Privacy Policy – The Credit Control Room

Introduction

The Credit Control Room (NPD & Company (UK) Ltd t/as) (“we”, “our”, or “us”) is committed to protecting the privacy and security of personal and business data. This Privacy Policy outlines how we collect, use, store, and share personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who We Are

The Credit Control Room (NPD & Company (UK) Ltd t/as) is a specialist debt recovery and credit investigation agency operating within the United Kingdom. Our services include commercial debt recovery, credit reporting, legal stationery provision, and access to the NPD Credit Information Database via the Credit Control Room Portal.

What Data We Collect

We may collect and process the following categories of personal and business data:

• Contact details (name, address, phone number, email)
• Company and director information
• Financial and payment data
• Debt and credit history
• Correspondence and case notes
• Website usage data (via cookies – see Section 11)

How We Collect Your Data

We collect data:

• Directly from clients and users (via forms, email, phone, or portal submissions)
• From public sources (e.g., Companies House, Land Registry, court records)
• Through third-party data providers or solicitors
• Via the Credit Control Room Portal and NPD Database contributions

Purposes of Processing

We use your data for the following purposes:

• To provide our debt recovery and credit control services
• To communicate with you regarding your account or case
• To maintain accurate records in the NPD Database
• To comply with legal and regulatory obligations
• To improve and personalise our services

Legal Basis for Processing

Our processing is based on one or more of the following legal grounds:

• Performance of a contract
• Compliance with a legal obligation
• Legitimate interests (e.g., recovering debts, maintaining credit data accuracy)
• Consent (where explicitly required)

Information Sharing

We may share personal data with:

• Solicitors, courts, enforcement agents, and third-party service providers
• Credit reporting partners and business references
• Regulatory bodies and law enforcement (where required by law)
• Other users of the NPD Database (only where lawful and proportionate)

Data Retention

We retain data only as long as necessary for the purposes for which it was collected, typically for a period of six (6) years following the closure of a matter, unless a longer period is required by law or for regulatory reasons.

Your Rights

Under data protection law, you have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request erasure of data (where legally permissible)
• Object to or restrict processing in certain circumstances
• Lodge a complaint with the Information Commissioner’s Office (ICO)

Data Security

We implement appropriate technical and organisational measures to protect your data against loss, unauthorised access, or misuse. All data is stored on secure servers with controlled access.

Cookies and Website Tracking

We implement appropriate technical and organisational measures to protect your data against loss, unauthorised access, or misuse. All data is stored on secure servers with controlled access.

Changes to This Policy

We may update this Privacy Policy from time to time. Any material changes will be communicated via our website or direct communication. Continued use of our services constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact:
Data Protection Officer
The Credit Control Room (NPD & Company (UK) Ltd t/as)
Email: info@npdandco.com
Website: www.npdandco.com