We only collect personal data relevant to making and evaluating Finance Requests, issuing Indicative Offers via the Service, the administration of Accounts and the enforcement of Customer Agreements. Such personal data is given directly by you and by people or companies authorised by you to act on your behalf, and it may also include information obtained from those third parties authorised by you to share such information with us, including:
(a) information that you provide by filling in forms on the Service, posting User Content or requesting further services or reporting a problem;
(b) information about your financial interests or financial position;
(c) your contact details, including your e-mail address, date of birth, home address and telephone numbers;
(d) details about your business, which may include details of Directors, Shareholders or Persons of Significant Control. This data will be taken from the open registers at Companies House.
(e) copies of passports or other identification evidence that you provide for anti-money laundering and anti-fraud purposes;
(f) records of telephone calls and any correspondence between you and us;
(g) records of any surveys that you may be asked to complete for research purposes (although you do not have to respond to them);
(i) credit checks from referencing agencies to assess creditworthiness of you and your Business.
credit checks from referencing agencies to assess creditworthiness of you and your Business.
We aim to keep your personal information up to date, so please advise us of any changes by updating your Account or e-mailing email@example.com. You must notify us by emailing firstname.lastname@example.org within thirty days if there is any change in your name, residential address, telephone number, e-mail address and/or any other details that we reasonably consider to be material to our dealings with you in relation to the Service.
Once we have received your personal data, we will use (and require our suppliers and partners to use) procedures and security features to try to prevent unauthorised access, unlawful processing, accidental loss or destruction of, or damage to it, provided that you comply with the provisions of the Customer Agreement relating to the security of your Passcodes. However, the transmission of information via the Internet is not completely secure and, while we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Service and any transmission is at your own risk.
How long we keep your data
With your consent, the information that we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information. When you receive marketing communications from us you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail.
We may use information held about you in one or more of the following ways:
(a) to ensure that content on the Service is presented in the most effective manner for you and for your computer or other devices for which we support access;
(b) to provide you with information, products or services that you request or which we decide may interest you, where you have consented to be contacted for such purposes;
(c) for statistical analysis;
(d) to develop and improve the Service;
(e) to update our records;
(f) to identify which elements of the Service or other products might interest you;
(g) to assess creditworthiness in accordance with the provisions of the applicable Customer Agreement;
(h) to identify, prevent, detect or tackle fraud, money laundering and other crime;
(i) to carry out checks required by applicable regulation or regulatory guidance;
(j) to keep you informed about Product Data, Finance Requests and/or Indicative Offers, as the case may be;
(k) to carry out our obligations arising from – and exercise our rights under – any agreements between you and either of us or other users of the Service;
(l) to allow you to participate in interactive features of the Service, when you choose to do so;
(m) to give you any notices under your Customer Agreement.
Under the GDPR, the main grounds that we rely upon in order to process your personal information are as follows:
a) Necessary for entering into, or performing, a contract – in order to perform obligations that we undertake in providing the Service, or in order to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal data;
b) Necessary for compliance with a legal obligation – we are subject to certain legal requirements which may require us to process your information. We may also be obliged by law to disclose your information to a regulatory body or law enforcement agency;
c) Necessary for the purposes of legitimate interests - either we, or a third party, will need to process your information for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your information protected. Our legitimate interests include ensuring that our operations are conducted in an appropriate and efficient manner, responding to requests and enquiries from you or a third party, optimising our website and customer experience and informing you about our products and services;
d) Consent – in some circumstances, we may ask for your consent to process your information in a particular way. To the extent that we are processing your information based on your consent, you will have the right to withdraw your consent at any time. You can do this by contacting us at email@example.com at any time.
We will keep your personal data confidential and only disclose it to others for the purposes explained when you applied, as well as in the following specific circumstances:
(a) to a credit reference agency to check your identity and for Anti-Money Laundering purposes (it will also keep a record of your request and use it whenever anyone applies to be authenticated in your name);
(b) to inform credit reference agencies that you have an account and how you run that account;
(c) to our agents and subcontractors to use for the purpose of operating the Service, including customer support and providing services to us;
(d) to investigate, prevent or detect fraud or carry out checks against money laundering;
(e) to organisations providing a centralised application matching service which they collect from and about credit applications, for the purpose of preventing and detecting fraud;
(f) for audit purposes and to meet obligations to any relevant regulatory authority or taxing authority;
(g) if you request us, or give your permission for us to do so;
(h) if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any agreements to which you are a party; or to protect our rights, property, or safety, or that of our customers or others (which includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction);
(i) in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
(j) if substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets; or
(k) if you make an application on our platform through one of our key partners, whereby they already had access to your personal data through your relationship with them, to that key partner in order to enable accurate linking between their records about you and our records about you. We may share information, including the status of your application and any funding found so that they can support you fully and appropriately (as part of your existing relationship with that key partner).
Additional information about the credit reference agencies we use, the data they hold, how they use it and how long they retain it, as well as your rights in relation to this data, is available via the link to the Credit Reference Agency Information Notices for each agency below:
We will also check your details with a fraud prevention agency/agencies and if you give false or inaccurate information and we identify fraud, this will be recorded and we and other organisations, including law enforcement agencies and debt collection agencies, may access, use and search these records to:
(a) help make decisions about credit and credit related services, for you and members of your household;
(b) help make decisions on motor, household, credit, life and other insurance proposals and insurance claims, for you and members of your household;
(c) trace debtors, recover debt, prevent fraud, and to manage your accounts or insurance policies;
(d) prevent fraud and money laundering, for example, when:
Please contact us at firstname.lastname@example.org if you want to receive details of the relevant fraud prevention agencies.
We use a number of third party organisations to help provide a professional service to our customers. These organisations act as data processors and are strictly controlled in how they may/may not use your Information and we remain responsible for the protection of your Information. These organisations include:
We will never sell your information to a third party.
In accordance with the GDPR, you have the following rights in respect of your personal information.
You can exercise any of these rights by contacting us at email@example.com or calling 020 3695 9206.
We may ask for further identification or confirmation via email if request is made over the telephone or via postal service. We will aim to respond to all requests within a 30 day period but if the request is complex we may have to extend this to a 90 day period. We shall notify you within the 30 day period if this is the case. In some cases, the deletion of your data may contravene with our requirements under other regulations, we shall inform you of such if this is the case. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.
Depending on the scope and nature of your request, the ability to port your data to a third party may be subject to the current technical functionality of our systems and processes, but you have the ability to request a copy of your information via the contact details below.
Funding Xchange use elements of automated decisioning for the purpose of facilitating Indicative Offers via our online platform. For example, our automatic decision-making systems check all of the data that you provide to us against criteria which lenders use to determine if a borrower is eligible for their products. Only where the data matches the eligibility criteria will the appropriate Indicative Offers be shown to you. You have the right to object to this kind of automated processing of your information. If you wish to do so, please contact one of our Business Funding Specialists to discuss your request further and determine whether there are other options available to you. You can do this by contacting the team on one of the following options:
Email – firstname.lastname@example.org
Phone – 020 3695 9206
The Service may, from time to time, contain links to and from the websites of Finance Providers, Businesses, partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that those third parties have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data directly via those websites or to those third parties.
If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated.
Email – email@example.com
Phone – 020 3695 9206
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk
This privacy notice was last updated on 07th January 2021.