© Fraud Intelligence Network 2020

Privacy Statement

Terms of Use for Using FIN System


F.I. Network Limited, (Registered in England No. 07783237) of 15 The Maples, Grove, Wantage, Oxfordshire OX12 0BA.

Who Are We? 

We are FIN, the UK travel industry's counter fraud and cybercrime body. 

In this policy: 

FIN, we, us or our means: 

F.I. Network Limited, (Registered in England No. 07783237) of 15 The Maples, Grove, Wantage, Oxfordshire OX12 0BA. 

Our websites, means: www.fraudintelnet.co.uk and businessagainstfraud.co.uk. 

Our websites are not intended for children and we do not knowingly collect data relating to children. 

________________________________________________________________________________

Contact details

If you have any questions about this policy or our privacy practices, please write to us at the following address:

Full name of legal entity: F.I. Network Limited Postal address: 15 The Maples, Grove, Wantage, Oxfordshire OX12 0BA

Or you can email us at: admin@finetwork.co.uk 

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. 

________________________________________________________________________________

Changes to this Policy

Any changes we may make to this policy in the future will be posted on this website so please check this page occasionally to ensure that you're happy with any changes. If we make any significant changes we'll make this clear on this website. 

________________________________________________________________________________

Review of this Policy

We keep this policy under regular review. This policy was last updated in July 2018. 

________________________________________________________________________________

Your Duty to Inform Us of Changes

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. 

________________________________________________________________________________

Definitions Of terms Used In This Policy 

Applicant for Membership means an entity that applies to become a Member of, or applies for a licence operated by, one of the Partner organisations. 

Crime means an act or omission that violates the law and is punishable by a sentence of incarceration. This website is specifically concerned with economic crime. 

Current Member means an entity that is an existing Member of, or licence holder of, one of the Partner Organisations. 

Economic Crime means a crime which involves the misappropriation of money examples of which include: bilking, deception, fraud, money laundering, or theft.

IP Address means the Internet Protocol which is a unique string of numbers and letters that identify every device internet enabled device (computer, laptop, palm top, smart phone, tablet) and allows it to communicate over the internet. 

Partner Organisation means one of the Membership organisations (all of which provide financial protection to travel customers, as required by UK law), the Civil Aviation Authority, an insurance provider, or a police force which is a party to this Agreement. Together they shall be the Partners. 

Previous Member means an entity that once was a Member of, or licence holder of, one of the Partner Organisations but has now ceased to be so. 

________________________________________________________________________________

How do We Collect Information from You? 

We obtain information about you in the following ways: 

Data Held Within the FIN System

Our Partner Organisations only provide and manage confirmed fraud data relating to officers of: 
 

  • Applicants for membership,

  • Current members,

  • Previous or ex-employees of Partner Organisations. 

    Data held within existing databases managed by the parties. 

    Specifically: 
     

  • Individuals full names, alias, date of birth, personal addresses and position;

  • Telephone and Mobile Phone numbers;

  • IP Addresses;

  • Directors and Company names;

  • Company Addresses and website address;

  • Companies House numbers;

  • Company VAT numbers;

  • Data relating to actual or alleged criminal convictions and offences;

  • Trial court references;

  • Civil court debt references;

  • Other related data such as vehicle registration numbers; and

  • Publicly accessible information showing whether a person is banned from holding office. 

    Information you Give us Directly 

    We may ask you for information if you approach us with a complaint or enquiry in order to help you by directing you to the correct place to deal with your issue. We will only ask you for the basic information required to understand and refer your issue to the appropriate destination organisation and once the issue has been dealt with we will not retain your data. 

    Information you Give us Indirectly 

    Your information may be shared with us by third parties, which might include:
     

  • Partner Organisations seeking our assistance on finding the best solution for a problem you have. 

    You should check any privacy policy provided to you where you give your data to a third party. 

    When you Visit our Websites 

    General Visitors - We do NOT collect and use any other personal information directly or through cookies on our website. 

    Users from Partner Organisation 

    When you, as an authorised user, logs on to use the system FIN uses internal algorithms to track and record every action you undertake in a secure audit log which is accessible to the site Administrators and is used to identify and deal with any instances of misuse. 

    Social Media 

    We at FIN do not use social media. 

    Public Information 

    We supplement information of data held within our system using information from publicly available official sources such as details of directors who have been banned from holding office for a period by the Insolvency Service, Sanctions Information published by HM Treasury, press reports of court cases, and Companies House in order to create a fuller record of someones criminal behaviour. 

    ________________________________________________________________________________

    What Type of Information is Collected from Visitors and Users of the Website? 

    Data protection laws recognise certain categories of personal information as sensitive and therefore requiring greater protection, for example information about your health, ethnicity and religion. 

    We do NOT collect sensitive data about you. 

    ________________________________________________________________________________

    How and Why is Your Information Used? 

    We may use your information for a number of different purposes, which may include: 

    Data Held in FIN:
     

  • Preventing crime or tax evasion,

  • Detecting crime or tax evasion, and

  • Reporting crime or tax evasion to the police, other enforcement bodies. 

    Data obtained through our interactions with users and visitors to the websites:
     

  • Providing you with the services, products or information you asked for.

  • carrying out our obligations under any contracts entered into between you and us;

  • keeping a record of your relationship with us;

  • conducting analysis and market research to better understand how we can improve our services, products or information;

  • seeking your views or comments on the services we provide;

  • notifying you of changes to our services;

  • sending you communications which you have requested and that may be of interest to you. These may include information about analysis we have conducted on the data, fraud alerts and research; and

  • dealing with complaints and enquiries. 

    ________________________________________________________________________________

    How Long is Your Information Kept for? 

    We keep your information for no longer than is necessary for the purposes it was collected for. The length of time we retain your personal information for is determined by operational and legal considerations. For example, we are legally required to hold some types of information to fulfil our statutory and regulatory obligations (e.g. health/safety and tax/accounting purposes). 

    We review our retention periods on a regular basis. 

    ________________________________________________________________________________

    Who has Access to Your Information? 

    We do not sell or rent your information to third parties. 

    We do not share your information with third parties for marketing purposes. 

    However, we may disclose your information to third parties in order to achieve the other purposes set out in this policy. These third parties may include:
     

  • Partner Organisations,

  • The Police,

  • Tax Authorities,

  • Enforcement Bodies, and

  • Insurance Providers. 

    ________________________________________________________________________________

    Lawful Processing 

    Data protection law requires us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant: 

    Specific Consent 

    Where you have provided specific consent to us using your personal information in a certain way, such as to send you email, text and/or telephone communications to assist you with an issue. 

    Performance of a Contract 

    Where we are entering into a contract with you or performing our obligations under it, like when you join our Partners using FIN. 

    Legal Obligation 

    Where necessary so that we can comply with a legal or regulatory obligation to which we are subject, for example where we are ordered by a court or the Information Commissioners Office. 

    Legitimate Interests

    Where it is reasonably necessary to achieve our or others legitimate interests (as long as what the information is used for is fair and does not duly impact your rights). 

    We consider our legitimate interests to be running F.I. Network in pursuit of our aims and purposes. For example to:
     

  • identify crime and tax evasion;

  • prevention of crime and tax evasion; and

  • report crime and tax evasion to the police and relevant authorities or enforcement bodies. 

    When we legitimately process your personal information in this way, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information where our interests are overridden by the impact on you, for example, where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law). 

    ________________________________________________________________________________

    Your Rights 

    Under UK data protection law, you have certain rights over the personal information that we hold about you. Here is a summary of the rights that we think apply: 

    Right of Access 

    You have a right to request access to the personal data that we hold about you. 

    You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply. 

    If you want to access your information, please send a description of the information you would like to see and proof of your identity by post to the address provided above. 

    Right to Have Your Inaccurate Personal Information Corrected 

    You have the right to have inaccurate or incomplete information we hold about you corrected. 

    The accuracy of your information is important to us so we're working on ways to make it easier for you to review and correct the information that we hold about you. Please contact us if you think there is an inaccuracy in your data. 

    If you are contacting us about inaccurate or incomplete information within the FIN system that we hold about you we will refer you directly to the organisation that provided that information as and confirmed it as an accurate record of a crime that has the access and ability to modify the record if necessary. FIN is not in a position to know why the partner organisation confirmed the data when entering it. 

    Right to Restrict Use 

    You have a right to ask us to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy, or we're not lawfully allowed to use it. 

    Right of Erasure 

    You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions; we will do so as far as we are required to. In many cases, we will anonymise that information, rather than delete it. 

    Right for Your Personal Information to be Portable

    If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format. 

    Right to Object 

    You have the right to object to processing where we are using your personal information (1) based on legitimate interests, (2) or for statistical/research purposes. 

    If you want to exercise any of the above rights, please email us at admin@finetwork.co.uk or write to Data Protection Office, F. I. Network Limited, 15 The Maples, Grove, Wantage, Oxfordshire OX12 0BA. 

    We may be required to ask for further information and/or evidence of identity. We will endeavour to respond fully to all requests within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay. 

    Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the UKs Information Commissioners Office. 

    ________________________________________________________________________________

    Keeping Your Information Safe 

    When we receive personal information, we take steps to ensure that appropriate technical and organisational controls are in place to protect it. 

    All personal data held within the FIN system is encrypted and protected. When you are on a secure page, a green padlock icon will appear adjacent to the web browser such as Microsoft Internet Explorer. 

    Personal information details (your email communications etc.) are transmitted normally over the internet and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure it is secure on our systems. Where we have given (or where you have chosen) a password and other authentication which enables you to access certain parts of our website, you are responsible for keeping this password and authentication confidential. We ask you not to share your password with anyone. 

    We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so 

    ________________________________________________________________________________

    Keeping Your Information up to Date 

    We take reasonable steps to ensure your information is accurate and up to date. 

    We really appreciate it if you let us know when your contact details change. 

    Use of 'cookies'

    We do not use Cookies on this website. 'Cookies' are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. 

    ________________________________________________________________________________

    Links to Other Websites 

    Our website may contain links to other websites run by other organisations. This policy applies only to our website so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other websites even if you access those using links from our website. 

    In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the privacy policy of that third party site. 

    ________________________________________________________________________________

    Transferring Your Information Outside of Europe 

    As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (EEA). 

    By way of example, this may happen if any of our servers are from time to time located in a country outside of the EEA. You should be aware that these countries may not have similar data protection laws to the UK. By submitting your personal data, you are agreeing to this transfer, storing or processing. 

    If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. 

    If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services. 

    We undertake regular reviews of who has access to information that we hold to ensure that your info is only accessible by appropriately trained staff, volunteers and contractors.