Last Updated May 2019.

Lantern is one of the leading debt purchase companies within the UK. We specialise in buying short term loans and pride ourselves in being open and honest with all customers which includes being open and transparent with all data processing activities.

The address for the Registered Office is Protection House, 83 Bradford Road, Leeds, LS28 6AT.

We are authorised and regulated by the Financial Conduct Authority (FCA) and also registered as a Data Controller as defined under the Data Protection Law with the Information Commissioner’s Office (ICO).

Lantern are committed to protecting the personal data that we collect and process in relation to the retrieval of outstanding debts. This Privacy Notice relates to all personal information collected and processed through the course of business activities.

This Notice will be updated regularly to ensure ongoing compliance to associated laws and regulations. Changes to how we use personal data will be updated periodically via this Privacy Notice to ensure transparency in all processing activities.

In order for us to fulfil our business requirements, personal data relating to customers, potential new customers and any individuals who have made previous contact will be processed and retained for a defined period of time. This Privacy Notice will explain:

  1. The type of information that we hold relating to customers and other individuals;
  2. How this information is obtained;
  3. Who the information may be shared with;
  4. The reasons behind such processing; and,
  5. How long personal information is retained.

Please note, that personal information will be kept for no longer than necessary for the purpose in which it was provided. Additionally, this Privacy Notice is only applicable to Lantern and personal information which is collected and obtained by us.

No personal data will be requested or retained from individuals navigating our website. Google Analytics is used within our Customer Self Service Portal which is utilised to help improve the customer journey by understanding behaviours across the portal.

Should individuals choose to provide personal information by means of making an online enquiry, the data provided through the course of the enquiry will be kept for the sole purpose of responding to a query. An enquiry made by a customer will be held within the account notes for the duration the account is live and in line with our defined retention period.

As one of the UKs leading Debt Purchasers, we receive the personal data of customers following the successful purchase of a debt from an original lender.

Our legal basis for retaining and processing such personal data is for the recovery of the outstanding debts. Once we have purchased an outstanding debt, we become the data controller of the personal information relating to the customer and take on the legal rights previously held by the original lender.

The personal data retained and processed relating to our customers include:

  1. Name;
  2. Address;
  3. Date of Birth;
  4. Telephone Numbers;
  5. Email Address;
  6. Financial and Credit Score Information;
  7. Employment Status;
  8. National Insurance Number (in some instances).

There may be instances in which we retain and process sensitive data as defined under Data Protection Law. Should such instances arise, we will ensure we receive the explicit consent, directly from our customers prior to the processing. Customers have the right to withdraw their consent for us to process sensitive information at any time.

Possible categories of sensitive data include:

  1. Physical and Mental Health Information.

The information collected by us may be processed for the following defined reasons:
  1. Verifying the identity of customers and their residential status, and doing our best to ensure this information is accurate and up-to-date;
  2. Assessing affordability prior to entering into a payment arrangement which ensures payments agreed are sustainable and affordable;
  3. Processing of payment arrangements and adhoc payments as consented by the customer;
  4. Detecting, preventing and investigating potential and actual fraud and other such related activities;
  5. Fulfilling all aspects in relation to any agreement or accounts, including but not limited to complaints, disputes and queries;
  6. Tracing customers and recovering outstanding debts.
  7. Performing statistical analysis to identify and monitor risks and emerging market trends

How Personal information is obtained:

We receive personal information relating to customers following the successful purchase of debts from original lenders.
In addition to the above and in order to comply with the principles governed by Data Protection Law, we may use the following channels to ensure the information we hold, relating to customers is accurate and where possible up to date. This is to also enable us to meet our needs in recovering outstanding debts.
The external resources utilised to ensure data retained is accurate and up to date include:

  1. DVLA;
  2. CRAs including TransUnion, Experian and Equifax.

Who personal information is shared with:

Throughout the course of the debt recovery journey, there may be instances in which we have to disclose customer information to organisations external to Lantern.
We only disclose information where there is a clearly defined legitimate reason in doing so.
In order to verify a customers identity, Lantern may utilise third party organisations including but not limited to; TransUnion, Equifax and Experian. Such processing is performed to ensure the most up-to-date information is retained. Potential information received from such third parties include;

  1. Name;
  2. Residential Address;
  3. Residential Status;
  4. Date of Birth;
  5. Email Address (if applicable);
  6. Contact Telephone Numbers (Home and Mobile).

We will only send communications via email and text where the details have been appropriately verified. Customers can change their contact permissions at any time by contacting the Customer Services department on 0113 8876 876 or emailing [email protected].

Personal information, the status of account, details of payment plans and any defaulted plans* will be shared with CRAs. The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail in the respective information notices; TransUnion: Equifax Experian:

*Any defaults registered with CRA will remain on an individual’s credit reports for a period of 6 years.
We may from time to time pass personal information of customers onto contracted organisations in the following instances:

  1. To outsource partners who assist in the recovery of any outstanding debts. Lantern will ensure customers remain up–to-date and aware of such data sharing activities;
  2. Where the process of litigation has been instigated against a customer;
  3. The disclosure is required in order to recover assets associated with a debt;
  4. Ensure customer credit reports are accurate and up-to-date;
  5. When customers have entered into a payment plan with an appointed Debt Management Company;
  6. To detect, investigate and prevent, potential or actual fraud;
  7. To meet our regulatory obligations as defined by the Financial Conduct Authority (FCA) and the Information Commissioner’s Office (ICO).

We only disclose the personal data of customers with other organisations once appropriate contractual agreements are in place. Such agreements ensure third parties processing personal data, of which we are responsible, are doing so in accordance with all associated laws, regulations and as per our instructions.

We may pass customer information onto approved Customer Survey Partners who conduct satisfaction surveys on our behalf and as per our instruction.

We will never share or transfer personal information outside of the European Economic Area (EEA) unless appropriate technological and security measures are in place offering adequate protection.

Information held by us:

Customer information will be retained for the period in which an account remains active. Upon closure, personal information will only be retained in order to comply with our associated financial obligations.

Personal information will be securely disposed of when no longer required using appropriate technological measures.

There may be occasions whereby we process personal information relating to third parties. In these instances we commit to ensuring ongoing adherence to Data Protection Laws. Information processed will remain proportionate, relevant and not excessive. Potential third party information held by us includes;

  1. Name
  2. Email Address;
  3. Address;
  4. Contact Details;
  5. Any other information disclosed by the individual.

Personal information relating to a customer's appointed third party representative will be retained for the duration such authority remains valid and for a defined period thereafter.

We will never process personal data considered sensitive which relates to customers or third parties without gaining prior explicit consent to do so.

Online enquiries:

Third party communications sent via the online ‘contact us’ form or via email will be retained for no longer than necessary. We commit to only asking for the personal information which is considered essential to the enquiry and in order to respond to the query or request.

Data Protection Law defines the rights which Data Subjects have in relation to the processing of their personal data. Further information relating to Subjects Rights under Data Protection Law can be found on the ICO website, Should customers wish to express any right as defined under the Data Protection Law, the following channels may be used:

Data Protection Officer
Protection House
83 Bradford Road
LS28 6AT

[email protected]
Unless encrypted, email messages passing over the internet are not secure and could be intercepted and read by someone else. Please bear this in mind when deciding what information to include in any email message.

All requests submitted are acknowledged to confirm receipt and will be fulfilled within the defined timeframe governed by the current Data Protection Law.

We take all reasonable steps to ensure the data held for customers remains accurate and up to date. Customers are also responsible for notifying us, without undue delay on any changes in circumstances. Individuals wishing to update personal information can do so through the following channels:

Online customer self-serve portal:

Email: [email protected]

Unless encrypted, email messages passing over the internet are not secure and could be intercepted and read by someone else. Please bear this in mind when deciding what information to include in any email message.

Telephone: 0113 8876 876 (lines open Monday to Friday: 8am to 7pm, Saturday 9am to 2pm excluding all bank and public holidays

Postal address:

Customer Service Team
Protection House
83 Bradford Road
LS28 6AT

We are committed to ensuring we communicate with customers via their preferred channel when it is practicable. We will only send communications via email and text where the details have been appropriately verified.

If a customer communicates through a verified email, we will respond via the same channel unless otherwise stated.

For customers wishing to change their contact permissions**, requests must be sent via email to [email protected] or alternatively customers can call 0113 8876 876.

*** Please note that at least one contact method must be in place in order to ensure our legal and legitimate reason for processing the data can be achieved.

You can contact Lantern via a number of different methods which are telephone, email or online using our customer self-service portal at Please be aware that calls may be recorded for training, quality and monitoring purposes. We pride ourselves in complete customer care and this gives us the opportunity to continuously improve and monitor our customer experience.

Lantern will never instigate any marketing activities towards our customers, nor will we sell customer information to other organisations for marketing purposes.

Details in relation to our Complaints procedure can be found at the following location:

Individuals are able to lodge a concern with the Financial Ombudsman Service should they feel a complaint has been handled incorrectly. Details in relation to this can be found within our Customer Complaints Policy or on the Financial Ombudsman website,

All individuals have the right to lodge a complaint with the UK Data Protection Regulator, the Information Commissioner's Office (ICO), should they feel a company is in violation of the Data Protection Laws. Contact details can be found on the ICO website should an individual wish to make such a complaint.

Any queries or questions relating to this Privacy Notice should be forwarded to the following email address; [email protected]

Alternatively, you can write to; Data Protection Officer, Protection House, 83 Bradford Road, Leeds, LS28 6AT
Any queries relating to a personal Credit File can be raised directly with the following organisations;

  1. Equifax Ltd, Customer Service Centre, PO Box 10036, Leicester, LE3 4FS, Tel Number 0845 603 6772
  2. Experian, Consumer Help Service, PO Box 8000, Nottingham, NG80 7WF, Tel Number 0344 481 0800
  3. TransUnion, Consumer Services Team, PO Box 491, Leeds, LS3 1WZ, Tel Number 0330 024 7574