Privacy Policy

This privacy policy sets out how Allay (UK) Ltd (Allay)uses and protects any information that you give Allay when you use this website and our services. Allay is committed to ensuring that your privacy is protected. By using our website, you may be providing us with some of your personal information, we want to make sure that we do not use your data in a way that you would not expect. Allay assure you that your personal information will only be used in accordance with this privacy statement and in compliance with the latest privacy regulations (EU GDPR). Allay may change this policy in future by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25/05/2018.

Customer Information We Collect Information you give to us is called “Customer Data” which is controlled by Allay Limited. The Customer Data we collect in order to provide our services may include:

This list may not include all the information we require when providing our service/s.

The information we ask you for will relate to your specific enquiry and will only consist of the information we need to carry out our service. If you contact us other than via our website, we may keep a record of that correspondence and a copy of call recordings.

If you decide to use one of our claims management services, you will be provided with a Terms of Engagement along with details of our complaints procedure and how to cancel our service . You will also be able to access details of any regulator applicable to the service/s we provide. This information is provided before we provide our service to you.

We collect and process personal information from you at various stages of the claims process for reasons including answering your enquiries, ensuring that our website content is presented in the most effective manner for you and your computer, to notify you about changes to our websites, to provide you with specific advice, and to carry out our obligations from any contracts entered between you and us.

Other Information Allay may also collect and receive the following information:

What we do with your personal information

The information we collect about you is used for the purpose for which it was provided. We may also use data relating to your claim to make decisions about what services and offers we think you may be interested in. If you are a client, you can update your communication preferences by emailing We may also use your information to provide and improve our products and services.

We also use your information for other parts of our service. This includes:

Your Rights You provide us with details of what we ‘can do’ with your Data and have the right to opt-in and importantly to opt-out by emailing to have your preferences updated. If you are a client, you can request to see a copy of what personal data we hold relating to you. As a client, you have the following rights:

How we provide our Service and Retain your Data There may be times when you contact us to discuss a specific aspect relating to the service/s we provide. You will usually communicate with a member of our team. To provide the most effective service we may share the subject matter of your communication with any of the third parties with whom we need to share information to fulfil our obligation to you. The following are recipients of personal data as part of the claims management process: lenders, investment companies, insurers, administrators, Financial Ombudsman Service, our regulator and Legal Ombudsman

Of the data we process, we retain the data for no longer than necessary in accordance with our Legal Basis for Processing Table (please see further down) and maintain a data retention policy which can be seen below:

When a data subject contracts with us to provide a claims management service, the data is retained within secure electronic archives as required by law but for no longer than 6 years after the conclusion of the service provided.

*Where reasonably practicable access to data is restricted so not to be identifiable unless required by law or is subject to a Subject Access Request.

Security The Allay Group recognise the personal nature of the information we collect, process and store. As we are committed to ensuring that your information is secure we have put in place suitable physical, electronic and managerial procedures to prevent loss, unauthorised access, misuse or disclosure and to make sure that your online information is safe and secure. If password access is required for certain parts of our website/application, you are responsible for keeping this password confidential.

To learn more about our policies regarding security and confidentiality of Customer Data and other information, please see our ISMS Policy

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Other Disclosure The Allay Group may share or disclose Customer Data and other information in the following situations:

Where possible in such circumstances as described above, we minimise your personal data so not to be identifiable as the data subject unless required by law or as subject to a Subject Access Request. For example, by providing details of the average number of successful customer cases in a set period the personal data would not form part of the information disclosed.

General You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected. If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.

If you have any queries relating to our Privacy Policy or the personal data we hold about you, please email If you are unhappy with any aspect of your personal privacy you may complain to us using the contact details above, if you are dissatisfied when we have dealt with your complaint you are entitled to contact the ICO whose information is available at