Privacy notice

The Money Advice Trust “The Trust” is a charity founded in 1991 to help people across the UK tackle their debts and manage their money with confidence. The Trust’s main activities are giving advice, supporting advisers and improving the UK’s money and debt environment.

The Money Advice Trust “The Trust” is a charity founded in 1991 to help people across the UK tackle their debts and manage their money with confidence. The Trust’s main activities are giving advice, supporting advisers and improving the UK’s money and debt environment. 

We give advice and information to people concerned about their debts through our National Debtline service and the equivalent service to small businesses through our Business Debtline service. We support advisers by providing training through Wiseradviser. We use the intelligence and insight gained from these activities to improve the UK’s money and debt environment by contributing to policy developments and public debate around these issues.  

The Trust is registered with the Information Commissioners Office (ICO). Our registration number is Z270290X.    

The Trust is committed to good practice in the handling of personal data and careful compliance with the requirements of the Data Protection Act (2018).  

The Trust is a “Data Controller”. This means that we are responsible for deciding how we hold and use personal information about you. The Trust looks after the information it holds about you and respects your privacy.  

This privacy notice explains how we will treat your information, what your rights are, and how we will ensure that your data is kept safe, secure and in your control.  

Please contact us if you require a copy of this privacy notice in writing.  

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).  

We make sure that the information we hold is:  

  • as accurate as possible;
  • we do not hold more information than we need; and 
  • we do not hold it longer than we need to. 

Contacting us with questions about how we use your data  

We have a Data Protection Officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact  

DPO@MoneyAdvicetrust.org  

How we keep your data secure  

The Trust is committed to good data management to protect people from harm. This means we take appropriate security precautions to prevent your information being lost, used or accessed in an unauthorised way, inappropriately altered or disclosed. In addition, we limit access to your personal data to those employees and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.  

We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We regularly review our information collection, storage and processing practices, including physical security measures.  

Supporters of Money Advice Trust  

At Money Advice Trust, our work is only made possible thanks to the generosity of our supporters – so it’s vital that our fundraising efforts are as effective as they can be. By developing a better understanding of our supporters through researching them using publicly available sources, we can tailor and target our fundraising events and communications to those most likely to be interested in them. This allows us to be more efficient and cost-effective with our resources, and reduces the risk of someone receiving information that they might find irrelevant, intrusive or even distressing 

Processing your dataLegal basis 

We need a lawful basis to collect and use your personal data under data protection law. The UK data protection legislation details six possible bases that organisations can use to process personal data (and additional ways to process special category data).  

Our lawful basis for processing your personal data is legitimate interests as collecting the data is necessary to fulfil our purpose as a debt advice charity in order that we can  

  • carry out analysis and profiling of our supporters or potential supporters; 
  • use personal information to administer, review and keep an internal record of the people we work with and support us; 
  • share personal information between relevant teams and committees within Money Advice Trust and between Money Advice Trust’s group companies and fundraising partners; 

 We only rely on legitimate interests where we consider that any potential impact on you (positive and negative), how intrusive it is from a privacy perspective and your rights under data protection laws do not override our (or others’) interests in us using your information in this way. 

 For our Training & Consultancy work, we use both the lawful basis of Consent (for our marketing emails) and Contract (for providing a contractual service for employer- funding training). 

How we collect information about you?  

Information you provide to us directly 

If you sign up to one of our newsletters or complete an enquiry or order form, we will retain this information. This will not be sent to any other organisation. Should you wish to be removed from the newsletter/s at any point please either unsubscribe from the link in the most recent newsletter, or contact using info@moneyadvicetrust.org. Once this purpose no longer applies, this information will be deleted unless there is a legal or business reason to retain these emails, then a clearly defined retention time will be agreed after which time the emails will be deleted.  

Publicly available information 

We supplement information on our supporters with information from publicly available sources such as charity websites and annual reviews, corporate websites, public social media accounts, the electoral register and Companies House to create a fuller understanding of someone’s interest and support for Money Advice Trust. For more information, please see our section on “Building profiles of supporters” below. 

What personal information do we collect?  

We may collect, store and use the following kinds of personal information:  

your name;  

your contact details (including postal address, telephone number, e-mail address and/or social media identity);  

your date of birth;  

your gender;  

information about events, activities and products which you may have participated in or which we consider to be of interest to you;  

information relating to your health (for example if you share any experiences of your situation with us;   

where you have left us a legacy, any information regarding next of kin with which you may have provided us to administer this;  

information as to whether you are a taxpayer to enable us to claim Gift Aid;  

age, nationality and ethnicity information for monitoring purposes; and  

any other personal information you provide to us.  

Where you have elected to undertake an organised fundraising activity, such as a marathon or ride, we may ask you for any health issues, dietary requirements, and details of an emergency contact. 

We only collect this type of information about our supporters to the extent that there is a clear reason for us to do so, for example asking for information for the purpose of providing appropriate facilities or support.  We will also collect this type of information if you make it public or volunteer it to us – for instance if you tell us you have experienced problem debt when applying for an Ambassador role, or use our services.   

Wherever it is practical for us to do so, we will make clear why we are collecting this type of information and what it will be used for. 

How we use personal information  

As a large organisation, carrying out many different tasks we use personal data for a wide number of purposes.  We will use personal information to:  

provide you with the services, products or information you asked for;  

administer your donation or support your fundraising, including processing Gift Aid;  

keep a record of your relationship with us;  

respond to or fulfil any requests, complaints or queries you make to us;  

understand how we can improve our services, products or information by conducting analysis and market research;  

to protect the health and safety of you, our staff, volunteers and other members of the public;  

further our charitable objectives;  

send you correspondence and communicate with you, using traditional channels and via social media platforms  

process applications for funding and for administration of our role in the projects we fund;  

monitor the appropriate use of grant funds, including expenditure on individual salaries, and consider any virement requests  

ensure that participants involved in problem debt research are treated with dignity and respect  

contact you if enter your details onto one of our online forms, and if you don’t ‘send’ or ‘submit’ the form, to see if we can help with any problems you may be experiencing with the form or our websites;  

generate reports on our work, services and events;  

safeguard our staff and volunteers;  

conduct due diligence and ethical screening;  

Identify potential supporters, donors, researchers or other partners;  

audit and administer our accounts;  

meet our legal obligations, for instance to perform contracts between you and us, or our obligations to regulators, government and/or law enforcement bodies;  

carry out fraud prevention and money laundering checks;  

undertake credit risk reduction activities; and/or  

establish, defend or enforce legal claims. 

We use information we hold about our supporters and potential supporters to research their potential to be a significant donor or volunteer fundraiser for Money Advice Trust and collect additional details relating to their employment and any philanthropic activity. We may also estimate their gift capacity, based on their visible assets, history of charitable giving and how connected they are to Money Advice Trust and our mission. 

 

 

Clients 

 HR 

If you apply for a role with us, we will only use the data you supply to us in CVs or application forms for recruitment purposes. This data will be held for 12 months. Add in detail related to job applicants  

You can access our job applicant privacy policy here. 

Services 

If you use one of our services you can find details about how they deal with your personal data in their Privacy Policies here.  

https://nationaldebtline.org/policies/privacy/ 

https://www.businessdebtline.org/privacy/ 

https://wiseradviser.org/wiseradviser-privacy-policy/ 

Your personal data rights  

We are open and transparent about how we use your personal data and, where possible, give you choice over what data is held and how it is used.  

The Data Protection Act (2018) sets out the rights you have over how organisations should treat an individual’s data. These are as follows.  

  • Right to be informed 
  • Right of access
  • Right to rectification 
  • Rights to object to, or restrict the use of your data 
  • Right to erasure 
  • Right to data portability 
  • Rights in relation to automated decision making and profiling 
  • Rights relating to direct marketing 

Right to be informed  

The Trust will ensure that all individuals understand why their data is being obtained, how it is being used and how they can access it. We shall provide this information in a manner that is clear, transparent and easily accessible. This information is provided for all ways in which you may communicate with us.  

Right of access  

You have the right to find out what personal data we hold about you, and to receive a copy of that data. This is commonly known as a ‘Data Subject Access Request’. Please refer to the subject access request section below if you want further information on how to access your data. We will always ensure that you can access your data quickly and easily.  

Right to rectification  

To provide advice that is comprehensive, accurate and tailored to the circumstances of each person that we help, the Trust needs to hold accurate data about you. If you believe that your personal data is inaccurate or incomplete please let us know and we will ensure that this is rectified. If the Trust has disclosed the personal data in question to third parties it will inform them of the rectification where possible.  

Rights to object to, and restrict the use of your data  

You can ask to remove your personal details at any time if you object to or wish to restrict any processing of your data. However, this does not affect the lawfulness of any processing carried out before you notify us that you want your personal details removed.  

We have no obligation to stop using your data if your data is required for legal proceedings or the establishment, exercise or defence of legal rights.  

Right to erasure  

The Trust wants you to be comfortable about the data that we hold about you. Therefore, you have a right to have your personal data deleted in the following circumstances:  

  • you no longer want us to process your data  
  • you object to the use of your data and we have no overriding reason to keep it;
  • we no longer need your data for the original reason is was collected for;
  • we have collected your data unlawfully; or 
  • you successfully object to its processing. 

The Trust can refuse to comply with your request for deletion of your data only in certain limited circumstances.  

Right to data portability  

Should you wish for your data to be provided to you in a machine readable format (e.g. CSV file) so that another organisation can process this data, then the Trust will facilitate this where possible. Please contact the  

DPO@MoneyAdvicetrust.org  for more information.  

Rights in relation to automated decision making and profiling  

The Trust does not used automated decision making in any of its processes.  

Rights relating to direct marketing  

The Trust only uses personal data for direct marketing in the following instances.  

  • Stakeholder contact details for email marketing to promote our commercial Training and Consultancy services. 
  • Contact details for advisers for email marketing to promote our Wiseradviser courses. 

Permission will be obtained when the contact details are provided together with details of how your details will be processed. You can ask for your details to be removed from our systems any time by contacting us.  

Information we automatically collect from your computer  

When you visit the Money Advice Trust website our web server automatically records your IP address. This IP address is not linked to any of your personal information. We use IP addresses to help us administer the site to collect demographic information and to find out such things as how many people are visiting pages on our site.  

Our website may also use a website recording service which may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. Data collected by this service is used to improve our website usability. The information collected is stored and is used for aggregated and statistical reporting and is not shared with anybody else.  

We may also gather other non-personal information (from which we cannot identify you) such as the type of internet browser you use so that we can provide you with a more effective service.  

For a comprehensive overview of how we use cookies please refer to our Cookies Policy.  

How will we use automatically collected information from your computer 

We will use some of this information to:  

  • carry out marketing analysis and make general improvements to our site;
  • analyse how users are making use of the site; and 

We may collect anonymous data which is shared with our partner agencies, funders and the government. This enables us to demonstrate demand and use of the site. 

Transferring your information outside of Europe  

We do not routinely transfer personal information we collect outside of the European Economic Area (EEA). However, in the event that we needed to, we would ensure that your personal information was adequately protected. We will put in place protective measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respect the UK and EU laws on data protection.  

How secure is my information with third-party service providers?  

All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions. A data sharing agreement that sets out how we expect third parties to handle any data we share with them is required to be in place before we share any data. Ongoing checks are carried out on these arrangements at regular intervals.  

Appropriate specific protective measures include for example, model clauses in data sharing contracts and ongoing security assessments. If you require further information about these measures you can request it from  

DPO@MoneyAdvicetrust.org  

How to make a subject access request  

You can make a subject access request by calling us or by email to: DPO@moneyadvicetrust.org.uk.  

To make a valid subject access request the following information must be provided.  

  • Personal details: your name, address, date of birth and any previous addresses detailed on the record. 
  • Proof of identity: two forms of identification will be required. One of these must be something like a driving license, passport or birth certificate (see request form for a full list), and the other, a form of address verification dated in the last 3 months (see the request form for acceptable forms of ID). 
  • Representative details: only applicable if you are applying for a subject access request on behalf of someone else. 

The Money Advice Trust will comply with requests for access to personal information as quickly as possible but will ensure that the information is provided within one month, as required by the Data Protection Act.  

Is there a fee?  

There is no fee for a subject access request. However, we can charge a ‘reasonable’ fee when a request is excessive or particularly repetitive.  

What happens if some of the information we hold is incorrect?  

You are entitled to have your personal data rectified if it is inaccurate or incomplete. We will respond to any requests for rectification within one month. This can be extended to two months where the request for rectification is complex. If we decide not to take any action to rectify the data we will explain why and inform you of your right to complain to the Information Commissioner’s Office (ICO).  

You also have a right to request deletion or removal of your personal data where there is no compelling reason for its continued processing.  

  • Where the personal data is no longer accurate or when you request your personal data is removed 
  • When you object to the processing and there is no overriding legitimate interest for continuing to process it. 
  • The personal data was unlawfully processed. 
  • The data has to be erased in order to comply with a legal obligation. 

What if I want to complain?  

If you are unhappy with the way the subject access request has been handled or how your personal data has been handled, you can make a formal complaint. Please refer to our Complaints Policy 

If you are still dissatisfied with the outcome of your complaint after following our process then you can lodge a complaint with the ICO who will investigate the matter.  

For more information on data protection and subject access request, please visit www.ico.org.uk. 

 

 

Back to top