Privacy Policy

This privacy policy sets out how Repossession Ltd t/a The Enforcement Agency (we/us/our) uses and protects any information that you give us when using this website, when you subscribe to our marketing communications or during the performance of our business activities.

Repossession Ltd is a company registered in England and Wales under company number 16145413. Our registered office is 3rd Floor, 86-90 Paul Street, London, EC2A 4NE.

The Enforcement Agency is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, our services or receiving marketing emails, then you can be assured that it will only be used in accordance with this privacy policy.

The Enforcement Agency may change this policy from time to time by updating this page. You should check this page to ensure that you are happy with any changes. This policy is effective from 19 December 2024.

What we collect

We may collect the following information and data:

  • Name and employer.
  • Contact information, including email address and telephone number.
  • Information that you may provide when completing our forms or requesting services.
  • Information received in correspondence or during telephone calls.
  • Information attained during our business activities, including any vulnerability or health condition disclosed or observed.
  • Property ownership or registered keeper details.
  • Demographic information such as locality, preferences and interests.
  • Other information relevant to customer surveys and/or offers.
  • Debit card, credit card or bank details for payment purposes only.
  • Visual and audio recordings of you through our use of recording equipment.

What we do with the information we gather

We require this information to understand your needs and provide you with a better service, and for the following reasons:

  • Internal record keeping to meet regulatory requirements
  • Staff training and quality control.
  • Complaint handling.
  • We may share your sensitive personal data with our client and support agencies, including emergency services, to ensure your case is dealt with appropriately.
  • We may use your data, with your consent, to refer you to charitable organisations
  • For the safety and security of agents, clients, occupiers and other affected parties
  • We may periodically send promotional emails about new services, industry updates, opening hours or other information which we think you may find interesting using the email address you have provided.
  • From time to time, we may also use your information to contact you for market research purposes.

The way we process your information varies depending on our relationship with you. If you have provided us with your contact details, we may contact you by email, telephone or by post. We will not contact you for direct marketing purposes if you have told us that you do not want us to use your personal data for this purpose. We will not share your personal information with third parties for marketing purposes. We may disclose your personal data to third parties if we are under a duty to disclose or share your personal data to comply with a legal obligation, our customers, or others or if it is in the public interest.

You can change your communication preferences at any time by emailing us at info@theenforcementagency.com

Personal data

Whether or not we record calls, obtain images, or capture audio data via our body cameras as part of enforcement will depend upon the nature of your relationship with us.

We operate a dedicated telephone line which clients and occupants can use to make enquiries regarding our services. Calls to this line may be recorded and we may collect your telephone number and an audio recording of the conversation.

Our body-worn cameras record and collect images, audio and video footage. Body-worn cameras also have the potential to collect sensitive (special category) personal data that may be visible in the images, audio or video recorded.

We may share or be asked to share a telephone call recording, body-worn camera footage or information we have gathered with our clients, occupants or law enforcement agencies.  This is to enable them to respond to a complaint or allegation of a crime committed.

Your personal data will only be shared with any person or organisation not listed above when we have your prior consent to do this.

Under Data Protection legislation, we may be required or permitted to disclose your personal data without your explicit consent, for example, if we have a legal obligation to do so for reasons such as:

  • Law enforcement
  • Fraud investigations
  • Regulation and licensing
  • Criminal prosecutions
  • Court proceedings

You may request that your call isn’t recorded. In this situation, you will normally be advised to contact us either in writing or via email.

In exceptional circumstances, you may be transferred to a non-recorded phone. This is not intended to cause harm or distress to the caller, but due to not all mobile network providers or contractors having this facility.

It is our policy that any enforcement agent wearing a body-worn camera should activate it only when appropriate in the proper performance of their official duties and where making recordings is consistent with this policy and the law.

We do not permit enforcement agents to use any recording devices without the knowledge of the third party. We process personal data to include images and audio recordings as well as the potential to collect sensitive (special category) personal data to the extent that it is visible in the images or audio recorded.

Our calls are recorded and stored securely in the cloud for three months, after which they will be automatically destroyed. If a complaint is raised, the call will be stored for six months or until the complaint is resolved, whichever date is later. In the event that a call is requested under a subject access request (SAR) by a law enforcement agency such as the police, the call will be downloaded and retained until such time as it is no longer necessary, for example, the conclusion of a police investigation.

If we wish to use your call recording (or any personal data acquired during a call with us) for a new purpose not covered by this privacy notice, we will provide you with a new notice.

The new notice will explain the new usage before we begin the process and set out the relevant purposes and processing conditions. Where necessary, we will seek your consent to the new processing.

Legal basis

The legal basis upon which we process and record telephone calls and use body-worn cameras is that it is necessary in the legitimate interests of our business to do so.

If the personal data amounts to special category data, such as health-related data, then this is processed on the lawful basis of the legal claim against you on behalf of our client.

We will only process personal data where there is a lawful reason for doing so. We may process data;

  • During the performance of a contract or service.
  • By reason of legitimate interest.
  • By way of consent.
  • As a result of a legal obligation for compliance purposes.

Protecting your information

For the purpose of the GDPR, where information is collected directly by us or provided directly to us by you, The Enforcement Agency is the Data Controller of your personal information. We will observe all obligations under the GDPR in relation to any personal data that is held by us. We take all necessary steps to comply with our obligations under the GDPR and all relevant legislation. We are required to collect personal information fairly and to identify how we will use the data and to confirm if we pass information onto a third party. We will comply with all Articles set out in the GDPR and will ensure all personal data supplied to and processed by us is held securely. We will continuously review our policies and procedures in line with the relevant legislation and regulation updates to ensure continued compliance, specifically your data:

  • Shall be processed fairly and lawfully and shall not be processed unless specific conditions are met
  • Shall be obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose or those purposes
  • Shall be adequate, relevant and not excessive about the purpose or purposes for which they are processed
  • Shall be accurate and, where necessary, kept up to date
  • Shall not be kept for longer than is necessary for that purpose or those purposes
  • Shall be processed in accordance with the rights of data subjects under the Act
  • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data
  • Shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data

We will, through appropriate management and by the strict application of criteria and controls:

  • Observe fully the conditions regarding the fair collection and use of information
  • Meet our legal obligations to specify the purposes for which information is used
  • Collect and process appropriate information and only to the extent that it is needed to fulfil operational needs or to comply with any legal requirements
  • Ensure that the quality and accuracy of information used is adequate and is maintained
  • Apply strict checks to determine the length of time information is held and that it is stored for no longer than is necessary
  • Ensure that the rights of people about whom information is held can be fully exercised under the Act and Regulations
  • Take appropriate technical and organisational security measures to safeguard personal information
  • Ensure that personal information is not transferred abroad to countries to which transfers are not permitted under the GDPR

We receive basic personal data from our clients, HM Courts and Tribunals Service and other statutory authorities when court orders or instructions are issued to us for enforcement or collection relating to:

  • Claimants/creditors - information that can be used to identify you as an individual, such as name, address and contact information
  • Defendants/debtors - information that can be used to identify you as an individual, such as name, address and contact information

The personal information which is obtained consists of name, address(es) and details of the judgment, warrant or order made or issued by the Court or statutory authority, which consist of the details of monies due, the premises or land to which a judgment or order refers or specific actions defined in the judgment, warrant or order; for example the delivery of specific items to specific persons.

Occasionally, we will be provided with information concerning potential vulnerability, generally by the data subject, or by persons or agencies acting on his or her behalf. This information may, therefore, relate to the data subject's health.

We do not retain personal data for longer than is necessary unless required to do so by law. We retain all data for a maximum period of six years and only for as long as is reasonably necessary for the purpose for which the data was obtained. Data is retained and destroyed securely in accordance with our legal obligations.

Data security is of the utmost importance to our business and we have worked hard to ensure we have suitable and sufficient physical, electronic and procedural safeguards in place to protect all data we collect. Where possible, all data is stored on our secure internal servers. Where paper copies are required as part of a legal process, these are stored securely prior to being shredded securely by a third-party provider.

Where data is collected for marketing purposes, we will also hold your data on MailChimp servers, which are located in the United States, so your information may be transferred to, stored, or processed in the United States. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. To learn more about how your data will be stored through MailChimp, you can view their privacy policy online at www.mailchimp.com/legal/privacy.

Although we will do our best to ensure we protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent any unauthorised access.

Our website may contain links to other websites. This privacy policy applies only to The Enforcement Agency website, so when you access links to other websites, you should also read their own privacy policies.

Your rights

Object to processing

You have the right to object to us processing your data if the processing itself is an unwarranted interference with your interests or rights. You can find out more about how and why we process your personal data in ‘What we do with the information we gather’. If you still believe that you have a valid and justifiable reason to exercise this right, you can contact us at the details below.

Restrict processing

If you believe we are processing your personal data unlawfully, or you believe that we no longer need your personal data, you have the right to request that we restrict the processing of your personal data.

Right to be forgotten

Under data protection legislation, you have the right to request that we delete your personal data if you believe we no longer have a lawful basis to process it. If you feel that we should not be processing your personal data, you can submit a request to the details below.

Right to rectification

If you believe that any of the personal data we hold for you is incorrect, it is important that you make us aware as soon as possible, for example, if you have a new phone number, email address or have moved address.

Your right to portability

You have the right to request that we transfer personal data that you have provided to us either to yourself or another data controller. You can exercise the right to data portability by contacting us on the below details (please use “Right to Portability” as the subject of your communication):

Accessing your data

You have the right to see the personal data relating to you that we hold. As a data controller, we will also ensure that we provide any additional personal data that any of our data processors may hold about you.

We take the protection of your personal data seriously, because of this, we reserve the right to request proof of identity before supplying any information.

Once we have validated your identity, we will aim, where possible, to respond to your request within a calendar month. We typically will send your personal data by Royal Mail; if, however, you wish to receive it in a different format, for example, on an encrypted disk, then please let us know.

In order to make this request, please contact us on the below details (please use “Subject Access Request” as the subject of your communication):

Please email info@theenforcementagency.com or write to our Data Protection Officer at The Enforcement Agency, 3rd Floor, 86-90 Paul Street, London, EC2A 4NE.

If you have any questions, comments or concerns about our privacy policy, please email us directly.

Connect with an expert today

Opening Hours

24/7 excluding Christmas Day, Boxing Day, New Years Day & Easter Sunday

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
London Office

3rd Floor, 86-90 Paul Street, London, EC2A 4NE

Send us an email
+44 20 7100 9870

Media enquiries

Please contact our press team for any media enquiries, including requests for statements, interviews or any other information media@theenforcementagency.com

Due to our commitment to preserve privacy and undertake our duties discreetly, we do not offer a day out with the bailiffs or any televised coverage of our activities.