Privacy Policy


By providing our clients/your original creditor with your personal information and taking out a contract with them, you consented to them processing your data which includes passing your account to us if it falls into arrears and/or default.

We process your data on the legal basis of this relationship creating a legitimate interest for us to pursue the debt on their behalf.

The Digital DRA Ltd is strongly committed to protecting personal data. This Privacy Policy describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves and by others. We may use personal data provided to us for any of the purposes described in this Privacy Policy or as otherwise stated at the point of collection and in a way that is consistent with our obligations and your rights under the law.

The Digital DRA Ltd provides debt resolution services to third party clients. The majority of your data is provided to us by our client. Other data about you that we will hold is provided to us by you, our customer.


Company Name: The Digital DRA Ltd

Company Number: 13264034

Registered Address: Office 5, The Elsie Whiteley Innovation Centre, Hopwood Lane, Halifax, HX1 5ER

Where we use “we”, “our” or “us” in this Privacy Policy, we mean The Digital DRA Ltd unless we say otherwise.


This Privacy Policy explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.


Personal data is defined by the UK General Data Protection Regulation (hereinafter referred to as the GDPR) as:

“‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Personal data is any information about you that enables you to be identified. Personal data covers  information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

The personal data that we use is set out within this Privacy Policy.


Under the GDPR, you have the following rights, which we will always seek to uphold:

  • The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details set out in this Policy;
  • The right to access the personal data we hold about you.
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have.
  • The right to restrict (i.e. prevent) the processing of your personal data.
  • The right to object to us using your personal data for a particular purpose or purposes.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us transmit that personal data (in a structured, commonly used, and machine-readable format) directly to another company if is technically feasible.
  • Your rights relating to automated decision-making and profiling. 

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in this Policy.

Further information about your rights can also be obtained from the Information Commissioner’s Office (ICO).

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. 

No fee is required to make a request unless your request is clearly unfounded or excessive. 

Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.

If you have cause to complain about our use of personal data, please send an email with the details of your complaint to  We will look into and respond to any complaints we receive.

You also have the right to lodge a complaint with the ICO.  For further information on your rights and how to complain to the ICO, please refer to the ICO website,


We may collect some or all of the following personal data:

  • Name
  • Date of birth
  • Address and previous addresses
  • Email address
  • Telephone numbers (including mobiles)
  • Gender
  • Business name
  • Employment status
  • Profession
  • Payment information
  • Details of the debt owed to our client
  • Payment and transactional information
  • Income and expenditure information
  • Information relating to your chosen payment method
  • Information about you contained in correspondence by you or by third parties
  • Webchat and email records
  • Conversational SMS records
  • Call recordings
  • Details of any County Court Judgments (CCJs) which you may have
  • Details of any bankruptcy or insolvency proceedings which you have entered into
  • Details of any queries, disputes or complaints.

We may record and use family and lifestyle information where it has an impact on your account to ensure we deal with you in an appropriate and fair manner which best suits your needs.

We may collect publicly accessible information about you, for example through an internet search or news articles.


Special category data is information about an individual’s:

  • Race
  • Ethnic origin
  • Politics
  • Religion
  • Trade union membership
  • Genetics
  • Biometrics (where used for ID purposes)
  • Health
  • Sex life
  • Sexual orientation

We only record and process special category data with your explicit consent. If you inform us of any information which is sensitive, we will ask for your explicit consent to record it. The information recorded will be kept to a minimum and limited to that which is necessary. With your consent, we record and process special category data to ensure we deal with you in an appropriate and fair manner which best suits your needs, to understand any impact upon your ability to pay and to understand any impact upon the way we communicate with you.

If you inform us of any special category data by letter, email, webchat or SMS, the act of doing so constitutes your explicit consent for us to collect and use that information in the ways described in this Privacy Policy or as described at the point where you choose to disclose this information.

You can withdraw your consent to us processing special category data by using the details provided in this Policy.

If you provide us with information which we believe puts your life in danger, we may record and process this information, including sharing this information with the emergency services, on the lawful basis of Vital Interest, to protect your life.


We may collect some limited information (prison name, prison number, date of conviction and length of sentence) about any current criminal convictions you may have from publicly accessible information, such as media reports. The information recorded will be kept to a minimum and limited to that which is necessary. We record and process this data to ensure we deal with you in an appropriate and fair manner which best suits your needs, to understand any impact upon your ability to pay and to understand any impact upon the way we communicate with you.

Where you (or someone authorised to act on your behalf) has provided us with this information, we use it on the basis that you have given us your consent to do so. You can withdraw your consent to us processing this information at any time using the details provided in this Policy.


We get your personal data from various sources, specifically:

  • Our clients to whom we provide Services.
  • From yourself (communications via telephone, email, letter, text messaging, live chat, our website).
  • Third parties with authority to act on your behalf, including someone who is acting under a power of attorney.
  • Publicly accessible information (Internet searches, news and social articles, Companies House.


When you access our website, we may collect information about your visits to understand the frequency with which specific visitors visit various parts of our website. For example, we may collect your Internet Protocol (IP) address, which identifies the computer or service provider that you use, or information about your browser type, authentication identifiers, and other software and hardware information. If you access our website through a mobile or other device, we may collect your mobile device identifier, geolocation data (including your precise location), or other transactional information for that device.

If you visit our website to communicate with us, you are generally in control of the personal data shared with us. We receive personal data, such as your name, title, email address and telephone, when you contact us via Webchat or our form submission pages. When you provide personal data to us, we will use it for the purposes for which it was provided to us as stated at point of collection, or as obvious from the context of the data. The chat transcripts may be stored and integrated with other secure applications.

We ask that you do not provide special category information to us when using our website unless you feel this information will impact how we handle your account. If you choose to provide special category information to us for any reason, the act of doing so constitutes your explicit consent for us to collect and use that information in the ways described in this Policy or as described at the point where you choose to disclose this information.

Our website does not collect or compile personal data for the dissemination or sale to outside parties for consumer marketing purposes or host mailings on behalf of third parties.


We may capture limited personal data automatically via the use of cookies on our website. We use small text files called ‘cookies’ which are placed on your hard drives to assist in personalising and enriching your browsing experience by displaying content that is more likely to be relevant and of interest to you. The use of cookies is now standard operating procedure for most websites. However, if you are uncomfortable with the use of cookies, most browsers now permit users to opt-out of receiving them.

We may use any of the following cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to log into secure areas of our website or make use of e-billing services.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our website.
  • Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies. 

Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to access all or parts of our site or to fully experience the interactive features of our website.


There are security measures in place at our offices, including CCTV and building access controls.

The images captured are securely stored and only accessed on a need to know basis (e.g. to look into an incident).  CCTV recordings are typically automatically overwritten after a short period of time unless an issue is identified that requires investigation.

We require visitors to our offices to sign in and keep a record of visitors for a short period of time.  Our visitor records are securely stored and only accessible on a need to know basis.


We process your personal data because it is necessary for our performance of a contract with our client. We need your information in order to carry out the following activities:

  • Contacting you to arrange payment of your debt.
  • Agreeing and monitoring payment plans.
  • Processing any payments you make.
  • Managing your account.
  • Locating you, checking your identity and verifying that the information we hold about you is accurate.


We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected. We retain personal data to provide our services and to comply with applicable laws or regulations. Unless a different time frame applies as a result of a business need or specific legal, regulatory or contractual requirements, where we retain personal data in accordance with these uses, we retain personal data for seven years.

In the absence of specific legal, regulatory, or contractual requirements, our retention period for records is no more than 7 years from the date you cease to have an active account with us.


We only store or transfer some or all your personal data in countries that are part of the European Economic Area. This means that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR.

The security of your personal data is essential to us and to protect your data, we have put appropriate technical and organisational security policies and procedures in place to protect personal data from loss, misuse, alteration, or destruction. We aim to ensure that access to your personal data is limited only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information.


We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality, and security standards.

Personal data held by us may be transferred to:

  • Our Client to ensure their data is accurate, complete, and up to date.
  • Parties that support us as we provide our services (e.g. providers of telecommunication systems, payment processing, mailroom services, IT support, archiving services, website hosting and database software services).
  • Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation.

If any of your personal data is transferred to a third party, as described above, we take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law. 

The information that we share with our suppliers will depend on the nature of the products and services that they provide to us, but we will only share the minimum amount of your information which is necessary for them to provide us with the products and services we need.

If for any reason any personal data is transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.


If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a data subject access request.

Subject access requests can be made using the details found in this Policy.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request without undue delay and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.


Our website contains links to other sites. Please review the destination websites’ privacy policies before submitting personal data on those sites. Whilst we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other sites.


To contact us about anything to do with your personal data and data protection, including making a subject access request or withdraw consent, please mark your communications for the attention of the Data Protection Officer and use the following details:

Email Address:

Postal Address: Office 5, Elsie Whiteley Innovation Centre, Hopwood Lane, Halifax, HX1 5ER 


We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. We recognise that transparency is an ongoing responsibility so we will keep this privacy statement under regular review.

We use cookies to improve your experience. Please let us know whether you consent to our use of cookies. For more information please see our Privacy Policy.