Privacy Policy

The purpose of this policy is to outline the steps Brian Currie take to ensure the privacy of users of this website - https://www.briancurrie.co.uk, outlined in clear and understandable language. If you have any questions relating to the way in which Brian Currie handles data and information of users then please contact us via the details on the contact page of this website - https://www.briancurrie.co.uk/contact/

Brian Currie as a data controller is committed to ensuring the data processed through this website is done so in a manner appropriate to the General Data Protection Regulation (GDPR) which took effect on May 25th 2018.

Keyloop Web Management who provide this website and related services for Brian Currie act as a data processor.

Users of this website act as Data Subjects and are the intended target of the terms laid out in this policy.

Identity & contact details of the Data Controller

• Brian Currie (Milton Keynes) Limited

• 249 Silbury Boulevard, Milton Keynes, MK9 1NR

• 01908 663991

• Company Registration No- 01625680

• ICO Registration number- Z6466058

Data Protection Officer (DPO)

Thomas Osborne- tom.osborne@briancurrie.co.uk

Credit Reference and Affordability Checks

To help us assess applications, prevent fraud, and meet our legal and regulatory obligations, we may obtain information about you from credit reference agencies (CRAs).
We obtain this information via Creditsafe, which uses its data partner TransUnion to supply consumer credit and identity data.

• Creditsafe Business Solutions Limited is authorised and regulated by the Financial Conduct Authority
  FCA Firm Reference Number: 742313
• TransUnion International UK Limited is authorised and regulated by the Financial Conduct Authority
  FCA Firm Reference Number: 805757

The information we receive may include data relating to your identity, credit commitments, payment history, and public record information. This data is used solely for legitimate business purposes, including creditworthiness assessment, identity verification, and fraud prevention, in accordance with applicable data protection laws.

Further information about how Creditsafe and TransUnion process your personal data can be found in their respective privacy notices:

• Creditsafe Privacy / Transparency Notice:
  Transparency Notice | Customers & Suppliers
• TransUnion CRAIN (Credit Reference Agency Information Notice):
  https://www.transunion.co.uk/legal/privacy-centre/pc-credit-reference
• TransUnion Bureau Privacy Notice:
  https://www.transunion.co.uk/legal/privacy-centre/pc-bureau

Type of data we collect

This section outlines the type of data and information collected through this website and the steps available to users to request access, amendment and removal of data.

Website Cookies

The use of cookies on this website is outlined in more detail within our cookie policy.

Google Analytics

This website https://www.briancurrie.co.uk uses a 3rd party service called Google Analytics to collect information about visitor behaviour to inform business decisions. Examples of the information collected via Google Analytics includes the number of visits, areas of this website users are accessing and the action users are taking. This information is anonymous and does not allow identification of individual users accessing this website.

You can learn more about privacy at Google or choose to opt-out of this feature entirely by installing the Google Analytics Opt-out Browser Add-on.

Personal Information via Enquiry Forms

If a user submits an enquiry to Brian Currie via an enquiry form on this website then details including the name, email address, phone number as well as any additional information provided by the user in the message field will be sent to Brian Currie and stored within tools made available by Spidersnet, for future reference and to comply with any internal auditing requirements in line with legitimate business use. This information, unless otherwise stated is intended for legitimate business use including responding to the enquiry, it will not be shared with any other parties or used without consent.

By submitting an enquiry via any form on this website a user gives consent to be contacted back by appropriate methods in relation to the initial enquiry.

This website may also include additional tools which send automated emails upon a user requesting these eg. Stock Alerts. Users are able to unsubscribe or opt-out of these emails at any point from within the emails they receive.

Access to personal information

Under the General Data Protection Regulation data subjects have the right to access, amend and erase information a data controller holds on them. Data subjects can request access, amendments or erasure of their data by contacting Brian Currie directly using the details available on the contact page of this website.

Source of personal data

We may collect personal data about you from:

• you directly

• employers/clients when you apply for a role or are considered for an opportunity.

• referees (where relevant and permitted)

• publicly available sources (for example professional networking sites, business websites, and public records)

• credit reference agencies (CRAs) where required for consumer credit, identity, or affordability checks.

• third party service providers used to support recruitment, screening, and compliance processes.

Recipients / categories of recipients

We may share personal data with customers or business partners, thirdparty service providers, regulators, or law enforcement bodies where required, and professional advisers. Where data is shared outside the UK, appropriate safeguards will apply.

International data transfers

We may transfer personal data to recipients or service providers located outside the UK and/or European Economic Area (EEA).

Where such transfers take place, we ensure appropriate safeguards are in place to protect personal data in accordance with applicable data protection laws. These safeguards may include the use of approved standard contractual clauses, international data transfer agreements, or transfers to countries that have been recognised as providing an adequate level of data protection.

Data retention periods

We keep personal data only for as long as necessary for its purpose and to meet legal or regulatory obligations. Data used for credit reference or affordability checks is retained only for as long as required and then securely deleted.

Right of access – You have the right to request a copy of the personal data we hold about you and information about how it is used.

Right to rectification – You have the right to request that inaccurate or incomplete personal data is corrected.

Right to erasure (“right to be forgotten”) – You have the right to request that we delete your personal data where there is no lawful reason for us to continue processing it.

Right to restrict processing – You have the right to request that we limit how we use your personal data in certain circumstances.

Right to data portability – You have the right to receive your personal data in a structured, commonly used, and machine readable format, and to request that we transfer it to another organisation where technically feasible.

Right to object – You have the right to object to the processing of your personal data where we rely on legitimate interests or where data is used for direct marketing.

Right to lodge a complaint with the ICO

You have the right to complain to the UK Information Commissioner’s Office (ICO) or another relevant data protection authority if you are dissatisfied with how we manage your personal data.

Statutory/contractual necessity & consequences of non‑provision

Provision of Personal Data

Is the provision of personal data statutory or contractual?

The provision of certain personal data is primarily contractual and, in some circumstances, required to meet legal and regulatory obligations.

Personal data is required to:

• enter into and perform contracts with customers, suppliers, or business partners.

• process orders, manage accounts, and deliver goods and services.

• verify identity and prevent fraud; and

• comply with applicable legal, regulatory, accounting, and tax obligations.

What are the consequences of not providing personal data?

If you choose not to provide the personal data, we request:

• we may be unable to enter into a contract with you.

• we may be unable to fulfil orders, supply goods, or provide services.

• we may be unable to conduct necessary verification, compliance, or fraud prevention checks; and

• as a result, our services may be delayed, restricted, or declined.

Where personal data is requested for optional purposes, such as marketing communications, providing this data is not mandatory, and you may withdraw your consent at any time without affecting your ability to receive goods or services from us.

Automated decision‑making / profiling

Non-Automated Decision Making and Profiling

We may use automated systems and tools to support certain business processes, such as risk assessment, fraud prevention, affordability checks, identity verification, or record management.

These tools may analyse personal data using predefined criteria or rules to generate indicators, scores, or recommendations. However, we do not make decisions that have a legal or similarly significant effect on individuals based solely on automated processing. Any such decisions are subject to meaningful human review.

The use of these tools may influence the speed or level of review applied to an application or request, but individuals will not be subject to automatic rejection or adverse decisions without human involvement.

Changes to this privacy policy

This privacy notice is subject to change without prior warning. A review of this privacy policy will be undertaken at regular undetermined future dates with the updated date stated below.

Last Updated: 3^rd February 2026