Site Menu

How to Pay Get in touch

Registered Address: The Island, Moor Road, Chesham, Bucks, HP5 1NZ.

01494 911099 contact@idrww.com IDRWW

IDR WORLDWIDE

Privacy Policy

Last updated: 10th February 2025

1. Purpose of this notice

This notice describes how we, International Debt Recovery Limited (‘IDR Worldwide’) collect and use personal data in accordance with and compliantly with the Data Protection Act 1998, the EU General Data Protection Regulation (GDPR) and any other national implementing laws, regulations or secondary legislation, as amended from time to time, in the UK (‘Data Protection Legislation’).

Please read the following carefully to understand our practices regarding the personal data (as defined within the Data Protection Legislation) in our possession and the very limited ways in which we will use it.

2. About us

IDR Worldwide (in this Privacy Notice referred to as “we”, “us”, “our” and “ours”) provides services in cross-border debt recovery, principally for banks based in the United Arab Emirates, Qatar and Bahrain (‘Services’). The debts which we seek to recover generally arise from credit agreements for unsecured loans and/or credit cards issued by our client banks. Even though the debts which IDR Worldwide collect are governed by foreign law (rather than by the UK consumer credit legislation) we are authorised and regulated by the Financial Conduct Authority (‘FCA’) in relation to the debt collection services operated within the UK. Our FCA reference number is 737367.

In the provision of our Services, we collect and retain personal data relating to:

  • The bank employees from whom we take instructions (‘Clients’), all of whom are resident outside of the European Economic Union (‘EU’).
  • Other third-party correspondents (for example, process servers and solicitors) who are resident within the EU and therefore have legal rights under the Data Protection Legislation (‘Third Party Correspondents’).

In relation to these categories of personal data, we are the ‘data controller’ under the Data Protection Legislation, meaning we are responsible for deciding how we hold and use the personal data.

Additionally, in the provision of our Services, we collect and retain personal data relating to the customers of our Clients from whom we are instructed to recover outstanding liabilities (‘Customers’). In relation to this category of personal data, we are a ‘data processor’ under the Data Protection Legislation, meaning we only process the personal data in accordance with professional instructions given to us by our Clients and/or in accordance with our licensed use of data provided to us by TransUnion International UK Limited (‘TU’). You are also referred to TU’s own privacy notice, incorporated herein: Bureau privacy notice.

Peter Coyle is our Data Protection Compliance Officer (‘DPCO’) and is responsible for assisting with enquiries in relation to this privacy notice and/or our treatment of the personal data we hold. Should you wish to contact our DPCO, you can do so using the contact details noted below.

3. How we may collect your personal data

We obtain personal data from Clients or Third Party Correspondents when:

  • An individual requests (by telephone, post, or email) a proposal from us in respect of our Services.
  • An individual engages us to provide our Services.
  • A Client provides us with contact details for those Third Party Correspondents with whom we need to communicate in order to deliver our Services.

We obtain personal data relating to Customers when:

  • It is delivered to us by our Clients as the Data Controller.

4. The kind of personal data we hold

The information we hold about Clients and Third Party Correspondents includes:

  • Personal contact details (name, address, telephone numbers, and email addresses).
  • Details of all contact/correspondence we have had in relation to the provision, or proposed provision, of our Services.
  • Details of the Services received from us.
  • Details of how our Services have been (or are going to be) funded.
  • Contact details for those who have introduced our Services to others.
  • Information about any complaints made about our Services.

The information we hold about Customers may include:

Sensitive personal data, as defined by the Data Protection Legislation, including:

  • Passports and other emigration/immigration documents.
  • Financial records related to accounts and facilities with our Clients (including credit card and loan applications/agreements, cheques, account statements, and other banking records).
  • Identification data from public records (e.g., census records, electoral roll) and from UK credit reference agencies.

5. How we use the personal data we hold

Introduction

We use personal data solely for delivering our Services and maintaining necessary management and administrative systems.

Sharing of personal data

Sharing personal data with third parties (such as Third Party Correspondents) is necessary for our Services, but disclosure is strictly limited to:

  • The instructions given to us by our Clients.
  • The strict legal purpose for which our Services are required.
  • The terms of the debt collection licence granted by the FCA.

We never use or share personal data relating to Customers for marketing purposes, nor do we transfer personal data outside of the European Economic Union.

Data retention

We retain personal data only as long as necessary for its intended purposes, considering:

  • Business and service requirements.
  • Legal and regulatory obligations.
  • The types and amount of personal data.
  • Whether alternative processing methods exist.

6. Data Security

We implement security measures to prevent unauthorised access, loss, alteration, or disclosure of personal data. In case of a suspected data breach, we will notify affected parties and relevant regulators if legally required.

7. Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal data we hold is accurate and current. Please notify us of any updates.

Your rights under the Data Protection Legislation

You have the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing.
  • Request transfer of your personal data to another controller.

Requests will be assessed based on legal obligations. A reasonable fee may apply for unfounded or excessive requests.

8. Right to withdraw consent

Where consent is given for specific processing, it may be withdrawn at any time by contacting Peter Coyle at the details below.

9. Changes to this notice

We may update this privacy notice in the future. The last update was on 10th February 2025.

10. Contact us

For any queries about this notice or how we process personal data, please contact:

IDR Worldwide
The Island
Moor Road
Chesham
HP5 1NZ

You also have the right to make a complaint to the Information Commissioner’s Office (ICO) at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone – 0303 123 1113 (local rate) or 01625 545 745
Website – ICO.ORG

We are debt recovery specialists, helping clients facilitate outcomes that are affordable, fair and lasting - We are debt recovery specialists, helping clients facilitate outcomes that are affordable, fair and lasting - We are debt recovery specialists, helping clients facilitate outcomes that are affordable, fair and lasting - We are debt recovery specialists, helping clients facilitate outcomes that are affordable, fair and lasting - We are debt recovery specialists, helping clients facilitate outcomes that are affordable, fair and lasting