Data Protection Act and Policies

Introducer Appointed Representative

GQ Heating Ltd is an Introducer Appointed Representative (FRN 773311) of Improveasy Finance Solutions which is a trading style of Green Energy Advisors Ltd (Company number 07807353 - FRN 708623) which is authorised and regulated by the Financial Conduct Authority as a Broker not a Lender and offer credit facilities from a panel/one lender.

ICO Registration

For a copy of our Certificate of Registration with ICO, please use the following link: 

Data Protection Act

Definitions under the Data Protection Act 

Personal data 

Individuals can be identified from the different bits of information we collect about them. 

Although separate pieces of information may not identify an individual alone, they may be combined with other data that we hold to identify an individual. 

The Act applies only to personal data which is held, or intended to be held, on computers ('equipment operating automatically in response to instructions given for that purpose'), or held in a 'relevant filing system'. 

Sensitive data 

Certain types of personal data are defined as sensitive under the Data Protection Act, including: 

  • Sex life and orientation 
  • Race, religion or political beliefs 
  • Trade union membership 
  • Medical conditions and medical history, including any Mental Capacity conditions, Criminal offences - either alleged or proven 
  • Punishments received for proven offences 

There are currently no circumstances where the Principal will need to collect sensitive data to submit a loan application to the lender. There may be limited occasions where the principal would be collecting information about the health and well-being of a customer, as part of our obligations to support customers who are vulnerable or who have conditions which affect their mental capacity. 

Data controllers and data processors 

Data controllers include companies, organisations or people who decide how data is or will be collected and used, or ‘processed’. 

“Processing” data means; 

  • Collecting, holding, or recording data 
  • Providing it to other companies, organisations or people 
  • Destroying data.  

The Data Protection Principles 

The Data Protection Act has 8 principles, which can be found at In this section of the guide, we have aimed to summarise what we must do to meet the requirements of the Act and the Data Protection principles. 

Our customers’ rights under the Data Protection Act 

Getting access to their records 

Customers have a legal right to see copies of all records held about them, including details of who we have passed their data to. This is called a ‘Subject Access Request (‘SAR’).

Opting out of marketing 

Customers must tell us by letter or by phone that they do not want to be sent marketing or promotional material from the lender.

Keeping data up to date 

We must accept any request from a customer for their records to be corrected and update our own records immediately. We must also tell the customer to contact the Improveasy if their records need to be updated. 

Customers can claim compensation for damages if we do not meet certain requirements of the Data Protection Act.