ShareCredit Limited (ShareCredit, we, us or our) are committed to protecting and respecting your privacy and understand how important that is for you. We collect, use and share information about you in accordance with this policy. This policy is important, and you should read it carefully in conjunction with our Terms and Conditions.
We may make changes to this policy from time to time and you should regularly review this page. If you do not agree with this policy, then you should stop using the website and contact us to delete your account.
We gather and use your personal data in operating our online lending platform, www.sharecredit.co.uk. In the normal course of business, we will hold:
- Your identity and contact details
- Bank details
- Information about the investments you make through ShareCredit
- Tax status
- Credit status
We process your information to perform the contract for services we have with you, to comply with our legal and regulatory obligations and, taking into account your privacy, where appropriate in the legitimate conduct of our business.
2. Data Controller
The data controller is ShareCredit Limited. We are a company registered in England and Wales (company number 09540341) and our registered address is 18/F, 40 Bank Street, London E14 5NR. You can write to us at this address or email us at email@example.com.
3. Your rights in relation to the data we hold on you & opt out
Accessing the data we hold on you
If you want to know what data we hold on you, you have a legal right to obtain this information from us. You can make a Subject Access Request at any time, in writing, by following this simple process. By law, we have up to one month to respond to you.
To make a Subject Access Request please write to us at our registered office, for attention of the Privacy Officer, enclosing a photocopy of a photographic ID (e.g. passport or driving Licence) and utility bill (to provide proof of your address). This is to ensure we only send your data to you, or a third party that you expressly authorise in writing to deal with for you.
Amending/correcting the data we hold on you
If you want to amend the data we hold, that’s also very easy to do. We want to make sure we have everything right so please simply contact us to make any amendments to our records.
Deleting the data we hold on you
You can ask us to remove some or all of the data we hold about you. We will undertake this process anyway when you close your account. However, we are obliged to retain data to meet our regulatory obligations and as may be required to defend or take legal action and a request to be forgotten is subject to any specific retention requirements that we have.
Objecting to processing and restriction of purpose
If you want us to stop using some of the data that we hold, or to stop using it in a particular way, you should contact us.
Changing your consent and opting out
It’s ok to change your mind about what data you are allowing us to keep and what you don’t want us to keep. You can contact us to make any amendments to your consents. We have to advise you however, that opting out of some data processing/storage will result in a loss of functionality of the sites and a reduced user experience.
4. Where do we get the data we hold about you?
From information you give to us
We receive and collect data from you when you fill in forms on the website or through an app, such as when you register for an account, or if you contact us through phone, email or otherwise. This generally comprises your name, address, contact details, date of birth, National Insurance number.
If you wish to become a borrower, we will ask you about you for information to determine your credit worthiness. In respect of businesses we will require full disclosure of business information including bank accounts, company incorporation and filing history, trading history and accounts, financial history and any other relevant information required to build a risk profile of your business. This will include personal details of directors and major shareholders. If you are a sole trader, your business information will be treated as personal data.
From information third parties give to us
As a Borrower, you may provide to us with information through an intermediary, such as a introducer or broker. We will treat such information as originating from you and treat it in accordance with this policy. We will also send information about you to the intermediary as may be necessary to provide our Services to the Borrower.
We collect information about you from third parties to verify your identity and for fraud prevention. We collect information about borrowers’ (including their directors’, shareholders’ and/or members') identity and credit history/score from credit reference agencies.
We use third parties such as sub-contractors in technical functions, payment processing and loan enforcement and may also collect information about you from them from time to time, (see below for more details on third party disclosures).
We may get information about you from our partners and affiliate services or through other third parties such as advertising networks, search engine providers, analytics providers, and social networking sites.
From information we collect about you
5. How do we use your data in providing our services?
The grounds on which we process your personal data are:
- To allow us to perform or enforce the contract we have with you; to identify you and administer your account(s) and provide you with the information and services you request from us customised to your preferences. We also disclose your personal data to our partners to enable us to perform the services that you wish to use.
In relation to borrowers, we will use information to assess your application for credit, to administer the loans and, if required, to enforce and recover a debt.
- To comply with our legal obligations: we are required to keep proper records about the advice that we give; we have duties to prevent financial crime, including money laundering and fraud. If false or inaccurate information is provided, or fraud or financial crime is identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.
- To pursue our legitimate interests: to identify you and administer your account(s) and for our internal purposes, examples of which are set out below.
Information about the services you use
We will use some of your personal data to track the services you use through our website for the purpose of validating the data provided to us by our partners.
We will send you emails with important information relating to your account, if and when there are changes to our Terms and Conditions or our policies, or if we need to discuss your account. You cannot opt out of receiving these emails but we will stop if you close your account.
We may contact you for marketing purpose to keep you informed (subject to your expressed preferences) by post, telephone, SMS, email or other electronic means such as via social and digital media about current and new products, services, offers and promotions which may be of interest to you.
We utilise a third-party software and storage solution to analyse the personal data that you have provided to us in order to ensure that the marketing that you receive is as relevant and beneficial to you as possible. We retain full ownership of your personal data and ensure that it is secure at all times.
If you are not happy for your personal data to be used in this way, you can manage your preferences through your account or unsubscribe to remove your details from our contact list. If you have further queries with regards to your personal data, please feel free to contact us at firstname.lastname@example.org.
We use your personal data to carry out market research, statistical analysis and behavioural analysis, on a personalised or aggregated basis. This research and analysis may assist us in improving our website, the services offered to you or other individuals in the future and in making crowdfunding transparent.
Third party processing
We use third parties to process personal information on our behalf. Where third parties process your personal information, we will ensure that they have the necessary high standards of protection in place to ensure you data is secure and used only in accordance with this policy.
We will use personal data as may be required to procure and maintain insurance cover and to administer any claims.
In the event of an interruption or cessation of our business, we need to ensure that we can implement our business continuity procedures (for example, we may need to rebuild our IT systems), or wind down planning to protect your interests. This may involve the processing of your personal data, including a transfer to an alternative service provider.
6. How do our partners use your personal data?
To enable us to deliver our services to you and to meet their own legal and regulatory processes, we engage with a number of partners will use your personal data. In particular, we would draw your attention to the following:
- Resolution Compliance Limited has undertaken to act as the back-up platform administrator in the event that ShareCredit Limited is unable to continue operating the ShareCredit platform (such as an insolvency event). To protect the interests of lenders, we will transfer data to them on such an event.
- ShareCredit Securities Limited acts as the security trustee, holding any security granted by borrowers for the benefit of the lenders. Where the security trustee requires the details of lenders to enable it to properly enforce any security it holds, or to distribute the proceeds, we may transfer your personal data to the Security Trustee.
- The GC Partners provide the payment services that allow the movement of money through the ShareCredit platform. When you open an account you also open an account with the GC Partners and we will transfer your name, address and date of birth to them to allow them to do so.
- We and/or GC Partners are obliged to carry out customer due diligence to prevent money laundering and terrorist financing. We and/or GC Partners may use third party providers to satisfy our know-your-client checks including checking your name against sanctions lists. The information used is usually your name, address and date of birth together with the details of any personal documents (such as your passport) you have used to verify your identity. In certain circumstances, this might include details of directors, shareholders or other beneficial owners.
- We may undertake credit checks with a credit reference agency in respect of investors and/or borrower companies and their directors, shareholders or other beneficial owners.
- We may be asked to provide personal data to the Financial Conduct Authority or the Financial Ombudsman Service as part of our regulatory obligations.
- If you make a loan through the platform, we do not provide that borrower with your personal information unless we are reasonably satisfied that it is necessary in the course of legal proceedings or otherwise in the legitimate interests of the lenders.
Our partners may use the personal data you provide for purposes such as fraud prevention or for internal analysis (such as monitoring customer demographics, market trends or pricing analysis).
We are not responsible for the privacy policies or practices of our partner or affiliates (or other websites you may click though to from our website). You should ensure you read and are fully aware of the terms and conditions and the privacy policies of third party websites.
7. Do we pass personal data to third parties?
Except as set out in this policy, we will not disclose any of your personal data to other parties without your explicit and freely given consent, unless we are legally required to do so by (for example, a court order, for the purposes of prevention of fraud or other crime, or by a competent regulator).
8. Transferring your data outside of the European Economic Area ("EEA")
Some processing of your personal data may be undertaken by nominated sub- contractors outside of the EEA. In these circumstances, the processing will be undertaken in accordance with the provisions of the data protection legislation under which we are obliged to ensure that your data is adequately protected.
We will endeavour to treat all your personal data as private and confidential. Other than under the terms of this policy we will not disclose any personal data about you. Please be aware however that under certain circumstances we may be subject to a legal obligation to disclose personal data about you, or there may be a public duty to disclose that personal data.
Should you decide to complain about the service we have provided to you, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to data protection legislation and to keep your personal data strictly confidential.
10. Deleting your account
We have procedures in place to ensure that information is not kept for longer than is necessary but in summary:
- we will retain personal data about you for as long as your account is active;
- after termination, we will retain only that information required for so long as it is necessary to comply with our legal or regulatory obligations, to resolve any dispute or to enforce our agreements. If we do need to retain information after termination, we will ensure that your data is archived in a way that access is restricted; and
- the maximum time that we envisage retaining any information is six years following termination.
Subject to our legal or regulatory obligations, if you ask us to delete any data, it is promptly deleted or otherwise rendered unusable from within our systems and we will no longer have any access to that data.
11. Contacting us
If you have any questions or concerns about the use of your data or your privacy, please contact our Privacy Officer at email@example.com or in writing to:
18/F, 40 Bank Street
London, E14 5NR.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO), contact details of which are:
- Serious breaches should be reported to the ICO using its security breach helpline on 0303 123 1113 (open Monday to Friday, 9am to 5pm). Select option 3 to speak to staff, who will record the breach and give you advice about what to do next.
- If you would like to report a breach in writing you can send it by post to the office address at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
A cookie is a small piece of code, sent from a website sends to a user's internet browser, which allows that website to track the user's previous activity when they return to that website. This allows us to provide you with the experience that you expect from us and lets us continually improve our service.
You can block cookies by changing the settings on your browser, but if you do you will not be able to access all or parts of our website.
The types of cookies we use are:
Strictly necessary cookies
These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
If you want more information about how cookies operate, or how to manage them, please visit http://aboutcookies.org/.
This Data & Privacy Notice was last updated on 25 June 2019.