By continuing to browse our site, you are consenting to the use of cookies.  Click here for more information on the cookies we use. 

Privacy Notice


This Privacy Notice sets out how we will use and process personal data. Please read this Privacy Notice, carefully before using this website (“Website”). We would also draw you attention at this time to our website Terms & Conditions and our Cookies Policy

In this Privacy Notice:

  • “we”, “us” and “our” means ARC (Europe) Ltd.
  • “you” and “your” means the user of this Website and so far as it is applicable, the customer.
  • “customer” refers either to an identifiable person whose account balance we have purchased from the original creditor (the “creditor”), or to an identifiable person whose account is owned by the creditor, who has engaged us to act on their behalf to recover the debt. This Privacy Notice applies to both current and former customers.

Data Protection Legislation and the Information Commissioner’s Office

ARC (Europe) Ltd. considers the confidentiality of any information you may provide us with, as well as your personal details, to be of the utmost importance. We are committed to ensure that we comply with the prevailing data protection legislation, applicable to the United Kingdom and as currently regulated by the Information Commissioner’s Office (“ICO”) whose website is

In meeting our obligations, we actively consider both the privacy of personnel data held and the security measures we employ in order to prevent the unauthorised disclosure of the data.

Data Controllers and Data Processors

  • A “Data Subject” means any living person about whom data is processed. You will be the Data Subject if we process your data.
  • A “Data Controller” is the party who has overall control of the data being processed. Typically, this will be the name of the original creditor on whose behalf we are contacting you in order to request payment of the balance outstanding. In those circumstances, we will be processing the data as a “Data Processor” on behalf of the Data Controller. Where we have informed you that we have purchased the debt, we will be the Data Controller and any third party we engage (as set out in this notice) will be a Data Processor.

Why do we need to process personal data?

We respect your privacy and we only collect, store and process your personal data for lawful and defined purposes. In this respect, we process personal data by reason of having a “legitimate interest” to do so. This legitimate interest includes processing personal data for the purposes of debt collection, early arrears activity, tracing and processing for employment related reasons (for our employees only).

Processing enables us to use the data for these purposes and ensures that we understand a customer’s personal circumstances to enable us to provide customers with affordable payment plans or tailored customer solutions.

Wherever possible (or required in the case of “special data”- please see below) we will also seek your consent to process personal data.

How do you collect my data?

We collect personal data from various sources including:

  • data you give us directly or that data which has been passed to us by the creditor;
  • data from customers’ transactions with us, our affiliates, or others;
  • data we receive from data/consumer reporting agencies or tracing agencies where used;
  • data from computer “cookies” – please see our “Cookie Policy” on this website.

Recorded phone calls

For quality control, security and training purposes, we monitor or record your telephone communications with us. However, we do not record or store your debit or credit card details.

What is “personal data”?

Personal data has a very wide meaning but is currently defined as “…any information relating to an identifiable person…”.

Therefore, personal data will include names, addresses, dates of birth, telephone numbers (mobile and landline), email addresses, payment history and any other data we hold that will identify you.

What is “special data”?

Some data is referred to as “special data” as it is more sensitive and personal to the Data Subject and therefore requires particular controls to process. Examples of special personal data is in relation to a customer’s medical health issues, religion, ethnic origin etc. If that special data is not necessary for the purpose of the processing, it will not be collected. If it is considered necessary for the processing, we will ask you for your consent to note the account and share the information with our client (i.e. the Data Controller).

How do we keep your personal data secure?

To maintain security of customer information, we restrict access to your personal and account information to persons who need to know that information.

We also maintain physical, electronic, managerial and procedural safeguards to protect the privacy of your personal and account information.

Information gathered will only be used for our own business and for client communication purposes.

Disclosure of personal data.

We do not disclose any non-public personal information to anyone - unless it is necessary for the processing and permitted or required by law.

We may pass your details on to:

  • another entity with which ARC (Europe) Ltd. enters or reasonably may enter into a corporate transaction (e.g. a merger consolidation, acquisition, or asset purchase);
  • a third party pursuant to a Court Order, or other form of legal process or in response to a lawful request by or on behalf of any government agency, department, or body;
  • the Data Controller (i.e. the creditor); or
  • a third party if determined by us where we are permitted or required by law to do so, for the purposes of this lawful processing (e.g. a payment processing business, a printing/mailing business, another debt collection agency or a tracing agent). Where we transfer your information to a third party we do so, only on the understanding that they keep the information confidential and use it only for our agreed purposes;
  • The data we collect from you will not be transferred or stored outside the European Economic Area (“EEA”)

How long do we hold personal data for?

We will retain your personal data for only as long as permitted for our legitimate business/processing purposes and also for as long as necessary to satisfy any retention period that we are legally required to meet.

Some data formats where the data is duplicated (e.g. correspondence and call recordings) may be destroyed sooner than other data. Once we have met the retention period (typically 6 years after the account was paid/closed) the remainder of the personal data is destroyed or anonymised.

Data subject rights - requests for access to data, corrections

You have a number of rights under the current data protection legislation and you may wish to make an informal or formal request to see part of your information because you want to check specific details on your account(s) or amend your contact details. If so, please call us on 01932 251 000 and we will be happy to discuss these matters with you. Alternatively, our address is “ARC (Europe) Ltd, Kent House, Churchfield Road, Walton on Thames, Surrey KT12 2TU. If you prefer, please email us at .

As you will appreciate, there is a need for us to protect your confidentiality and one of the ways we do this is to check that anyone asking for personal information has the right to receive it. So we may ask you to prove your identity or provide a written authority before making information available.

Finally, you may want to review your data rights independently or if you are unhappy with the response we provided you with, you should contact the Information Commissioner's Office, on the internet at

You will find the ICO’s address and email address on that website or by calling the ICO helpline on 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers).