Cifas is the UK’s leading fraud prevention service, managing the largest database of instances of fraudulent conduct in the country
Legal & General have become members of Cifas to establish a tougher environment for fraudsters. Using the simple tools of communication and sharing information, Cifas and approved agencies are able to shine a light on fraudulent activity, helping to protect you.
The personal information collected from you will be shared with fraud prevention agencies to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment.
Further details of how your information will be used by Cifas and these fraud prevention agencies, and your data protection rights, can be found on in the full notice below.
Notice for the purpose of fraud prevention and detection
1. Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
2. The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
3. Details of the personal information that will be processed include, for example: name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address and vehicle details.
4. We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
5. [FOR MEMBERS WHO ARE *NOT* PUBLIC AUTHORITIES] We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
5. [FOR MEMBERS WHO *ARE* PUBLIC AUTHORITIES] We process your personal data on the basis that it is necessary in the public interest or in exercising official authority for us to prevent fraud and money laundering, and to verify identity, in order to protect ourselves and to comply with laws that apply to us.
6. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
7. As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more please contact us using the details above.
Consequences of processing
8. If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested, or to employ you, or we may stop providing existing services to you.
9. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
10. Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
11. Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data.
12. For more information or to exercise your data protection rights, please contact us using the contact details above.
13. You also have a right to complain to the Information Commissioner’s Office which regulates the processing of personal data.