For the purpose of the Data Protection Act 1998, the registered data controller is Hey Habito Ltd, whose registered office is at 6 Osborn Street, London E1 6TD.
When you visit our site, or complete an application with us, we collect the following types of information: name, address, contact details, social media login details (such as Google+ and facebook), employment details and financial information such as banking details, salary, savings, and financial commitments.
In addition to the above, we collect information from you through communications with us and from outside sources (such as credit bureaux for the purposes of identification verification) – we acknowledge that some of this data may be sensitive personal data. We will keep this type of sensitive personal data in an appropriately secure way. We will also collect explicit consent from you to process this type of data.
We also collect information about your computer, including, your browser type, your operating system, your device type and your IP address. We collect this information for site optimisation and product/service improvements. For more information on this please refer to our cookies policy.
We may also record calls for training and monitoring purposes
We may collect geo-location data from you but this will be with your explicit consent and in relation to a specific activity.
The information we collect will be used for the purpose of brokering a mortgage or any other product/service you have explicitly consented to.
For example, we will:
We will hold your personal data on our systems as follows:
We may share your information with the following entities:
Under the Data Protection Act 1998, you have a right to access certain personal records we hold about you. This is called a Data Subject Access Request, which you can make by writing to firstname.lastname@example.org. A £10 fee is payable.
We value any feedback you may have. If you have any, please also email us at the above address.
If you have changed your mind about receiving marketing from us, you can opt out through your Habito user account or click the unsubscribe button at the bottom of the marketing email.
We pride ourselves in treating your data with the utmost care and security. Our systems meet or exceed industry standards and we are constantly monitoring these to provide improvements where available.
We will never store passwords in plain text, nor will we allow anyone to access your data unless they have a justifiable reason to do so. All of our employees are background checked before they are granted access to your data.
The Lender may use credit reference and fraud prevention agencies to help them make decisions. A short guide to what the Lender does and how the Lender and credit reference and fraud prevention agencies will use your information is detailed below in the section called: A condensed guide to the use of your personal information by the Lender and at Credit Reference and Fraud Prevention Agencies.
If you would like to read the full details of how your data may be used, please contact the Lender.
If you apply for a mortgage product through Habito, we will provide the information we hold about you to the Lender. The Lender will use this information to help make its decision about whether or not to lend to you. This will involve checking the following records about you and others:
When CRAs receive a search from the Lender they will place a search footprint on your credit file that may be seen by other Lenders. They supply to Lenders both public (including the electoral register) and shared credit and fraud prevention information.
The Lender will make checks such as assessing your application for credit and verifying identities to prevent and detect crime and money laundering. The Lender may also make periodic searches at CRAs and FPAs to manage your account with them.
If you are making a joint application or tell us or the Lender that you have a spouse or financial associate, the Lender will link your records together, so you must be sure that you have your partner’s agreement to disclose information about them. CRAs also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
Information on applications will be sent to CRAs and will be recorded by them. Where you borrow from the Lender, the Lender will give details of your accounts and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks and to trace your whereabouts and recover debts that you owe. Records remain on file for 6 years after they are closed, whether settled by you or defaulted.
If you give false or inaccurate information and the Lender suspects or identifies fraud, the Lender will record this and may also pass this information to FPAs and other organisations involved in crime and fraud prevention.
If you have borrowed from the Lender and do not make payments that you owe them, the Lender will trace your whereabouts and recover debts.
The Lender and other organisations may access and use from other countries the information recorded by fraud prevention agencies.
Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act 1998.
This is a condensed version and if you would like to read the full details of how your data may be used, this will be available from the Lender.
You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.