We are MotoNovo Finance, a division of FirstRand Bank Limited (London Branch), part of the FirstRand Banking Group, and we can be contacted by telephone on 0333 200 0030 or email Our data protection officer can be contacted by email at

This notice explains what personal data we collect from you and how it will be used by us and why. 



During the  recruitment and employment process,  we will need to collect certain details from you for the purpose of entering into an employment agreement with you; administering any agreement with you; and in order to undertake checks for the purposes of preventing fraud, money laundering, to verify your identity; to assess your creditworthiness; and if you access our website we collect information about your browsing experience, for the purposes of understanding and improving our website,  staff  experience and our products and services.



We will collect and process the following personal data about you:

Information you give us, or provide to a recruitment agency  when making an application (Submitted Information):  The information you give us comprises your name, date of birth, residential address and address history for the last three years, contact details such as email address and telephone numbers, financial information, employment details, to include your salary, employer name, address and time you have worked there, reference details, medical information, anything you may need from us  to support you during your employment.

If, for any reason, you do not provide this information we will not be able to proceed with credit reference and fraud prevention checks and, subsequently will not be able to fulfil your application and we will not be able to enter into the employment agreement with you.  Further details about these checks are provided below.

Information we collect about you and your device (Device Information):  Each time you use our website we will automatically collect technical information about your computer or other internet connected device including your internet protocol (IP) address browser type, domain names, access times and referring web site addresses.  You may be able to disable the collection of some of this data through amending the web settings of your device or browser but doing so may impact the functionality of our website.  Full details of our Cookie policy can be found at

Information we receive about you from third parties (Third Party Information): This information may include your personal and financial information (from your referees, recruitment agency, your employer, or other person connected with your employment application), credit information, such as previous lending you have, the conduct of accounts in your and your financial associate’s name (this is anyone linked to you for credit or finance purposes), any business accounts you have, fraud prevention information and public information such as County Court Judgments, bankruptcies and the Electoral Register.

We may combine Submitted Information with Third Party Information and may use both these categories of information and the combined information for the purposes set out below.



Employment Agreement processing and administration

Personal data collected by us will be used by us at application stage and, if your application is successful, during the term of and after termination of the agreement, for the following purposes: providing the services, and related administration and transactions relating to the agreement (when we use your information in this way, we do so on the legal basis that our use of your personal information is necessary for the performance of the agreement that we have with you);

Employment and Recruitment Activities: which will mean verifying your identity; DBS Criminal Records service checks; employment services; payroll and HMRC data administration; credit assessments using data from credit reference agencies;  complying with legal, regulatory and compliance obligations that apply to us (for example, anti-money laundering and counter-terrorism checks) and detection and prevention of fraud and other crimes;  administering your staff benefits; notifying you of local services available to you as you are an employee of us; administering your bonus and incentive schemes and any payments from them; administering any discount shopping service provided. The personal data you have provided, we have collected from you, or we have received from third parties may include your name, date of birth, residential address and address history, contact details such as email address and telephone numbers, financial information, employment details, references, credit detail, bank account details, dependants details, identifiers assigned to your computer or other internet connected device including your Internet Protocol (IP) address and criminal records details.

General Administration: which will mean tax administration; auditing; reporting and accounting functions; statistical analysis and market research; credit and other funding decisions; credit, market, regulatory and operational risk management;  systems testing; network monitoring;

Marketing Activities: which will mean conducting staff surveys;  

Commercial Activities: which will mean assigning our rights or obligations to a third party; obtaining funding for our business, to understand and improve our products and services, and to create aggregate or statistical data to use for analytical or research purposes such as for scorecard development purposes (and when we use your data for each of these purposes we do so on the basis that we have a legitimate interest in doing so). 

When you phone us or we phone you: call recording and staff identification

We will also use your personal data to check your identity if you get in touch with us.

We may monitor and record calls made to us for monitoring and training purposes and to improve the services we offer.

We use your information in this way in our legitimate interest, in order to prevent fraud and to improve the services we provide to you.

Credit checking, verifying your identity and preventing fraud and money laundering

We will use certain personal data you have provided to us in order to confirm your identity and to prevent fraud and money laundering, and to carry out a credit check on you by searching at credit reference agencies who will supply us with credit information about you.  More details about these checks are set out below.

When we use your personal data for these purposes we do so on the basis that we have a legitimate interest in assessing your application, preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services you have requested, and we will not be able to process your application without undertaking these checks.


Credit Reference Agencies

We will supply certain of your personal information to credit reference agencies and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. Credit reference agencies will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

Where you are a director or partner in a small business, we ,may also check the record on your business, so you should make sure you discuss this with anyone concerned, and share with them this information, before lodging the application.

If you are financially linked to another person (for example if you have a joint mortgage or loan) your credit reference agency records will be linked until such time as you or your partner successfully files for a disassociation with the credit reference agencies to break that link.  If you are financially linked to another person, this application may impact on their credit record (and their record could impact your application) so you should make sure you discuss this with them, and share with them this information, before lodging the application.

Whether or not this application proceeds, the credit reference agency will place a record of our search on your credit file (commonly referred to as a "footprint").  This record (but not our name) will be seen by other organisations when you apply for credit in the future. A large number of applications within a short period of time could affect your ability to obtain credit.


Fraud Prevention Agencies

If you have provided inaccurate information or we suspect fraud, we may share some of the personal data we have collected from you with fraud prevention agencies who will use it to prevent fraud and money laundering, and to verify your identity.  If fraud is detected, you could be refused certain services, finance or employment. 

We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.  Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six (6) years.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to  employ you, or we may stop providing existing services to you.  Records held by fraud prevention agencies may result in others refusing to provide services, financing or employment to you.  If you have any questions about this, please contact us on the details above.



All personal data you provide to us, or which we obtain from third parties, will be stored on our secure servers (or those of third parties or contractors we engage to help us run our business).  We will keep information no longer than we need to for the purpose for which we collected it.  The period of time for which we keep personal data depends on the legal and regulatory requirements, the purpose for which the information was obtained, and our business needs.  We will keep information about any account you hold with us for [at least] the duration of your agreement and the period of 6 years from the end of your agreement, in line with our data retention policy that stipulates the timescales in line with our lawful purpose for processing your data. This is available at

If your application is declined, we shall keep your personal data for 6 months in order to allow us to answer any queries which you may have about your application (Credit reference agencies may keep your data for longer).  We do so on the basis that we have a legitimate interest in responding to such queries.



In addition to the sharing of data with credit reference agencies and fraud prevention agencies outlined above, we may share your personal data with the following other third parties.

We may transfer your personal data to other companies in our group or to third parties acting on our behalf, including without limitation, HMRC, Company Staff Benefits providers, incentive scheme payment services providers, and  our service, system, support and outsourcing providers; regulatory bodies, and law enforcement and fraud prevention agencies, for administrative purposes, processing or for the operation and maintenance of your business with us.  A full list of the firms we share your data with will be available at

We may also share your personal data with any person (and their or our professional advisors for this purpose) with whom we are negotiating any sale, transfer or re-organisation of our business or where we are organising our commercial funding.  If this proceeds, the acquiring party or part of it may use your personal details in the same ways and for the same purposes as set out in this policy.  We will give you their details once the business change has been completed.  We will only transfer such data as is necessary for those purposes, and you will be informed of their identity at the time of the transfer. We will ensure that any such third parties safeguard the security of your data in accordance with the Data Protection Act 1998 (the “Act”) and the EU General Data Protection Regulation and any other applicable legislation relating to the protection of personal data and privacy from time to time that may replace the Act.

Pursuant to the above, personal data may be transferred to recipients located in countries outside the European Economic Area (including the USA) which do not provide the same standard of data protection laws as the UK. Any party who receives personal data is required by us to have appropriate technical, organisational and security measures in place to keep such personal data confidential and secure. Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.



You have the following rights (subject to certain statutory exemptions):

  • to opt-out of receiving marketing information, or withdraw your consent to receive marketing information if provided on a previous occasion;
  • to be informed about the processing of your personal data (this is what this statement sets out to do);
  • to have your personal data corrected if it’s inaccurate and to have incomplete personal data completed;
  • to object to processing of your personal data;
  • to withdraw your consent to processing your personal data;
  • to restrict processing of your personal data;
  • to have your personal data erased;
  • to request access to your personal data and information about how we process it;
  • to specify which credit reference agencies we have shared your personal data with;
  • from 25 May 2018 only, to move, copy or transfer your personal data (“data portability”); and
  • rights relating to automated decision making. 


If you are unhappy about how your personal data has been used you can contact us using the details above. You also have a right to complain to the Information Commissioner's Office (, which regulates the processing of personal data.                       


If you:

  • would like more information about how we process personal data;
  • are unable to access of any of the links or further information referred to in this document ; or
  • would like to exercise any of your data protection rights,

please contact us using the contact details set out at the top of this notice.



The Credit Reference Agencies we use have produced a Credit Reference Agency Information Notice ("CRAIN") which details how they will use your data after we provide them with your Agreement information. The CRAIN is available at; or