How we collect your personal data
We collect your personal data directly from you. Examples include when you:
- Interact directly with us via telephone, email or post
- Submit inquiries and information via our website;
- Provide information as part of an inquiry about a Lease to Own product from us;
- Enter into a Lease to Own Agreement with Dwellr's regulated funding partner.
We collect your personal data from 3rd parties. Examples include collection from:
- Representatives, intermediaries or brokers acting on your behalf;
- Publicly available information e.g. company registers (including the Companies Registration Office), press
publications, electoral register, online search engines and related results;
- Third parties who provide services to you e.g. legal advisors; accountants;
- Credit reference agencies (including the Irish Credit Bureau), credit registers (including the Central Credit
Register) and fraud prevention agencies;
- Company and credit information databases, such as Vision-Net.ie and Experian.co.uk, which provide credit
information on businesses and individuals, including information on directors, shareholdings, judgments,
bankruptcies and more;
- Sanctions and politically exposed persons databases as part of our anti-money laundering practices; and
- Our banking providers.
The personal data we use
We will process and use all personal data included in your application correspondence and collected as part of the
application process, including:
- IDENTITY DATA, including your first name, surname, salutation, age, date of birth, marital status, residential
status, gender, photographic ID, signature; PPS details;
- CONTACT DATA, including your email address, personal address, telephone number(s);
- FINANCIAL, including bank account details, tax number, income and expenditure details, credit history,
photo, details of any other loan agreements or lease agreements, any personal guarantee(s),
The purpose and legal basis for processing your personal data
Dwellr will only process your personal data where it is lawful and necessary to do so.
Your personal data are processed:
For the purposes of entering into and performing a hire-purchase or lease agreement, including:
- Establishing your eligibility as a potential Lease Agreement Customer;
- Processing the credit application and related forms;
- Conducting financial, security and credit due diligence and reviews;
- Contacting you on matters relating to your application;
- Recovering any payments you may owe us.
To enable us to comply with our legal, statutory and regulatory obligations e.g.:
- Supplying information to the Central Credit Register and using the Central Credit Register when considering
Lease to Own applications, in accordance with the Credit Reporting Act 2013;
- Establishing your identity in order to comply with legislation regarding the prevention of money laundering,
fraud and terrorist financing;
- Reporting and responding to requests from regulatory bodies, law enforcement agencies, the courts or
To manage our everyday business needs in line with our legitimate interests, such as risk management,
accounting, business continuity, complaint management, troubleshooting, technical support, protection of our
assets and information, and to establish, exercise and safeguard our rights.
Who we share your personal data with
We do not share your personal data with third parties unless it is necessary. Sharing occurs with a limited set of
individuals and organisations and in limited circumstances. Examples of when sharing may occur and the third parties
to whom we share your personal data are as follows:
- To your authorised representative, to a third party who is providing services to you and any other third party
you have provided us with authorisation to share with;
- To third parties who are providing services to us to enable us to manage the relationship with you e.g. our
software providers, our IT support providers, our professional advisors and our financial statement auditors.
Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure
that appropriate contractual protections are in place to protect the security of the data;
- To our bank when we are transacting with you;
- Credit reference and rating agencies and registers, whose services we rely upon to protect our interests e.g. we
share personal data with the Irish Credit Bureau who use it for their legitimate interests as detailed in their Fair
Processing Notice at http://www.icb.ie/pdf/Fair Processing Notice.pdf.
- Insurance providers, including insurance underwriters, claims handlers and other such associated third parties;
- To third parties in connection with a sale or purchase of assets by us;
- To our regulated funders as part of our credit management processes and funding processes;
- To anyone to whom we transfer or may transfer our rights and duties in respect of products provided by us;
- To anyone to whom we may potentially or actually transfer any product provided by us or to anyone in
connection with a potential or actual secured financing, securitisation or other funding arrangement; and
- To other banks and third parties where there is suspicion of financial crime or where required by law to resolve
misdirected third-party payments.
How long we keep your personal data for
Personal data is kept in a form, which permits data subject identification only for as long as is permitted while following fair and lawful processing. No personal data will be kept for a period longer than necessary. In general, where you go on to become a customer, we keep your data for a period of 7 years from the end of the relationship with you.
How we keep your personal data safe
Dwellr has a range of technical and organisational measures in place to protect information and keep your personal data secure across our IT systems and networks and physical storage locations. In the event of certain types of personal data breaches, we are legally obliged to notify the Data Protection Commission and affected individuals to whom the personal data belong. Dwellr have implemented internal procedures to manage personal data security breaches in accordance with our legal obligations.
Transfers outside the European Economic Area
Dwellr may occasionally, and only where necessary, transfer your personal data to third parties outside the European Economic Area (“EEA”). If and to the extent that we do so, we will ensure that appropriate measures are in place to comply with our obligations under applicable law governing such transfers, which may include:
- to a jurisdiction which has been subject to an “Adequacy” decision from the European Commission, meaning the jurisdiction is recognised as providing for an equivalent level of protection for personal data as is provided for in the European Union;
- entering into a contract governing the transfer which contains the “standard contractual clauses” approved for this purpose by the European Commission; or
- in respect of transfers to the United States of America, ensuring that the transfer is covered by the EU-US Privacy Shield framework.
Visiting the Dwellr.ie website
Dwellr maintains active social network accounts. We embed widgets from these networks to provide follow buttons, like boxes and stream embeds. This will result in cookies being set by these networks while using our site, subject to your consent to the processing of such cookies. As above, please refer to our cookie notice and consent tool on our website for details and preference management.
Some of the pages on our website contain hypertext links to websites not maintained by us. They are merely suggested websites which may be of interest to visitors to our website. Please note that different terms and conditions of use will apply to you as a user of these websites. In addition, such websites may not have the same privacy standards that Dwellr maintains.
You have a number of rights in respect to the personal data we process about you. These are:
- The right to access your personal data, which includes receiving confirmation on whether the personal data are being processed and if so, receiving the personal data and related information about why they are being processed, the categories of personal data involved, to whom the personal data have been or will be shared and how long the data will be kept for.
- The right to request that we rectify inaccurate data or update incomplete data. You may also request that we restrict the processing of the personal data until the rectification or updating has been completed, although please be aware that we may have to suspend the operation of your application until this is resolved.
- The right to request that we erase your data under certain circumstances, including where you want to withdraw the consent you previously gave to us, where you object to Dwellr processing the data for its own legitimate interests (e.g. direct marketing) or where Dwellr processing of the data is unlawful. In the case of unlawful processing, you can also request that this processing is restricted rather than the personal data being erased. Please be aware that we may have to suspend the operation of your application where data processing is restricted. Furthermore, we may need to retain and use some personal data to the extent necessary to comply with our legal obligations and for our legitimate interests such as fraud detection and prevention or protecting our assets. We also retain records to protect from accidental or malicious loss and destruction, meaning residual copies of your personal data may not be removed from our backup systems for a limited period of time.
- The right to object to the processing of your personal data, where such processing is being conducted for the purpose of:
1. Direct marketing;
2. Establishing, exercising or defending ourselves or others from legal claims; or
3. Our legitimate interests, unless we can demonstrate that our interests override your interests and rights. You may request that we restrict the processing of the personal data until this analysis of legitimate interests has been concluded, although please be aware that we may have to suspend the operation of your application where data processing is restricted.
- The right to receive your data in a portable format or, subject to it being technically feasible, have us transfer it directly to a third party. This applies where you have provided us with consent for the processing or where the processing is necessary for entering a lease-to-own agreement with us.
- The right, at any time, to withdraw consent you have provided to us to process your personal data.
- The right to lodge a complaint to the Data Protection Commission or another supervisory authority.
If you wish to raise a complaint in relation to how we processed your personal data, please contact our Data Protection Officer (DPO) at email@example.com. Dwellr takes your privacy and data protection very seriously and we endeavour to address your complaint as quickly and as thoroughly as we can in order to find a satisfactory resolution for you. You also have the right to escalate the matter to the Data Protection Commission or other supervisory authority. The Office of the Data Protection Commission can be contacted at:
Telephone: +353 (0)761 104 800 or +353 (0)57 868 4800
Data Protection Commission,
21 Fitzwilliam Square South,Dublin 2, D02 RD28