This Privacy Notice will help you understand how we collect, use and protect your personal information. If you have any queries about this Privacy Notice or how we process your personal information, please contact the Data Protection Officer by email: or by post: Compliance Dept. Homebuy, Unit 3 Vigo Place, Aldridge, Walsall, West Midlands, WS9 8UG


Who we are


The organisation responsible for the processing of your personal information is Homebuy, Unit 3 Vigo Place, Aldridge, Walsall, West Midlands, WS9 8UG. This means that we are a ‘data controller’ under the General Data Protection Regulation (also known as the GDPR). Our registration number with the Information Commissioner’s Office is Z9882814


Collecting and using personal information


Our website will not collect personal information about you unless you provide us with that information voluntarily. By ‘personal information’, we mean data that is unique to an individual, such as a name, address, email address, or telephone number.


What information we collect


In order to fulfil any contractual obligations, we require certain personal information about you and your household to be collected. Examples of personal data we may collect include:

  • Name, address and date of birth
  • Telephone numbers and email address
  • Current residential status, previous address history and number of people in your household
  • Lifestyle and other information
  • Income & Expenditure details
  • Financial information including payment details


How we use the information about you


The information we collect will be used:

  • As part of our commitment to responsible lending, to help us decide if you are able to maintain your contractual commitments
  • To manage your account, respond to your questions or deliver a product or service
  • As part of any statistical analysis we may undertake
  • To assist in any warranty or insurance claim that you may make in the future

We will treat all your information in strict confidence and we will take all reasonable steps to protect your personal information.

Certain categories of personal data are classed as sensitive and may be deemed as being of a ‘Legitimate Interest’ to assist you with the maintenance of your agreement. If you reveal details of a health problem this information may be recorded securely on your account and will allow us to handle your account better and provide you with the best possible support.

Your personal information will not be shared with any other organisation without your consent.


Telephone Calls


Calls may be recorded to verify content and may be used together with other customer records for regulatory compliance, quality control, staff training, preventing or detecting criminal activity and for complaint resolution.




No personal information is used in connection with any Marketing Activity. And we do not pass on your details to any other businesses for marketing purposes.


Disclosing your information


We will not sell, license, transmit or disclose the information you provide outside of Homebuy and its affiliated companies unless:

  • Necessary to enable Homebuy contractors or agents to perform certain functions
  • To further fraud protection and reduce the risk of fraud, or to investigate or prevent crime
  • Unless legally required or permitted by law
  • Required by HMRC or other authorities

In all cases, we will disclose the information consistent with applicable laws and regulations and we will require the recipient to protect the information and use it only for the purpose it was provided.


Where your information is processed


The personal information that we have collected from you, may have been shared with some fraud prevention agencies, and may have been transferred to and processed in a destination outside of the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or one of our suppliers. In these circumstances, your personal information will only be transferred on one of the following bases:

  • the country that we send the data is approved by the European Commission as providing an adequate level of protection for personal information; or
  • the recipient had agreed with us standard contractual clauses approved by the European Commission, obliging the recipient to safeguard the personal information (in particular, our, transfer of personal information to suppliers in India and the United States for marketing, IT development and IT testing purposes are protected in each case by the use of appropriate model clauses); or
  • there exists another situation where the transfer is permitted under applicable data protection legislation (for example, where a third-party recipient of personal data in the United States has registered for the EU-US Privacy Shield).

To find out more about how your personal information is protected when it is transferred outside the EEA (and if you wish to obtain a copy of the standard contractual clauses which we have entered into with recipients of your personal information outside of the EEA), please contact Customer Service using the details above.


Other data controllers


Because of the nature of the services we provide you, we will share your personal data with the following companies (as applicable) and these companies will also act as data controllers with respect to the data you provide to us.

Data Controllers ICO Registration number Purpose
Elavon Financial Services Z9724899 Processing debit card payments
PayPoint Payment Services Limited ZA083736 Processing PayPoint payments
Moorcroft Z5351122 Debt recovery
Whirlpool UK Appliance Z1194832 Product servicing
Pacifica Group Z2927480 Product servicing
Adalante Z1553813 Processing CPA payments
Central Mailing Z5961093 Printing arrears notices and statements
Call Credit Z2222218 Credit reference agency


How long your information is kept


We may retain some of your personal information for a number of purposes, as necessary to allow us to carry our business. The retention periods apply as follows:

  • Personal data contained within your agreement
  • We will generally keep records of any Agreement you enter with us for a minimum of six years from the end of the relationship. This is so that we can respond to any complaints or disputes that arise in that period. Otherwise, we will keep the information where appropriate for legitimate business needs. We will keep other information about you if it is necessary for us to do so to comply with the law, or where appropriate for legitimate business needs.
  • Personal data contained in complaints records.
  • If you raise a complaint with our Customer Relations team, your records will be deleted 3 years after your complaint record is closed.
  • For fraud prevention purposes:
  • Your records will be deleted 7 years after your fraud record is created.
  • Fraud prevention agencies can hold your personal data for different periods of time, depending on how that data is being used. Please contact them for more information. If you are considered to pose a risk of fraud or of money laundering, your data can be held by fraud prevention agencies for up to 6 years from its receipt. Please see ‘other data controllers’ for details.


Your rights


Under the GDPR you have the following rights:

  • to require us to erase your personal information;
  • to require us to restrict our data processing activities;
  • to receive from us the personal information we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal information to another data controller; and
  • to require us to correct the personal information we hold about you if it is incorrect.

Please note that these rights may be limited by data protection legislation, and we may be entitled to refuse requests where exceptions apply. If you are not satisfied with how we are processing your personal information, you can make a complaint to the Information Commissioner. You can find out more about your rights under data protection legislation from the Information Commissioner’s Office website:

If you would like to view the personal information we hold about you, please write to:

Customer Service Department
Unit 3 Vigo Place



West Midlands


Or email us at

We want to make sure your personal information is accurate and up to date. You will be able to update the information that you provide to us either by sending us an email or notifying us in writing. You may ask us to correct or remove any information you think is inaccurate.


Use of Cookies


Cookies provide information regarding the computer used by a visitor. We may use cookies where appropriate to gather information about your computer in order to assist us in improving our website.

We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally. It is statistical data. This statistical data does not identify any personal details whatsoever.

You can learn more by visiting

You can adjust the settings on your computer to decline any cookies if you wish. This can easily be done by activating the reject cookies setting on your computer.


Changes to our privacy policy


We keep our privacy policy under regular review and will place any updates on this webpage.

This privacy policy was last updated on 21st May 2018.