Northmill privacy and cookie policy

2019-09-20

Northmills privacy policy – we care about your personal privacy

Northmill Bank AB (“Northmill” below) respects your personal privacy and makes sure you can feel safe about the way we collect data about you. To make it possible for us to offer you financial services in a user-friendly way, we need to collect some personal information. Below, you can read about what data Northmill collects from you, what purpose it is collected for, the legal grounds for processing the data, how long your data is stored and more. If you have questions regarding privacy and data protection, you can always reach out to us by sending an email to dataprotection@northmill.com.

By using Northmill’s services, you accept our privacy policy and our processing of your personal records. You also accept that Northmill can use their electronic communications channels to send information to you. It is important that you read and understand our privacy policy before using our services.

NB! Northmill.com is not a website that is collecting actively personal information of its visitors, except for cookies for administrative use. This document describes merely how Northmill works with Data Privacy on its consumer lending services:

www.credigo.se
www.credigo.fi
www.easycredit.se
www.easycredit.fi
www.credway.se
www.rebilla.com


What types of data do we process and how do we collect it?

We want to offer, develop and enhance our services and products to create attractive offers for you as a consumer. To do that, we process your personal information. Below we explain what data we gather, broken down into different categories. You are not required to give us your data, but if you do not, we cannot guarantee that we can offer you our services or products.

We collect the following information about you:

  • Personal- and contact information - name, date of birth, social security number, invoice- and delivery address, email address, telephone number etc.
  • Information about services - details about the services you have used.
  • Financial information - your income, credits that you might have, negative payment history.
  • Historical information - your payment- and credit history.
  • Information regarding how you integrate with Northmill - how you use our services, including response time for pages, download errors, how you reached and left the service, as well as delivery notices when we contact you.
  • Device information - e.g. IP-address, language settings, browser settings, time zone, operating system, platform and screen resolution.
  • Geographic information - your geographic location.

We collect your data in different ways:

  • Through your contacts with us, e.g. when you become a customer or if you contact our customer service.
  • By using any of our services or products, e.g. applying for a loan.
  • By gathering data from other external sources, e.g. personal registries or credit checks.
  • By using cookies on our websites.

What do we do with your data?

For us to process your data, there needs to be legal support in existing legislation. For our treatment of your data to be legal, the data has to be required to

  • fulfill our agreement and commitments towards you
  • complete a legal obligation that is mandatory for Northmill to comply with.

The treatment of your personal data can also be used if:

  • after balancing interests, Northmill’s interest in collecting data is weighed against your interest in privacy protection
  • you consent to the process. A consent is given separately and you can always recall it by contacting customer service.

To offer you products and services, we need to process your personal data. Below you can read about the legally supported purposes for which we gather your personal data. The resources we save by collecting personal data varies depending on what the data is used for. We never save data longer than needed for actual use cases.

Providing and fulfilling agreements relating to products and services

We treat customer data and traffic data to be able to provide you with products and services, complete agreements and protect our rights in accordance to the agreement. For example, we need to be able to identify you as a customer, handle your lending errands, handle your invoices and payments for services, credit checks, directory assistance, troubleshooting and error correcting, handling feedback and return complaints for services.

Legal ground: fulfillment of agreement, legal obligation.

Develop and improve our products and services

We process customer data, such as making selections and performing customer surveys, to develop and improve our operations, and our products and services that we can provide you, as well as our processes and methods.

Legal ground: justifiable interest

Provide and improve service to our customers

We process customer data such as your case history, to offer our customer service, to offer self-service, and to constantly educate our coworkers and improve our working methodology so that we can always offer you the best possible service. When you contact us, the communication could be subject for analysis.

Legal ground: fulfillment of agreement, justifiable interest (Northmill has a justifiable interest to maintain good customer service).

Direct marketing

We process customer data, for example by analyzing and processing statistics, to offer you relevant offers regarding our services. Vi process lending data by gathering, saving, processing and analyzing, for example by analyzing how you use our services, to tailor offers that is suitable for you. The marketing is done through e.g. letter, telephone, sms and email.

Information security and preventing abuse of products and services

We treat customer-  and traffic data to be able to protect security for all our services, products and electronic communication networks., to discover and prevent prohibited use of the service or product or/and to discover and prevent fraud, virus attacks and more.

Legal ground: justifiable interest (Northmill has a justifiable interest in upholding the security for our services and networks) and legal obligation.

Fulfill legal obligation or other constitution, government regulation, decision, request or guidelines to protect our interests.

We process your customer- and lending data to fulfill our obligations according to the law or other constitutions, government regulation, decision, request or guidelines, for example we save data in accordance with national  accounting, anti-money laundering and anti-terrorism financing laws.

Legal ground: legal obligation.

How long we save your data

Northmill only saves customer data as long as it is necessary to execute contractual obligations towards the customer, and as long as it is legally required. When the Company saves customer data for other purposes than for their contractual obligation, for example to fulfill requirements for actions against money laundering, accounting and other regulatory demands, the data is saved only as long as it is necessary and/or legally obligated for their respective purposes.

Cookies

Northmill uses cookies to improve your user experience and to give you as a visitor access to certain functionality. Our cookies do not save information such as names or personal data.

What is a cookie?

A cookie is a small text file that may be saved on your computer by the website you visit.

Cookies are used mostly for administrative purposes and to improve your experience with our web sites. We do not use cookies to store any personal information that could be read or understood by others.Cookies enables us to:

  • creating personalized offers
  • receiving information regarding how visitors interact with the site
  • enable services and functions

How to deactivate cookies?

The Help menu on the menu bar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-ons settings or visiting the Web site of its manufacturer. Some of our sites employ “functionality cookies” that help the site remember your settings and preferences for use when you visit the site in the future. This provides a more tailored and pleasant user experience. These cookies store information in multiple places. On those site using functionality cookies, you will find a “Delete Cookies” feature on every page that will allow you to delete these cookies completely from your device. Please note that, if you decline to use cookies, you may experience reduced functionality and, for sites using authentication-related cookies, declining cookies will prevent you from using the Web site altogether. To learn more about what cookies are set on your computer as you browse the Web and how to manage or delete them, visit www.allaboutcookies.org.

To whom we give out your information

We give to suppliers or companies in our Group that handles data on our behalf.

We hire suppliers and in some cases companies within our own Group to enable delivery of our services. This means that they too need certain information about you as a customer. However, these parties are not permitted to use your personal data for any other purpose than to supply the service, or according to terms set by Northmill.

Transmission of personal data to third country

Northmill are always aiming to process data within the EU/EES. However, in certain situations the data might be transferred to, and processed in, countries outside the EU/EES - but always under the protection of Privacy Shield - by Northmill or some other supplier.

As Northmill is determined to always protect customer data, Northmill will take all reasonable legal, technical and organizational actions to ensure that customer data is handled safe and at an adequate protection level, comparable to and at the same level as the protection that is offered within the EU.

Other recipients

We also may provide information about you to other recipients where we according to law or government regulation are obligated to provide data to such authorities that has the legal right to obtain that information.

Your rights

In accordance with existing law, you have a number of rights which entails that you can receive information about, and get control over, your own personal data.

Here we list your rights, and at the end of this policy you will find contact information for Northmill, which you can use if you want to practice these rights.

You normally have the right to use the rights listed below free och charge. However, if the request is obviously unsubstantiated or unreasonable, we have the right to charge a reasonable fee or choose not to accommodate the request.

We will answer a request from you without unnecessary delay. If additional time would be required, or if we for some reason cannot accommodate your request, we will inform you of this. We can also request additional information from you if necessary for us to confirm your identity and ensure that you are who you’re claiming to be, rather than someone else who is trying to access or take control over your personal data.

Right to information and access to your personal data

You have the right to request a confirmation regarding how we process personal data about you, and if that is the case, we will inform you about how your personal data is being processed. You also have the right to receive a copy of the data that we process (through a transcript from our records). If you demand additional copies, we have the right to charge a reasonable fee for this.

Right to correction

It’s important for us that the personal data that we provide about you is correct. If the data is incorrect, you have a right to turn to us and have the data corrected. You also have the right to request that data is added if something is missing, if the addition is relevant in relation to the purpose of the process. We will inform those who we have given your information to, that a correction has taken place. We will also, at your request, inform you of to whom the correction has been given.

Right to be deleted

You have the right to turn to us to request that your personal data is deleted if:

  • The data no longer is required for the purpose it was collected.
  • If the collection is grounded solely on your consent and you rescind said consent.
  • If the collection is being done for direct marketing and you do not consent to the data being collected.
  • If you oppose personal data collection that is done after a balancing of interest and there is not a justifiable reason that weighs heavier than your interest.
  • If the collection of your data does not have current law.
  • If deletions is required to fulfill a legal obligation.

However, in certain cases we cannot accommodate a request regarding deletion, e.g. if we are legally obligated to save the data. If deletion takes place we will inform those we have given your data to that a deletion has been executed. We will also, at your request, inform you of to whom information regarding deletion has been given.

Right to oppose

You always have the right to, at any time, oppose that your data is used for direct marketing. You can do this by contacting us at Northmill, or by logging in to your “My Pages” for respective service and mark that you do not wish to get offers sent to you. If you do such an opposition, we will no longer collect your information for this need.

You also have the right to oppose that we collect your data with support by a balancing of interest. If we cannot show that there are justifiable reasons for the collection that weighs heavier than your reasons, the collection shall cease.

Right to limitation of collection

You have the right to get in touch with us and request that the collection of your personal data is limited and that the data is only used by us in the following situations:

  • During the time it takes for us to control whether the personal data is correct, if you oppose the correctness of the personal data.
  • If the collection is illegal and you oppose the data being deleted, and instead want us to limit the use of these.
  • If you, despite us no longer needing the data, want us to keep them so you can establish, claim or defend legal claim.
  • Waiting for control of who’s reasoning is justification, yours or ours, is weighed the heaviest because you have opposed the collection.

However, in certain cases we cannot accommodate a request of limitation, e.g. if the data is needed for us to defend our rights or protect someone else’s rights. If limitation is performed, we will inform those who we have given your data that a limitation has been performed. We will also, at your request, inform you to whom we have given information regarding that a limitation has been performed.

Right to data portability

You have the right to request to get all your personal information in a machine-readable format and has rights to use such data elsewhere. This right applies to such personal data that you have provided to us and is collected with the support of your consent, or if the collection is grounded in an agreement with us.


Contact information for Northmill and our data protection agent

If you have questions or want to exercise your right to rescind consent:

  • Contact our customer service via phone at +468-558 033 38 or email info@northmill.com.

If you do not want our direct marketing

You always have the right to decline our direct marketing of products and services that is sent via SMS, email, telemarketing or per mail.

Log on to My Pages for respective service and mark that you do not wish to receive direct marketing, or call our customer service, or click deregister in our SMS or email. You can also deregister per mail to the address below. If this is the case, provide us with your name, social security number and what brand it is related to.

Complaints

If you consider that your personal data is collected in violation of current law, you can leave a complaint directly with us or the Swedish Data Protection Authority.

Personal data responsible Northmill

Northmill is responsible for the collection of our customers (consumers) personal data on the behalf of the brands Credigo/Easycredit/Credway/Rebilla. As personal data responsible we decide the purpose and the means for the collection.

Northmill Bank AB, Färögatan 33, 164 51 Kista, Sweden

Data protection agent Northmill

Our data protection agent surveys that vi follow existing law and treat your personal data in a correct way. If you wish to contact our data protection agent you can call our customer service at +468-558 033 38 or email dataprotection@northmill.com.

Changes to the privacy policy

Northmill is subject to change this privacy policy. It can be changed in the same manner as the general terms for the product or service that you have with us. We will also notify changes to our websites, including www.northmill.com.

We use cookies to enhance your browsing experience. By using this site you agree to the use of cookies for this purpose.