Company Privacy Notice
Dynamo Mortgages Limited is registered in England under company number 05695802. Registered address Countrywide House, 6 Caldecotte Lake Business Park, Caldecotte Lake Drive, Caldecotte, Milton Keynes, MK7 8JT. Dynamo Mortgages Limited is committed to ensuring that your privacy is protected and our use of your personal information is governed by this Privacy Notice. It relates to the following businesses which are trading names of Dynamo Mortgages Limited which are Dynamo, Dynamo for Intermediaries and The Good Mortgage Company.
On this site, the phrases “Dynamo”, “us”, “we” or “our” will mean those businesses, representative offices, branches and applicable third parties which are majority-owned subsidiaries of Connells Limited on behalf of and in respect of whom this Privacy Notice is made.
Any reference to “you” or “your” refers to anyone whose personal information we process.
If there are any changes to the way in which your personal information is used, this Privacy Notice will be updated. If we make substantial changes to our Privacy Notice we will endeavour to inform you directly about these changes.
1. WHO WE ARE
The appropriate data controller (which determines the purpose and means of “processing” your personal information) will be the business which you have instructed and if you are in any doubt about the identity of the data controller in your case, you should ask your usual contact or representative or refer to any documentation we provide to you. The ICO Registration number of Dynamo is Z9331443.
Dynamo is part of the Connells Group and all data protection matters are handled at Group level. You can find details of all Connells Group subsidiaries by following this link. ICO Registration Numbers of these subsidiaries are available upon request.
Dynamo acts as a controller for the personal information that it collects and uses about you. We may also act as a processor in some instances. In all cases, we will treat your personal information as confidential and in accordance with applicable data protection legislation and your personal information will only be shared with others in accordance with this Privacy Notice.
2. WHAT PERSONAL INFORMATION IS COVERED IN THIS PRIVACY NOTICE
Personal data – this is any information that tells us something about you. This could include information such as name, contact details, date of birth, bank account details or any information about your needs or circumstances which would allow us to identify you.
Special Category data – this is information which is classified as “sensitive” under data protection legislation. Examples of which include; health data, religion or sexual orientation. There are also restrictions when we can collect and use criminal conviction data which will be set out to you should this be requested. This special category data requires us to have additional lawful bases under the Data Protection Act 2018 to collect, store and process.
3. WHAT PERSONAL INFORMATION WE COLLECT
We will collect your full name and necessary contact details (such as phone number, email address and address) from you whenever you engage with us.
Depending on the service we provide you (or on your behalf) we may also collect additional personal information as detailed in the table below;
If you are enquiring about or applying for a mortgage or protection product or service:
| Personal information we may collect | Why we collect it |
|---|---|
| Your name, postal address, phone number, email address and details of your requirements which may include existing protection arrangements
Previous names and aliases, mother’s maiden name, previous addresses, health and family history, information about your status and dependents including their date of birth Your marital status, gender, date of birth, nationality and tax status Employment details, national insurance number, residential status, bank details, credit history, savings and investments, existing financial commitments and personal expenditure. |
To apply or inquire about services related to mortgage or protection products.
To carry out referencing and credit checks and the results of those checks. |
| Proof of identity to include, but is not limited to, passport, driving licence, and address documents.
We may also need to collect information on other individuals who have an interest in the property who are not considered to be our customers. Details of your mortgage arrangements, confirmation of how long you have owned the property and details of the source of monies invested in the property |
To perform ‘know your client’, anti-money laundering, and counter terrorist financing requirements as required by law. |
| Your bank account details or payment card information | Processing payments and transactions including: Accounting, Authorisation, Clearing, Chargebacks, Auditing, Billing, Reconciliation, Collection, Credit Checks and related dispute resolution activities |
| Bank Statements, Mortgage Statement, Proof of deposit, Payslips and P60, Accounts, SA302s & SA100s, Tax Year Overviews, ID and proof of address, ASTs | Supporting your mortgage and/or insurance application. |
| Facial recognition data | To deliver client ID verification checks. |
| IP address, browser type, operating system, URL information | To improve our services provided to customers through insight. |
| Communication and marketing preferences | To ensure we only send you details of products and services you are interested in through your preferred communication channel. |
We may, during the course of your relationship with us, request additional information from you which is relevant to the provision of specific services.
We do not offer any products or services to children. In certain circumstances (for example a mortgage or protection application) we may need to collect the name and date of birth of children from mortgage or protection applicants, and share this with the selected mortgage lender or protection provider.
Any telephone calls either to or from our customer service teams may be monitored for training, compliance and security purposes.
4. HOW WE COLLECT YOUR PERSONAL INFORMATION
Direct interactions – personal information you disclose when you fill in forms, surveys, or correspond with us by post, phone, email, web, social or otherwise; or through portals when you enquire about any of our services, products or promotions.
Indirect interactions – personal information you disclose to third parties such as, but not limited to, another Connells Group company, payment service providers, data brokers or aggregators to match against our databases a list of which is available on request from the Group Data Protection Office; or which is available through publicly available sources or registers such as Land Registry, Companies House, the Electoral Register, Government or Police Databases, your employer, next of kin of delegated authorities.
Politically Exposed Persons (PEP) and Sanctioned Individuals are provided by a third party that interrogates national and international public domain sources and matches the data to the client subject to an AML check. The purpose is to comply with Anti Money Laundering requirements.
5. HOW WE USE YOUR PERSONAL INFORMATION
We will process the information you provide or we obtain from other sources to provide you with products and services and answer any questions you may have.
Under data protection legislation we are only permitted to use your personal information if we have a legal basis for doing so. We rely on the following legal bases to process and use your information:
- Performance of a contract – this is where the collection and processing of your personal information is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract.
- Legal obligation – this is where the collection and processing of your personal information is necessary for compliance with a legal obligation, for example verification of identity and fraud prevention.
- Consent – where we process personal information under consent we will seek your clear and unambiguous consent before processing your data for example to send and/or receive marketing information from Connells Group companies.
- Legitimate interest – some personal information is processed by Connells Group companies as part of its legitimate interests which include network and information security, web analytics, updating customer details, lettings, sales, and other core services. Connells Group may also rely on legitimate interest to process personal information related to direct marketing, web analytics, sales, lettings and other services.
Where we may process special categories of personal information and criminal conviction information we do so under additional lawful bases of the Data Protection Act. These may include, but are not limited to:
- Where you have provided explicit consent
- Where processing is necessary for the establishment, exercise, or defence of legal claims.
6. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
6.1 Personal data we share within Connells Group
We may share your information within our group companies, where necessary, for the provision of services. The Connells Group of companies includes all subsidiaries, including the companies listed on our website.
6.2 Sharing with third parties
We will share personal information with our regulators, governmental or quasi-governmental organisations, law enforcement authorities and with courts, tribunals and arbitrators as may be required from time to time in order to comply with our regulatory and legal obligations.
Where we engage third party service providers to provide products (such as mortgages, house and contents and family protection insurances) or other business services and operations on our behalf, we provide them with only the personal information they need to perform the service we request. This includes IT systems providers and IT contractors as well as third party referencing or screening agencies for the purposes of the prevention and detection of crime. We contractually require them to securely protect information, and not to use it for any other purpose.
Indicatively – but not limited to – we may disclose your information to the third parties listed below for the purposes listed:
| Third party | Why we share it |
|---|---|
| Surveyors | To undertake a structural or Homebuyers survey |
| Firms on our conveyancing panel | To provide home conveyancing services |
| Firms on our mortgage lender panel | To progress your enquiry or application for a residential or buy to let mortgage, Second Charge Loan, Bridging Finance or development finance applications |
| Firms on our insurance provider panel | To progress your enquiry or application for buildings and contents insurance
To progress your enquiry or application for term insurance, critical illness cover and income protection |
| Firms on our protection provider panel | To progress your enquiry or application for term insurance, critical illness cover and income protection |
| Referencing Companies, Credit and Risk agencies a list of which is available on request | To run automatic checks on your creditworthiness and to help prevent fraud and money laundering
For fraud prevention, anti-money laundering checks and identity verification |
| Rent and Legal insurance providers | To set up landlord insurances, and in the event of a claim |
| Debt collection companies including MIL Outsource | To assist us in recovering any monies which we are owed and overdue.
Matching personal data to publicly available sources e.g. Land Registry. |
| Law enforcement bodies including the police, HMRC and local authorities | To comply with court orders or legal obligations |
| Land Registry Office | For conveyancing services |
6.3 Automated Decision Making
Some of the services provided by third parties may involve an automated decision, matching and/or credit scoring process. Any credit scoring methods used by third parties are regularly tested to ensure they remain fair, effective and unbiased.
7. HOW WE KEEP YOUR PERSONAL INFORMATION SECURE
The security of your personal information is extremely important to us, and we therefore have measures in place to ensure it stays safe, is not damaged, destroyed or misused, and prevents unauthorised access. The measures include, but are not limited to:
- Client software systems – all systems have protections in place to protect against both unauthorised access, and other external factors that could cause damage to, your personal data. There are strict access requirements in place and access is restricted to those absolutely necessary.
- Hard copy paper files – stored in a secure facility with restricted physical access.
We provide data protection training to all employees and workers who need access to and process personal information.
Where – in line with this Privacy Notice – information is shared with third parties, similar security measures are used to protect your information.
8. HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR
We will keep your information for as long as is reasonably necessary for the purposes set out in this privacy notice, and to fulfil our legal and regulatory obligations.
The time period may vary depending on type of service or product you have requested from us. In certain circumstances we have a statutory obligation to keep your personal information for a set period of time, for example, financial information (normally 7 years) for financial auditing purposes. Information is always retained in line with its purpose of processing and only for as long as necessary usually, information is kept for 7 years after last contact with you. However, the retention period may be extended dependent upon any legal or contractual obligations Connells Group may be required to comply with, as well as any overriding business legitimate interests.
9. OVERSEAS TRANSFERS OF YOUR PERSONAL INFORMATION
We are based within the UK, however some of the third parties and agents that we work with may be based outside of the European Economic Area (EEA), so processing of your personal information may involve a transfer of data outside of the EEA. Whenever we transfer your personal information outside of the EEA, we will always ensure it is protected by making sure we have safeguards in place. This might mean only transferring your personal information to a country that has been deemed by the European Commission to provide an adequate level of protection, or by using specific contractual protections.
You can contact us at [email protected] for details of how we protect specific transfers of your data.
All information that you provide us with is stored on our secure servers, or those of our third parties’ data storage providers.
10. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
- Your right of access – you have the right to ask us for copies of your personal information. Exemptions within the legislation could mean that you may not receive all the information we process. If this is applicable an explanation will be provided to you within our response.
- Your right to rectification – you have the right to request that inaccurate information is rectified and incomplete information completed.
- Your right to erasure – you have the right to request your personal information be deleted by us in certain circumstances.
- Your right to restrict processing – you have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – you have the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – you have the right to request whether and to where we may have transferred your personal data.
- Rights related to automated decision making and profiling – you have the right not to be subjected to a decision based solely on automated processing (including profiling) which may significantly affect you.
If you would like to make a request to exercise any of your individual rights described in this section, please email [email protected] including the brand/company and business relationship it is in relation to. Upon receipt of your request, Dynamo will carry out a review and a response determining our decision will be provided to you within the recommended timescales.
11. HOW TO CONTACT US
Contact details
If you have any questions, comments or requests regarding any aspect of this Privacy Notice, or how we handle your personal information, please do not hesitate to contact us by sending an email to [email protected] or writing to the Compliance Team, Dynamo, Building Eight, Watchmoor Park, Camberley, Surrey, GU15 3YL.
If you have a question regarding a subject access request, please contact [email protected].
If you have a complaint about the way in which your personal information has been processed, you have the right to contact the Information Commissioner's Office but we would suggest that you first complete our internal complaints procedure and we will try to address your concerns.
Complaints
If you have any complaints about the way we use your personal information please contact your usual business contact.
Dynamo also operates a mortgage club called Dynamo for Intermediaries which has a membership of independent mortgage advisors with whom you may already be in the process of receiving financial advice from. Dynamo for Intermediaries will process the personal information your advisor may share to continue your application, processing as a mortgage packager. At this stage, the full application & supporting documents will be packaged and input onto the lender's portal on behalf of your advisor as well as being entered and stored onto our systems, therefore, all this Privacy Notice relates also to those individuals whose data has been shared by their advisor for this administrative purpose.
We will occasionally update our Privacy Notice, so we suggest that you review this Notice from time to time. If we make substantial changes to our Privacy Notice, we will endeavour to inform you directly about these changes.
Last updated 23 October 2023