IN BRIEF

We are credit reference agencies and we play a key role in the UK’s financial ecosystem. This document explains how we obtain, process and share personal data about consumers and businesses.

This section briefly summarises the key processing activities common to the credit reference agencies. For more detail, please refer to the rest of this document. In addition, we recommend reviewing each credit reference agency’s own information notices, which explain the specific processing activities of that credit reference agency. Links to these documents can be found in section 14.

• Credit reference agencies collect information about consumers and businesses from various sources and build databases that hold all of this data.
• The sources of that information include public records, such as court judgments (CCJs) and electoral register information, and financial information from lenders, utilities suppliers and telecoms businesses.
• Lenders and other organisations carry out searches against that information with one or more credit reference agencies.
• Organisations can carry out searches for several reasons. These include assessing creditworthiness and ability to afford financial products, checking the accuracy of other information, preventing and detecting crime (such as fraud or money laundering), checking identity, tracing individuals (for example to recover debts that they owe), calculating how much their insurance premiums should be, and assessing their suitability for a job or a tenancy.
• When an organisation carries out a search of someone’s information, we will record details of that search. This is known as a search footprint.
• Credit reference agencies also use consumer data for marketing-related purposes, such as helping organisations to better direct their marketing, including by screening individuals out of advertising for credit products so that those products are not offered to people who would not be eligible for them. They may also use the data to build insight to predict information or characteristics about the population, to help organisations identify who they want to market their products and services to.
• Credit reference agencies also use the data in their databases for other activities. These include analytics and profiling, such as helping lenders build scorecards to use in assessing credit applications.
• Because not every lender supplies data to every credit reference agency, your credit reference information held at each credit reference agency might be different.
• Credit reference agencies carry out several types of data processing to help achieve the aims described above. These include loading data, matching and linking data together as well as testing, developing and building our products and services.
• Consumers have certain rights that they can seek to exercise in relation to the personal data held by credit reference agencies. For example, they have rights to obtain a copy of the data, 2 to ask the credit reference agency to correct it if it is inaccurate, and to object to the processing of the data.