privacy & cookie policy

Owner And Data Controller

Nationwide Payments (the Company) take your privacy seriously. This Privacy Policy describes who we are and how and why we collect, store, use and share your personal data in accordance with the Data Protection Legislation. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have enquiries.

We collect, use and are responsible for certain personal data about you, which we process prior to, during and after your business relationship with us. This Privacy Policy is relevant to anyone who uses or makes enquiries our services, as well as website users. If you have signed an agreement with us, such as a Merchant Service Agreement, Epos systems, and telecoms supply for businesses. The agreement shall prevail and, as set out in the Data Protection Legislation, this notice shall be used for information purposes only.

We are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services we offer to individuals and our wider operations in the European Economic Area (EEA).

In this notice Nationwide Payments means:-

Nationwide Payments Limited,

Company Registration Number: 13447979

Registered Address: Unit 8 The Courtyard Goldsmith Way, Eliot Business Park, Nuneaton, Warwickshire, CV10 7RJ.

The Company is the “Controller”, as defined in the UK GDPR. This means that we are responsible for deciding how we hold and use Personal Data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.

We have appointed a Data Protection Officer (DPO) to oversee compliance with our data protection obligations. You can contact the DPO if you would like to make some enquiries on how we process your personal data or related matters their email address is: dean.ohara@nationwide-payments.co.uk

Alternatively write or telephone:-

Nationwide Payments, 19 Ptarmigan Place, Attleborough Fields Industrial Estate, Nuneaton, CV11 6RX

☎ 024 7632 8995

Key terms

Data Protection Legislation refers to any of the following legislation:-

• Data Protection Act 2018
• (EU) General Data Protection Regulation (GDPR)
• UK General Data Protection Regulation (UK GDPR)
• Privacy and Electronic Communications Regulations 2003 (PECR)

We are – Nationwide Payments Limited,

Our data protection officer: dean.ohara@nationwide-payments.co.uk

Personal data means any information relating to an identified or identifiable individual.

Special category personal data means:-

• Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership
• Genetic and biometric data (when processed to uniquely identify an individual)
• Data concerning health, sex life or sexual orientation

Data subject means the individual whose personal data is processed by a Controller or Processor

The personal data we collect about you depends on the particular products and services we offer you. We may collect and use the following personal data about you:-

• your name and contact information, including email address, telephone number and company details
• information to check and verify your identity, e.g. your date of birth
• your gender, if you choose to give this to us
• location data
• your billing information, transaction and payment card information
• your professional online presence, e.g. LinkedIn profile
• your contact history
• upon your express consent, information to enable us to undertake credit or other financial checks on you
• information on how you use our website, IT, communication and other systems

We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below. If you do not provide personal data we ask for, it may delay or prevent us from providing products and services to you.

How your personal data is collected

We collect most of this personal data directly from you—in person, by telephone, text or email and/or via our website and apps. However, we may also collect information:

• from publicly accessible sources, e.g. Companies House
• directly from a third party, e.g.: credit reference agencies; customer due diligence providers;
• from a third party with your consent, e.g. your bank or building society;
• from cookies on our website—for more information on our use of cookies, please see our cookie policy
• via our IT systems, e.g.: details entered by customers on our website

How and why we use your personal data. Under the Data Protection Legislation, we can only use your personal data if we have a proper reason, e.g.:

• where you have given consent;
• to comply with our legal and regulatory obligations;
• for the performance of a contract with you or to take steps at your request before entering into a contract; or
• for our legitimate interests or those of a third party.

A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.

What we use your personal data for and why:-

Providing products and services to you, in order to perform our contract with you or to take steps at your request before entering into a contract. These companies include Elavon, DNA Payments Group, Epos Now, Daisy Telecomms, BT.

Preventing and detecting fraud against you or us to meet out regulatory and legal obligations including conducting checks to identify our customers and verify their identity, and to meet our legitimate interest, i.e. to minimise fraud that could be damaging for you and/or us.

Other activities necessary to comply with professional, legal and regulatory obligations that apply to our business, e.g. rules issued by our professional regulator.

To comply with our legal and regulatory obligations.

To enforce legal rights or defend or undertake legal proceedings.

For our legitimate interests, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you, and to be as efficient as we can so we can deliver the best service to you at the best price.

Ensuring the confidentiality of commercially sensitive information.

Preventing unauthorised access and modifications to systems.

Statutory returns – to comply with our legal and regulatory obligations

Marketing our services and those of selected third parties to:-

• existing and former customers;
• third parties who have previously expressed an interest in our services;
• third parties with whom we have had no previous dealings where we have a lawful basis to do so.

Locations of Data Storage

Oor offsite storage is Microsoft Azure storage in the UK South region offering up to 2 weeks data retention for disaster restores. All backups, both onsite and offsite, are encrypted in transit and at rest to AES-256 encryption standard.

We will not keep your personal data for longer than we need it for the purpose for which it is used.

Your Rights

You have the following rights, which you can exercise free of charge:-

How to make enquiries about your personal data and how we use it, or to complain.

Please contact us if you have any queries or concerns about our use of your personal data, see above for our contact details. We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with:

The Information Commissioner

The Information Commissioner may be contacted using the details at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.

Cookies Policy

The Internet pages of this website likely use cookies by default. Cookies are text files that are stored in a computer system via an Internet browser. Many Internet sites and servers use cookies. Many cookies contain a cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. A specific Internet browser can be recognised and identified using the unique cookie ID. Through the use of cookies, we can provide the users of this website with more user-friendly services that would not be easily possible without the cookie setting – something that has become a standard practice with websites for many years. By means of a cookie, the information and offers on our website can be optimised with the user in mind.

The purpose of this recognition is to make it easier for users to utilise our website. The website user that uses cookies, e.g. does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user’s computer system. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles that a customer has placed in the virtual shopping cart via a cookie. The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable. Please refer to your browsers own settings and documentation, or search online for latest information on how to do this.

It is possible to remove any cookies that have already been set by changing your browser settings. Please see some quick links to the most popular browsers. (A quick search should reveal the actions needed if you are using a different browser.) Internet Explorer: https://www.wikihow.com/Delete-Browsing-History-in-Internet-Explorer  Firefox: https://www.wikihow.com/Clear-Cookies-in-Firefox  Chrome: https://www.wikihow.com/Delete-Cookies-in-Google-Chrome  Safari: https://www.wikihow.com/Delete-Cookies-on-a-Mac  

You can also set privacy and cookie levels within the browser settings.