Credit Application - Personal Data

How we collect, process and safeguard your personal data when you are making an account application.

Privacy notice – Credit applicants

This is the ASSA ABLOY UK & Ireland privacy notice for credit account applicants. ASSA ABLOY is committed to protecting your personal data. This privacy notice describes:

  • the types of personal data we collect from you when you apply for a credit facility from an ASSA ABLOY company;
  • how we use that information and why;
  • who we share it with and where;
  • how long we store it for;
  • your rights , including how you can contact us if you have additional questions about the processing of your personal data; and
  • how we can make changes to this notice

Depending on which ASSA ABLOY company you have applied for a credit facility with, the following will be “data controller" and responsible for the processing of your personal data:

·      ASSA ABLOY Ltd, a company registered in England and Wales under number 2096505, of School Street, Willenhall, West Midlands, WV13 3PW, United Kingdom

·      HKC Security Ltd, a company registered in the Republic of Ireland under number 620390, of Parkway Business Centre, Ballymount, Dublin 24, Dublin, Ireland

·      P C Henderson Ltd, a company registered in England and Wales under number 01188468, of Durham Road, Bowburn, County Durham, DH6 5NG , United Kingdom

·      P C Henderson (Ireland) Limited, a company registered in the Republic of Ireland under number 026076, of 21 Westlink Industrial Estate, Kylemore Rd, Kylemore, Dublin 10, Ireland. 

·      ASSA ABLOY Opening Solutions Ireland Limited, a company registered in the Republic of Ireland under number 327918, of 13-18 City Quay, Dublin 2, Dublin, Ireland

·      Carlisle Brass Limited, a company registered in England and Wales under number 02022858, of School Street, Willenhall, West Midlands, WV13 3PW, United Kingdom.

·      Heywood Williams Components Limited t/a Mila Hardware and t/a Mila Maintenance a company registered in England and Wales under number 02523354, of School Street, Willenhall, West Midlands, WV13 3PW, United Kingdom.

·      Sunray Engineering Limited, a company registered in England and Wales under number 01480389, of School Street, Willenhall, West Midlands, WV13 3PW, United Kingdom.

·      Prestige Fire Door Services Limited, a company registered in England and Wales under number 07151739, of School Street, Willenhall, West Midlands, WV13 3PW, United Kingdom.

·      Mila Limited, a company Registered in the Republic or Ireland under number 143406, of 13-18 City Quay, Dublin 2, Dublin, Ireland.

 

What personal data do we collect?

In order to process applications for a credit facility, to administer that facility and prior to entering into a business relationship we will conduct screenings of certain individuals associated with the company for export control and sanctions purposes. We may also conduct additional screenings during our business relationship., we collect and store:

·      Company name and trading names

·      Company address

·      Telephone numbers

·      Fax numbers

·      Company registration number

·      VAT registration number

·      Company bank details

·      Owner, partner, board member or director name and address

·      Applicant name, telephone number, role and signature

·      Accounts payable representative name, telephone number and email address

·      Purchasing representative name, telephone number and email address

·      If you’re the owner, partner, board member or director and you appear on any of the export control and sanctions lists we screen against, we may also process personal data relating to criminal convictions and offences.

How and why will we use your personal data?

 Why do we process this personal data?

What is the legal basis for processing? 

Process credit account applications

In order to enter into a contract with you to provide the credit facility

Complete credit reference checks via a credit reference agency

In order to enter into a contract with you to provide the credit facility

Administering credit account facilities, such as processing sales against the credit facility and contacting you to discuss any outstanding payments

In order to perform our contract with you to provide the credit facility

To arrange appropriate trade credit insurance

It is in our legitimate interest to arrange trade credit insurance to help mitigate the risk of losses to ASSA ABLOY as a result of providing a credit facility

For debt collection purposes, including sharing data with our solicitors who may act on our behalf to recover debts

It is in our legitimate interest to request and recover debts owed to us as a result of non-payment from orders made against a credit facility

To conduct export control and sanctions screening 

Processing is based on the legitimate interest of ASSA ABLOY to comply with applicable regulatory requirements and to mitigate third party risk.

 

In cases where personal data relating to criminal convictions and offences is documented in the screening and vetting results, such processing is based on ASSA ABLOY’s legal obligations under applicable export control and sanctions laws

 

Who and where will your personal data be transferred to?

We may transfer your personal data for the purposes set out above:

  • To organizations of the ASSA ABLOY Group
  • Third party providers which help us to administer the credit account facility, such as cash allocation software providers
  • To service providers appointed by ASSA ABLOY who provide services necessary for conducting the export control and sanctions screening and associated services
  • To credit reference agencies which complete a credit check on our behalf and for credit management purposes
  • To our solicitors for debt collection purposes
  • To our insurers to arrange and administer trade credit insurance policies
  • When required by law; and/or
  • To a buyer or a potential future buyer of our business.

Some recipients are located in countries outside the UK or EU/European Economic Area (EEA). As in some cases these countries have a lower level of protection than that within the UK or EU/EEA, when transferring personal data to countries outside of the UK or EU/EEA we rely on adequacy decisions, the Data Bridge where applicable or use standard contractual clauses approved by the European Commission or Information Commissioner’s Office to ensure a sufficient level of protection for your personal data. 

We take measures to protect all personal data transferred to a third party, or to other countries, in accordance with applicable data protection laws and as stated above.

For how long will we store your personal data for?

We store personal data for as long as necessary to fulfil the purpose for which the data has been collected, and in accordance with our internal record retention schedule. This means that we delete your personal data when such data is no longer necessary to process a request or to manage our relationship. Statistics which have been anonymised may be saved for longer.

Your Rights

In relation to the personal data that we hold about you, you have the right to:

  • Request a copy of your personal data from our records;
  • Ask that we correct or erase your personal data (though this may mean that we cannot process requests or orders, or that your account expires);
  • Ask us to stop processing your personal data (for example as regards the use of the data to improve our website), or restrict how we process it (for example if you deem the data to be incorrect);
  • Request the personal data used to provide you with information you requested, process an order, or manage your account or our relationship in a machine-readable format, which you are entitled to transfer to another data controller; and
  • Withdraw your consent to us processing your data for marketing purposes at any time.

We may not accept a request to erase your personal data where we require it to comply with a legal obligation or in relation to a legal claim.

Requests to exercise your rights should be addressed to privacyuk@assaabloy.com

If you have a complaint regarding our processing of your personal data you are entitled to report this to the Data Protection Commission at dataprotection.ie if you are based in Ireland, or the ICO (Information Commissioner’s Office) at ico.org.uk if you are based in the UK.  If you are located elsewhere, a list of European supervisory authorities can be found at ec.europa.eu

How can we make changes to this privacy notice?

We may update this privacy notice from time to time in response to changing legal, regulatory or operational requirements. We will notify you of any such changes (including when they will take effect). Your continued use of the website after any such updates takes effect will constitute acceptance of those changes. If you do not accept any updates to this privacy notice, you should stop using this website.

Version 4.0 April 2025