including data protection obligations) with our third party service providers.

  • to confirm whether we hold any of your personal data;
  • to send you a copy of any personal data that we hold about you;
  • to correct any inaccuracies in your personal data and to add relevant details where the personal data we hold is incomplete;
  • to delete (to the extent possible) any of your personal data, where we are required by law to do so;
  • to stop or restrict processing your personal data, where we are required by law to do so;
  • to let you have a portable copy of the personal data we hold about you, where we are required by law to do so;
  • to stop processing any of your personal data that we process on the basis of our legitimate interests; and
  • to stop sending you marketing material. However please note that we may continue to send you service related (i.e. non-marketing) communications, such as emails relating to the services we provide.


Where we have reached a decision that affects you by processing your personal data automatically then you have the right to speak to someone to discuss that decision. We do not use your personal data for the purpose of profiling.


Where we process your personal data on the basis that you have given us your consent to do so then you may contact us at any time to withdraw your consent. If you wish to exercise any of these rights or wish to object to our use of your personal information, please e-mail the data protection officer: or write to us at the address given below. Data Protection Officer, 181 Hermitage Road, London, N4 1NW

Our Site may place and access certain first party Cookies on your computer or device. First party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve your experience of our Site and to provide and improve our services.


By using our Site you may also receive certain third party Cookies on your computer or device. Third party Cookies are those placed by websites, services, and/or parties other than us.

We may change this Privacy Policy as we may deem necessary from time to time, or as may be required by law. Any changes will be immediately posted on our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our Site following the alterations.


We recommend that you check this page regularly to keep up to date. This Policy was last updated in January 2020.

Who can I contact if I have queries about this privacy notice?

You can also contact us directly if you have any questions about our privacy notice or information we hold about you.

Please write to us at the address below.

Data Protection Officer
181 Hermitage Road
N4 1NW

If you are dissatisfied with our handling of any complaint you also have the right to raise concerns with The UK Information Commissioner: