We use cookies to help us improve and protect our services. By continuing to use the site, you agree to our Cookies Notice
Close cookies banner
Creditspring logo
Get started

Privacy Notice

Who we are

We are Inclusive Finance Limited, trading as Creditspring (" we ", " us ", " our "). We are a private limited company, and our registered company number is 10522518. Our registered office is First Floor, 119 Wardour Street, LONDON, W1F 0UW

We are registered with the Information Commissioner's Office (" ICO ") with registration number: ZA252803. We are the data controller of any personal data you provide to us and are subject to any applicable data protection laws.

This notice explains how and why we use your personal information.

Changes to this Privacy Notice

Version date: 27 January 2025

We reserve the right to modify this Privacy Notice at any time. Any changes we may make to our Privacy Notice will be made available to you through this page on our website.

The personal data we collect about you

You can browse our website as a guest.

We collect information by using cookies. Please see our Cookies Notice which explains what cookies we use on our website, why we use them and how you can control them.

Additional services are available once you register with us and login to our website. In this case, we will know who you are, your activities on our website and information about your computer may be linked to you on our systems. We may retain copies of any correspondence you send us, details of your registration history and any materials you post or upload to the Creditspring website.

We also store data that you submit to us via email and through our contact form and email subscription sign-up form on our website.

Our website and services are not intended for children, and we do not knowingly collect personal data relating to children.

What information do we collect from website users?

We may collect and process the following personal information from you:

  • Identity Data - information that you provide by filling in forms on our website. This includes your first name, maiden name, last name, title, date of birth and gender.
  • Profile Data - information provided at the time of registering to use our website, such as your username and password. You may also choose to provide additional personal data to us after you have created your profile.
  • Contact Data - information including your billing address, delivery address, email address and telephone numbers. If you contact us, we may keep a record of that correspondence.
  • Financial Data - information including your bank account details, payment card details, spending habits and other information required to undertake underwriting and credit reference agency checks
  • Marketing and Communications Data - includes your preference in receiving marketing from us and our third parties. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. We may also ask you for information when you report a problem with our website.
  • Usage Data - details of your visit to the website, page response times, lengths of visit, transactions you carry out through our website and of the fulfilment of orders.
  • Technical Data - details of your visits to the website including, but not limited to, login information, browser type and version, traffic data, location data, weblogs and other communication data, and the resources that You access, so We may compile statistics relating to your use of the website.
Special Category Data

We may also collect 'special category data' which is personal information that needs more protection because it is sensitive including:

  • physical or mental health details;
  • offences and alleged offences; and
  • criminal proceedings, outcomes and sentences.

Information from other sources

We may also check information about you held on our own records and also obtain information from credit reference agencies about you and your financial associates' personal credit behaviour and personal credit accounts.

We may also search at fraud prevention agencies for information on you and your financial associates and business partners.

We may receive information about you from service providers including:

  • third parties you request services from who we referred you to; and/or
  • suppliers of marketing lists.

Purposes and lawful basis to process your personal data

We have set out below, in a table format, a description of all the ways we use your personal data as stated above, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data.

What we use your information for Type of information Our reasons Our legitimate interest
To provide the Creditspring services:
  • registering you as a new customer
  • carrying out our obligations arising from any transactions you enter into with us, for example disbursing a loan and to provide you with the information, products and services that you request from us.
 Submitted Information

Fulfilling contracts

Our legitimate interests

Our legal obligation

Being efficient about how we fulfil our legal and contractual duties.

Our commercial interest in providing you with a good service.

Complying with regulations that apply to us.
To combat against fraud:
  • verifying your identity to protect against fraud, comply with financial crime laws and performing underwriting and credit checks to confirm your eligibility to use our products and services; and
  • helping us better understand your financial circumstances and behaviour so that we may make decisions about how we manage your Creditspring account;

Submitted Information

Device Information

Third Party Information

Location Information

Fulfilling contracts

Our legitimate interests

Our legal obligation

Developing and improving how we deal with financial crime, as well as complying with our legal duties in this respect.

Complying with regulations that apply to us.
To help market and provide new products and services that may interest you:
  • to provide you with information about other goods and services we may offer that are similar to those that you have already purchased or enquired about;
  • to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  • to make suggestions and recommendations to you and other users of our websites about goods or services that may interest you or them; and
  • to process applications for products and services available through us including making decisions about whether to agree to approve any applications.

Submitted Information

Device Information

Third Party Information

Our legitimate interests

Defining types of customers for new products or services.

Being efficient about how We fulfil our legal and contractual duties.

Seeking your consent when we need it to contact you.
To keep the Creditspring services up and running:
  • to administer our website for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to ensure that content from our website is presented in the most effective manner for you and for your computer;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • to notify you about changes to our service; and
  • as part of our efforts to keep our website safe and secure.

Submitted Information

Device Information

Fulfilling contracts

Our legitimate interests

Our legal obligation

Being efficient about how we fulfil our legal and contractual duties.

Complying with regulations that apply to us.

Data processing partners

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable).

Notwithstanding any terms to the contrary, we may disclose your personal data to third parties only where strictly necessary for the purposes set out above, including:

We may collect the following personal information about You:

  • other entities who are affiliated to us;
  • credit reference and fraud prevention agencies;
  • public, regulatory and governmental authorities and agencies where required by law;
  • courts and tribunals;
  • service providers;
  • professional bodies, advisers and consultants;
  • our own finance providers and investors, agents and trustees acting in connection with our financing arrangements;
  • credit brokers and other third parties that you request services from directly via our arrangement with them;
  • third party companies or individuals to assist us with fraud prevention and risk assessment, to assist us with customer service, and to facilitate the payments or reimbursements of fees you request;
  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

What credit reference and fraud prevention agencies do

When a credit reference agency receives an initial search from us they will leave a "footprint" on your credit file. However, this footprint will only be visible to you and us.

If you accept our offer of a loan, we will perform a full credit search which will leave a visible credit search "footprint" on your credit file. If the search was for a credit application, the record of that search (but not the name of the organisation that carried it out) may be seen by other organisations when you apply for credit in the future.

A credit reference agency will link together the previous and subsequent names advised by you of anyone that is a party to the account.

Credit reference agencies supply the following information to us:

  • information about you, such as previous applications for credit and similar personal credit information in your name or in relation to your financial associates and business partners
  • details of any financial sanctions imposed by the United Kingdom government which are applicable to you;
  • public information such as County Court Judgments (CCJs) and bankruptcies;
  • electoral register information on you and your business partners; and
  • fraud prevention information.

Credit reference agencies will keep records of outstanding debt on file for six years after they are closed, whether settled by you or defaulted.

The information which we and other organisations provide to the credit reference agencies and fraud prevention agencies about you, your financial associates, your business partners and details about your business may be supplied by credit reference agencies and fraud prevention agencies to other organisations and used by them to:

  • prevent crime, fraud and money laundering by, for example checking details provided on applications for credit and credit related or other facilities;
  • check the operation of credit and credit-related accounts;
  • verify your identity if you, your financial associates or your business partner(s) apply for other facilities; electoral register information on you and your business partners; and
  • make decisions on credit and credit related services about you, your financial associates and/or your business partners, or your business;
  • manage your personal account(s), your financial associate's account(s), Your business partner's and/or business credit or credit related account(s);
  • trace your whereabouts and recover debts that you owe;
  • conduct other checks to prevent or detect fraud; and
  • undertake statistical analysis and system testing.

If false or inaccurate information is provided by you and fraud is identified we will record this and details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information. We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

  • checking details on applications for credit and credit related or other facilities;
  • managing credit and credit related accounts or facilities;
  • recovering debt;
  • checking details on proposals and claims for all types of insurance; and
  • checking details of job applicants and employees.

Please contact us if you want to receive details of the relevant fraud prevention agencies. We and other organisations may access and use from other countries the information recorded by fraud prevention agencies.

The identities of the credit reference agencies, and the ways in which they use and share personal information, are explained in more detail at:

Where we store your personal data and our security measures

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us, one of our affiliates or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted.

We take appropriate measures to ensure that any personal data is kept secure and for the duration of your use of our services. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data when transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

If your personal details change, we ask you to update them by accessing the relevant page of the website or by contacting us using the contact details in the “Contacting Us” section at the bottom of this Privacy Notice.

Retention of your personal data

Creditspring is obligated under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692) to retain personal data about you and your Creditspring transactions for a period of five years. In order to not hold your information for longer than is strictly necessary we will delete any of your personal data 7 years after the termination of our business relationship.

Your legal rights

It is important that the personal data we hold about you is accurate and current.  Please keep us informed if your personal data changes during your engagement with us.

Where we are acting as a Data Controller, and under certain circumstances, by law you have the right to:

  • Request access to your personal data (commonly known as a Data Subject Access Request (DSAR)). This enables you to receive a copy of the personal data we hold about you.
  • Request correction of the personal data that we hold about you.  This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data.  This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.  You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground.  You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you.
  • Request the transfer of your personal data to another party.
  • Right to withdraw consent. In the circumstances where we are processing your data on the basis of consent you have provided us, and we have no other legal justification or obligation to continue the processing, you have the right to withdraw your consent for that specific processing at any time.

For your protection and to protect the privacy of others, we may need to verify your identity before completing your request.

If you object to us using your personal data or withdraw consent for us to use your personal data (when we are processing your personal data based on your consent) after initially giving it to us, we will respect your choice in line with applicable law.

If you would like to exercise any of these rights or would like to confirm the accuracy of your information, please contact us using the contact details in the “Contacting Us” section at the bottom of this Privacy Notice.

Automated decisions – Your rights

We may use a credit-scoring system, i.e. an automated system to assess any aspect of your creditworthiness. You may ask us to ensure that, when we are evaluating your application for finance, we don't base any decisions solely on an automated process. You must notify us of this request in writing using the contact details in the “Contacting Us” section at the bottom of this Privacy Notice.

If you make such a request, you will then have the right to be notified where such a decision is or will be based on an automated process. If we notify you that we have taken such a decision, you may request us to review that decision other than by automatic means by contacting us using the contact details in the “Contacting Us” section at the bottom of this Privacy Notice within 21 days of receiving the notification.

These rights will not apply in all circumstances, for example where the decision is authorised or required by law and steps have been taken to safeguard your interests.

Complaints

You have the right to complain to the Information Commissioner's Office about our data processing activities (helpline on 0303 123 1113).

We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Please take a look at some helpful guidance on ICO website which can be found here.

Contacting us

If you have any questions about this Privacy Notice or your information, or to exercise any of your rights as described in this Privacy Notice or under any applicable data protection laws, you can contact us or our appointed Data Protection Officer (“DPO”):

  • By email: The Creditspring Data Protection Officer, hello@creditspring.co.uk
  • By post:

    The Creditspring Data Protection Officer

    First Floor
    119 Wardour Street
    LONDON
    W1F 0UW