This site uses cookies to improve your experience. Find out more by visiting our privacy policy

Customers
Partners
Investors

Premium Credit

Toggle Menu

Privacy Notice

Premium Credit Limited ("we", “us”) are committed to protecting and respecting your privacy. 

This notice is made available to you on our homepage and on every other page of www.premiumcredit.ie (our site). This notice (together with our terms of website use and any other documents referred to in it) sets out the basis on which any personal data we collect from you or that you provide to us, via our site, will be processed by us.  Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of applicable data protection law, including the General Data Protection Regulation ("GDPR"), the data controller is Premium Credit Limited trading as Premium Credit Ireland and Fairway Credit. Its registered office is Ermyn House, Ermyn Way, Leatherhead, Surrey KT22 8UX, Registered No. 2015200 England and Wales, with Irish Branch Registered No. 905165 at Q-House, 76 Furze Road, Sandyford Business Park, Dublin 18.

When this privacy notice applies

This privacy notice applies to personal data obtained via our site or in other general ways as you interact with our business. Any personal data we collect from you or that you provide to us via other websites or apps, under a credit agreement or in accordance with our core services, will be processed in accordance with our privacy notices and terms made available to you at the time you use the relevant website, app or service.

For instance, if you download our mobile software application (our app) a privacy notice will apply to the collection and processing of your personal data in connection with our app. Similarly, this privacy notice does not apply to the personal data we collect from you when you apply to obtain our credit-related products or services or when we sign up to written terms with you in connection with the same (please refer to the separate privacy notice(s) issued to you in the Schedule D of the Credit Agreement on those occasions).

The meaning of personal information/special categories of personal data

Some of the information we collect about you will be able to identify you directly or indirectly as an individual, either when we use it on its own or when we combine it with other information in our possession. This includes identifiers such as your name, identification number, location data, online identifiers (for example, IP addresses – if they can be used to identify you) or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. This information is personal information (also known as personal data) and the way we use it is governed by the GDPR and it is processed pursuant to this privacy notice.

Personal Information also includes special categories of personal data. This is data about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning your health, sex life or sexual orientation. In the unlikely event that any of this more sensitive information is collected from you during your visit to our site – or as you otherwise interact with our business – you may be asked at the point of collection to provide your explicit consent where needed, i.e. if we have no other lawful basis for processing it.

Information we may collect from you

We may collect and process the following data about you:

Information you give us

You may give us information about you by filling in forms on our site or by corresponding with us by phone, e-mail or otherwise in connection with your use of our site or your other interactions with our business. This includes information you provide when you register to use our site, subscribe to one of our services, report a problem with our site or in any other instances when you provide information to us yourself. The information you give us may include, without limitation, your name, address, e-mail address, phone number, date of birth and financial information meaning salary/earnings details, bank account details including sort code and account number and payment card data.

Information we collect about you

With regard to each of your visits to our site we may automatically collect the following information:

1. technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; some of this may be personal data i.e. data which identifies you or which is capable of identifying you; and

2. information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number; some of this may be personal data i.e. data which identifies you or which is capable of identifying you.

Information we receive from other sources 

We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case, we will inform you when we collect that data that it may be shared internally and combined with data collected on this site such as cookies. We are also working closely with third parties (including, for example, credit intermediaries, insurers, sub-contractors in technical, payment and delivery services and other suppliers of services to us, and, where permitted by the GDPR, advertising networks, analytics providers, search information providers, credit reference agencies and the like) and we may receive personal information about you from any of these third parties. Whilst we have our own obligations under the GDPR in respect of this personal information, it is the obligation of third parties, such as your intermediary or service provider, under the GDPR to obtain your consent (where relevant, i.e. if required by law) and/or to give you notice prior to disclosing your information to us. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for some, or all of the purposes set out below (depending on the types of information we receive).

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

How we use your personal information including the purposes for which we use it

In circumstances where you are not obliged to provide the personal information, we request from you in order to use our site, we will make this clear. Our usual practice is not to request any personal information unless this is necessary. We use information held about you in the following ways:

• to communicate with you to provide you with information about the products and services that you request from us;

• to perform any contract we have with you;

• to review, analyse and evaluate for our product improvement and marketing purposes your use of (or your decision not to use) our products and services, including to develop and improve the quality of our offering and strengthen our relationship with you and our other existing and potential customers. We may do this through the use of market research surveys, or such other methods as may be appropriate (with your consent where relevant law requires us to obtain it); We may use artificial intelligence and machine learning based technologies ("AI Systems") for monitoring purposes, for example to automate parts of our call centre operations (including notetaking, complaints handling, data analysis, and quality control) subject to legislative requirements and internal guardrails about AI safety and transparency, meaningful human involvement, etc.

• to notify you about changes to our site, our services or our products;

• to ensure that content from our site is presented in the most effective manner for you and for your computer;

• to allow you to participate in interactive features of our service, such as messaging and live chat, if available and when you choose to do so;

• as part of our efforts to keep our site safe and secure;

• to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

• to administer our legitimate internal management analysis, audit, forecasts and business planning and transactions;

• to help prevent fraud and reduce Credit Risk;

• to establish, defend or exercise our Legal rights;

• to comply with our legal, regulatory and internal governance obligations;

• for monitoring and recording of telephone calls and email communications where necessary for compliance with regulatory rules or self-regulatory practices or procedures relevant to our business, to prevent or detect crime, for quality, training and security purposes; and

• for market research and analysis and developing statistics.

• for our direct marketing purposes, including to maintain marketing databases and to create relevant marketing campaigns.

Automated decision-making, including profiling and use of AI Systems
We may make use of AI Systems for certain market research, product marketing and other customer-facing purposes (for example, analysis of facial expressions during video interviews). We will endeavour to ensure that there is meaningful human involvement in the taking of any automated decisions which may have a legal effect or other similarly significant effect for you, and we will not make such decisions based on special categories of personal data (e.g. health information) without your explicit consent. If you are concerned that we have made an automated decision which has a legal effect, or a similarly significant effect, for you, please contact us as below.

The legal basis for our use of your personal information

This will include (as relevant)

• processing of your personal information in order that we may perform our obligations under a contract with you (such as the contract between us consisting of the terms governing your use of our site);

• processing for legitimate interests provided these are not overridden by your interests and fundamental rights and freedoms (this includes our own legitimate interests and those of other entities and branches in our group of companies); for instance, this is relevant when we use and process your personal data to deal with certain of our regulatory and internal governance obligations; and when we conduct market research surveys, create marketing databases or otherwise use your personal data to determine our strategy for sending direct marketing communications;

• (In addition, / in conjunction with the processing condition described above) processing which is necessary for compliance with our legal obligations under applicable Irish and European Union law.

Your consent may also be a lawful reason for processing your personal data in relation to your use of our site, in certain cases. You should be aware that you are entitled under the GDPR to withdraw your consent, where that has been given, at any time. If you do this and if there is no alternative lawful reason for us to rely on to justify the relevant use or other processing on your personal data, this may affect the use you are able to make of our site.

Data Anonymisation

We may convert your personal data into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct market research and analysis, including to produce statistical research and reports. For example, we may produce reports on which of our product and services are most popular with users of our site. We may share aggregated data in several ways, including for the same reasons as we might share personal data (see below).

Retention period or criteria used to determine the retention period

Your personal data will not be kept for longer than is necessary to fulfil the specific purposes outlined in this notice and to allow us to comply with our legal requirements.

The criteria we use to determine data retention periods includes the following:

(i) Retention in case of queries. We may retain it for a reasonable period (up to 6 months), for instance after you have ceased to use the login facility on our site, in case of queries from you about the term of your use;

(ii) Retention in case of claims. We may retain it for the period in which you might legally bring claims against us if and to the extent this is relevant to your use of our site; and

(iii) Retention in accordance with legal and regulatory requirements. We will consider whether we need to retain your personal data after the period described in (ii) (above) because of a legal or regulatory requirement. Some or all of these criteria may be relevant to retention of your personal data collected in connection with your use of our site.

If you would like further information about our data retention practices, please contact us (Please see ‘Contact us’ Details below)

Disclosure of your personal information

We may share your personal information with any member of our group of companies, which means our subsidiaries, our ultimate holding company and its subsidiaries.

We may share your personal information with selected third parties including:

• Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you or in connection with your use of our site;

• Analytics and search engine providers that assist us in the improvement and optimisation of our site.

• Premium Credit may contact you via email to invite you to review any services and/or products you received from us, in order to collect your feedback and improve our services and products (the “Purpose”). 

We use an external company, Trustpilot A/S (“Trustpilot”), to collect your feedback which means that we will share your name, email address and reference number with Trustpilot for the Purpose. If you want to read more about how Trustpilot process your data, you can find their Privacy Policy here

• The Central Credit Register for the purpose of assessing your credit information where this is a condition of us entering into a contract with you. Under the Credit Reporting Act 2013, lenders are required to provide personal and credit information for certain credit applications and credit agreements to the Central Credit Register, which is owned and operated by the Central Bank of Ireland. You can find more information about how personal data supplied to the Central Credit Register is processed, and about your rights, on the Central Credit Register website.

• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of website use (www.premiumcredit.ie/terms-of-use) and other agreements; or to protect the rights, property, or safety of Premium Credit Limited, our customers, or other persons with whom we do business, such as credit intermediaries. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

• With regulatory authorities, courts and governmental agencies to comply with legal orders, legal or regulatory requirements and government requests.

• Our legal and other professional advisers.

Where we store your personal data (including transfers outside the EEA)

The data that we collect from you may be transferred to, and stored at, a destination outside the EEA which may not offer the same protections for personal data as are available under the GDPR or afford you the same data protection rights you enjoy within the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you will be taken to have agreed to this transfer, storing and processing outside of the EEA in cases where the transfer is necessary for the performance of a contract between you and us (in our capacity as data controller) or for the implementation of pre-contractual measures taken at your request.

Where we transfer your data outside the EEA we will only do so in accordance with our obligations under the GDPR. Steps will be taken to put in place safeguards (including around security) to protect your personal data when it is outside the EEA.

Security of your personal data

We take steps to safeguard the personal data we process and make sure it is held securely and in accordance with the GDPR. In particular, we endeavour to maintain appropriate organisational and technical measures to help us safeguard your personal data including that which is transmitted, stored or otherwise processed, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include computer safeguards and secured files and facilities.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights under the GDPR

As a data subject, you have a number of rights under the GDPR. You can:
• access and obtain a copy of your data on request;
• require us to rectify incorrect or incomplete data in certain circumstances;
• require us to delete or stop processing your data in certain circumstances, for example where the data is no longer necessary for the purposes of processing;
• object to the processing of your data on grounds relating to your particular situation, where we are relying on our legitimate interests as the legal ground for processing;
• receive from us the personal data it holds about you which you have provided, in a reasonable format specified by you, including for the purpose of your transmitting that personal data to another data controller; and
• where our processing of your data is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal.

Please note that these rights are not absolute, and we may be entitled (or required) to refuse requests where exceptions apply.

You have the right to ask us not to process your personal data for marketing purposes. You can exercise this right at any time. This means you can change your mind about receiving marketing communications from us where you have not previously objected to this, for example when you signed a credit agreement with us (or indeed where you have previously given your specific consent to receive marketing). You can opt out of direct marketing by checking the relevant box(es) on the forms we use to collect your data (including in the credit agreement). You can also exercise the right to prevent our use of your personal data for direct marketing purposes at any time by contacting us at marketing@pcl.co.uk.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to personal information

The GDPR gives you the right to access information held about you. Your right of access can be exercised in accordance with the GDPR. A data subject access request is usually free of charge. You can exercise this right by contacting us. (Please see ‘Contact us’ Details below).

Consequences of failure to provide personal data

You have the right to be informed about the possible consequences of failure to provide the personal data we ask you for directly in connection with your use of our site. Any failure to provide personal data may affect our ability to enable your use of our site. You would still be able to read the pages of our site, but you would not be able to use all of the functions on our site – such as the login facility.

Your right to complain to a data protection supervisory authority

We take our data protection obligations seriously and if you have any complaint we will investigate and do everything we can to find an appropriate resolution. If we feel we have complied with the GDPR, we will explain to you in as much detail as possible why this is.

In case you have any questions with respect to the Processing of your Personal Data, you can contact us: DataProtectionOfficer@pcl.co.uk

Please note that if you have a concern about how we process your Personal Data, we would ask that you contact us first so that we can investigate and try to resolve it. You also have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland at any time if you are of the opinion that the processing of your Personal Data by PCL infringes applicable data protection laws.

Ireland: Data Protection Commission (DPC)

Changes to our privacy notice

Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice.

Contact us

Contact our Data Protection Officer by emailing dataprotectionofficer@pcl.co.uk or by writing to Q-House, 76 Furze Road, Sandyford Business Park, Dublin 18.

Last updated May 2026