This is an adopted compliance policy of Trace Enforcement Group under the General Data Protection Regulation (GDPR) for delivery of our services. These services include general debt collection on behalf of our clients, tracing services, execution of writs and warrants of control.

We adhere to the General Data Protection Regulations (GDPR) which came into effect in law on 25th May 2018 along with a new Data Protection Act (collectively referred to below as the DPA).

We continually monitor through our management, controls, processes, and criteria that we maintain compliance to the GDPR and seek to continually improve controls in place. We consider that the lawful and correct procedure of handling personal data is key to maintaining vital client confidence and relationships.

Personal information that we collect, process and/or store:

Our clients provide us with basic personal information relating to defendants or debtors and creditors or claimants, and other statutory authorities when orders or instructions are issued to us for collection or enforcement.

Personal information constitutes name, address(es), telephone number, email address, vehicle information and details of the judgement, order or warrant made or issued by the court or statutory authority. This information can include monies due, premises or land that a judgement or order refers, or specific actions defined within the judgement, order, or warrant.

Occasionally, we will be provided with information concerning potential vulnerability, usually by the data subject, or by persons or agencies acting on behalf of the data subject. This information may therefore relate to a data subject’s health.

In cases where it is reasonable and appropriate, we will search for tracing subject’s name in databases which we are granted lawful access. Based on the information we obtain from these databases we may determine that further enquiries may be made, this could be obtaining telephone numbers for addresses which we believe someone may be found. We may also utilise public registries and/or databases that we think could be of value to his enquiry (for example, the insolvency register). At no stage would we divulge any information to a third party relating to the data subject.

Where it is necessary to process a payment, sensitive information such as your credit/debit card number and security code are not collected by us, the payment is processed using external secure processing websites operated by our bank and the information is not stored on our systems or personnel. Trace Enforcement Group continue to remain compliant to the PCI regulations.

Your image may be captured by an Enforcement Agent’s body worn video (BWV) cameras. For specific details of our BWV policy please refer to the specific document available on our website.

Where we are required to obtain health and medical information where it is relevant to issues of vulnerability, as provided under regulations 10 & 23 of Part 2 of The Taking Control of Goods Regulations 2013, governing the enforcement of such orders, the information obtained is used by administration staff and Enforcement Agents to alert creditors where they have identified such debtors. Relevant Staff and Enforcement Agents are trained to recognise and to manage interactions with vulnerable debtors, and when to withdraw from such situations.

Purposes for collecting data:

DPA regulations state that we are allowed to use personal information only if we have a proper and lawful reason for doing so. This includes sharing it outside of Trace Enforcement Group. The law states that we must have one or more of the below reasons:

  • We have a legitimate interest
  • We need it to perform a public task
  • We have a vital interest
  • We have a legal obligation
  • We have a contractual obligation

We use data collected relating to tracing to confirm the current residential and/or commercial address, telephone number and/or email address of a data subject to our client.

Sharing your personal data:

We may share your personal data with the following bodies:

Credit refence agencies to verify your contact details to ensure you receive our communications.

  • Printing and mailing service providers to send you letters.
  • Email and text messaging providers to contact you through electronic means.
  • Secure payment providers for processing card transactions through our electronic payment services.
  • Your data may also be returned to our client, and we will inform our client on any communications that you have with us and our views and advice.
  • Where the debt remains unpaid your data may be passed to a solicitor for legal action through the court or to answer any legal questions.
  • Any other authorised sub-contractors.
  • Agents who we use to collect an outstanding balance.
  • With the police and other government bodies/agencies for the purpose of crime prevention or detection.

We will not send your personal data outside of the UK.

Storing your personal data securely:

We will not hold your information for longer than is necessary for the purposes outlined in this privacy notice. Retention periods are determined by legislation and business requirements. We may hold your data for up to 6 years to protect our position in the event of any legal disputes. This may be extended if disputes are ongoing.

All information that you provide to us is stored on secure servers. In addition, we seek to always protect the privacy of your information when you visit our website. If you choose to send personal information to us (for example by contacting us online) the information you supply will be transmitted and processed in a secure manner.

What we collect:

We may collect the following information via this website:

  • Any personal details you type in and submit, such as name, address, email address, etc.
  • Your IP address (this is your computer’s individual identification number) which is automatically logged by our web server. This is used to note your interest in our web site.
  • Your preferences and use of email updates, recorded by emails we send you (if you select to receive email updates on products and offers).
  • Session information stored in cookies, these do not include any personal information and are used to ensure the correct data is extracted from the database when using our interactive systems.
  • Under no circumstances will we hold sensitive payment details such as your card number, expiry date and security code.

How we use cookies:

A cookie is a small file that asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. Further information can be found by viewing our Cookies Policy.

Changes to our privacy notice:

From time to time, we may amend the way in which we process personal data. This may lead to changes in how we collect and/or use your personal information. We may amend the terms of this Privacy Policy at any time.

If you require more information about items raised in this notice, we recommend the ICO website,

How to contact us:

If you have a privacy concern, complaint, or a question for the Data Protection Officer, please contact us using our online form, or by email to We will respond to your question or concern within a calendar month.

You have the right to request the above in the form of a Subject Access Request (SAR) to our Data Protection Officer (DPO). This request will be handled within a calendar month of receipt, and you can send the request to, via our ‘contact us’ page, by phone or to our registered address (contact information can be found on our website). We will need to prove your identity before disclosing any personal data, so please provide information relating to your outstanding debt including your reference number, Name, Address, and the vehicle registration that the debt applies to.

If you wish that we delete, remove, or stop using your personal information you have the right to object to our use of your personal information, this is known as the ‘right to object’ and the ‘right to erasure’, or the ‘right to be forgotten’. There may however be a legal or other official reason why we need to keep or continue to process your data.

Unless otherwise stated, the Trace Enforcement Group is the data processor on behalf of our clients, who are the Data Controller.

TRACE Enforcement Group is a trading style of TRACE Debt Recovery UK Limited & TRACE Enforcement Services Limited. Companies registered in England and Wales at: Barratt House, Suite S2, Kingsthorpe Road, Northampton, NN2 6EZ with registration numbers 10079126 & 13480633.