We are MotoNovo Finance Limited, a subsidiary of Aldermore Group PLC and part of the FirstRand Banking Group. We are registered in Wales under number 11556144, and our Registered Office address is One Central Square, Cardiff, Wales, United Kingdom CF10 1FS. In this policy when we use terms such as “we”, “us” and “our”, we mean MotoNovo Finance Ltd.  

We can be contacted by telephone on 0333 200 0030 or email Our Data Protection Officer can be contacted at our Registered Office address or by email at


During the  recruitment and employment process,  we will need to collect certain details from you for the purpose of entering into an employment agreement with you; administering any agreement with you; and in order to undertake checks for the purposes of preventing fraud, money laundering, to verify your identity; to assess your creditworthiness; and if you access our website we collect information about your browsing experience, for the purposes of understanding and improving our website,  staff  experience and our products and services.

We will collect and process the following personal data about you: Information you give us, or provide to a recruitment agency, when making an application or during your employment (Submitted Information):  The information you give us comprises: 

  • your name,
  • date of birth,
  • residential address and address history for the last three years,
  • contact details such as email address and telephone numbers,
  • gender,
  • financial information including details of your bank account, tax status and National Insurance information,
  • employment details, to include your salary, employer name, address and time you have worked there,
  • reference details,
  • next of kin and dependant details,
  • special categories of personal data including information about your health, equal opportunities monitoring information including sexual orientation, ethnic origin and religion, trade union membership and information about criminal convictions,
  • anything you may need from us to support you during your employment. 

Information we receive about you from third parties (Third Party Information): This information may include:

  • your personal and financial information (from your referees, recruitment agency, your employer, or other person connected with your employment application),
  • credit information, such as previous lending you have, the conduct of accounts in your and your financial associate’s name (this is anyone linked to you for credit or finance purposes), any business accounts you have,
  • fraud prevention information and
  • public information such as County Court Judgments, bankruptcies and the Electoral Register. 

Information we collect about you and your device (Device Information):  Each time you use our website we will automatically collect technical information about your computer or other internet connected device including:

  • your internet protocol (IP)
  • address browser type,
  • domain names,
  • access times and referring web site addresses.   

You may be able to disable the collection of some of this data through amending the web settings of your device or browser but doing so may impact the functionality of our website.  Full details of our Cookie policy can be found at 

We may combine Submitted Information with Third Party Information and may use both these categories of information and the combined information for the purposes set out below. 


Personal data collected by us will be used by us at application stage and, if your application is successful, during the term of and after termination of the agreement, for the following purposes: 

To perform a contract we have has entered into with you or take steps before entering into a contract with you at your request, including:

  • providing the services, and related administration and transactions relating to the contract 

To comply with our legal obligations including:

  • complying with employment ,tax , immigration ,anti-money laundering, terrorism  health and safety and safeguarding laws,
  • preventing and detecting crime,
  • assisting the police and other authorities with their investigations 

Where necessary for our legitimate interests or those of a third party provided your interests and rights do not override those interests including:

  • administering your staff benefits;
  • Employment and Recruitment Activities: which will mean verifying your identity; DBS Criminal Records service checks; employment services; payroll and HMRC data administration; credit assessments using data from credit reference agencies
  • notifying you of local services available to you as you are an employee of us;
  • administering your bonus and incentive schemes and any payments from them;
  • administering any discount shopping service provided.or
  • defending employment claims brought by you General Administration: which will mean auditing; reporting and accounting functions; statistical analysis and market research; credit and other funding decisions; credit, market, regulatory and operational risk management;  systems testing; network monitoring;
  • Marketing Activities: which will mean conducting staff surveys;
  • Commercial Activities: which will mean assigning our rights or obligations to a third party; obtaining funding for our business, to understand and improve our products and services, and to create aggregate or statistical data to use for analytical or research purposes  

To protect your vital interests or those of another person

  • where we know or have reason to believe that you or another person may suffer harm) 

In circumstances where you have a genuine choice as to whether we should process your personal data, we will ask you for your consent. The method used to obtain your consent will depend on the scope and context of the processing that we propose. In relation to special categories of personal data and personal data relating to criminal convictions and offences, we may request your explicit consent unless a legal obligation applies which allows us to process such personal data without doing so.

When you phone us or we phone you: call recording and staff identification.

We will also use your personal data to check your identity if you get in touch with us or when we call you.

We may monitor and record calls for monitoring and training purposes and to improve the services we offer.

We use your information in this way in our legitimate interest, in order to prevent fraud and to improve the services we provide to you. 

Credit checking, verifying your identity and preventing fraud and money laundering 

We will use certain personal data you have provided to us in order to confirm your identity and to prevent fraud and money laundering, and to carry out a credit check on you by searching at credit reference agencies who will supply us with credit information about you If, for any reason, you do not provide this information we will not be able to proceed with credit reference and fraud prevention checks and, subsequently will not be able to fulfil your application and we will not be able to enter into the employment agreement with you.  Further details about these checks are provided below.

When we use your personal data for these purposes we do so on the basis that we have a legitimate interest in assessing your application, preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services you have requested, and we will not be able to process your application without undertaking these checks. 


Third Parties

We may transfer your personal data to third parties acting on our behalf, including without limitation, HMRC, Company Staff Benefits providers, incentive scheme payment services providers, and  our service, system, support and outsourcing providers; regulatory bodies, and law enforcement and fraud prevention agencies, for administrative purposes, processing or for the operation and maintenance of your business with us.

Companies in our group

We may transfer your personal data to companies within the FirstRand Bank Ltd and Aldermore Groups its establishments and trading divisions as follows: o

  • Aldermore Group plc
  • Aldermore Bank plc
  • FirstRand Bank Ltd (London Branch)
  • Wesbank
  • RandMerchant Bank (RMB)
  • First National Bank
  • FirstRand International (Guernsey) Ltd
  • RMB International UK Ltd
  • Ashburton Investments Holdings Ltd  

Credit Reference Agencies 

We will supply certain of your personal information to credit reference agencies and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. Credit reference agencies will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.  

Where you are a director or partner in a small business, we, may also check the record on your business, so you should make sure you discuss this with anyone concerned, and share with them this information, before lodging the application. 

If you are financially linked to another person (for example if you have a joint mortgage or loan) your credit reference agency records will be linked until such time as you or your partner successfully files for a disassociation with the credit reference agencies to break that link.  If you are financially linked to another person, this application may impact on their credit record (and their record could impact your 
application) so you should make sure you discuss this with them, and share with them this information, before lodging the application. 

Whether or not this application proceeds, the credit reference agency will place a record of our search on your credit file (commonly referred to as a "footprint").  This record (but not our name) will be seen by other organisations when you apply for credit in the future. A large number of applications within a short period of time could affect your ability to obtain credit. 

Fraud Prevention Agencies 

If you have provided inaccurate information or we suspect fraud, we may share some of the personal data we have collected from you with fraud prevention agencies who will use it to prevent fraud and money laundering, and to verify your identity.  If fraud is detected, you could be refused certain services, finance or employment.   

We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.  Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six (6) years. 

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to employ you, or we may stop providing existing services to you.  Records held by fraud prevention agencies may result in others refusing to provide services, financing or employment to you.  If you have any questions about this, please contact us on the details above. 

Other Companies 

We may also share your personal data with any person (and their or our professional advisors for this purpose) with whom we are negotiating any sale, transfer or re-organisation of our business or where we are organising our commercial funding.  If this proceeds, the acquiring party or part of it may use your personal details in the same ways and for the same purposes as set out in this policy.  We will give you their details once the business change has been completed.  We will only transfer such data as is necessary for those purposes, and you will be informed of their identity at the time of the transfer. We will ensure that any such third parties safeguard the security of your data in accordance with the Data Protection Act 2018 (the “Act”) and the EU General Data Protection Regulation and any other applicable legislation relating to the protection of personal data and privacy from time to time that may replace the Act. 

Pursuant to the above, personal data may be transferred to recipients located in countries outside the European Economic Area (including the USA) which do not provide the same standard of data protection laws as the UK. Any party who receives personal data is required by us to have appropriate technical, organisational and security measures in place to keep such personal data confidential and secure. Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing. 


All personal data you provide to us, or which we obtain from third parties, will be stored on our secure servers (or those of third parties or contractors we engage to help us run our business).  We will keep information no longer than we need to for the purpose for which we collected it.  The period of time for which we keep personal data depends on the legal and regulatory requirements, the purpose for which the information was obtained, and our business needs.   

If your application is declined, we shall keep your personal data for 6 months in order to allow us to answer any queries which you may have about your application or to respond to any claims (Credit reference agencies may keep your data for longer).  We do so on the basis that we have a legitimate interest in responding to such queries. 

We shall keep information relating to your employment for a default retention period of 6 years from from the end of the tax year in which the employment was ended. The current exemptions to this are pension records and death in service records which will retained until the employee’s 100th birthday and pension scheme investment policy details which will be retained for 12 years from the end of any benefit payable under the policy. Further details are available in the MotoNovo Finance Ltd Data Retention Guidelines document which is made freely available to all staff.  


You have the following rights (subject to certain statutory exemptions):  

  • to opt-out of receiving marketing information, or withdraw your consent to receive marketing information if provided on a previous occasion;
  • to be informed about the processing of your personal data (this is what this statement sets out to do);
  • to have your personal data corrected if it’s inaccurate and to have incomplete personal data completed;
  • to object to processing of your personal data;
  • to withdraw your consent to processing your personal data; 
  • to restrict processing of your personal data;
  • to have your personal data erased;
  • to request access to your personal data and information about how we process it;
  • to specify which credit reference agencies we have shared your personal data with; 
  • to move, copy or transfer your personal data (“data portability”); and
  • rights relating to automated decision making.   

If you are unhappy about how your personal data has been used you can contact us using the details above. You also have a right to complain to the Information Commissioner's Office (, which regulates the processing of personal data.

If you:

  • would like more information about how we process personal data;
  • are unable to access of any of the links or further information referred to in this document ; or
  • would like to exercise any of your data protection rights, 

Please contact us using the contact details set out at the top of this notice.


The Credit Reference Agencies we use have produced a Credit Reference Agency Information Notice ("CRAIN") which details how they will use your data after we provide them with your Agreement information. The CRAIN is available at; or