At Commercial Finance Limited, we are fully committed to ensuring that your privacy is protected and that we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This statement explains how we collect, process, store, and protect your personal data in line with GDPR requirements.

1. Data Controller

Commercial Finance Limited is the data controller of your personal data. We determine the purposes and means of processing your data in accordance with data protection laws.

  • Business Name: Commercial Finance Limited
  • Email: [Insert Email Address]
  • Phone: [Insert Phone Number]
  • Address: [Insert Registered Business Address]

2. Lawful Basis for Processing

We collect and process personal data only when there is a legal basis to do so, including:

  • Contractual necessity: To assess your loan application and provide financial services.
  • Legitimate interests: To improve our services and communicate with you.
  • Consent: For marketing communications (with clear opt-in).
  • Legal obligation: To comply with regulatory or legal requirements.

3. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

  • Right to Access – Request a copy of the personal data we hold about you.
  • Right to Rectification – Correct inaccurate or incomplete data.
  • Right to Erasure – Request deletion of your data under certain circumstances.
  • Right to Restrict Processing – Request restriction of how we use your data.
  • Right to Data Portability – Receive your data in a structured, machine-readable format.
  • Right to Object – Object to processing for direct marketing or legitimate interests.
  • Right to Withdraw Consent – Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please email us at [Insert Email Address].

4. Data Retention

We retain personal data only as long as necessary to fulfill the purpose for which it was collected, including legal, regulatory, and accounting requirements. When no longer needed, your data will be securely deleted or anonymized.

5. Data Security

We implement strict technical and organizational measures to protect your data, including:

  • Secure servers and encryption technologies
  • Restricted staff access
  • Regular audits and compliance reviews

6. Data Sharing and Transfers

We do not sell or share your personal data with third parties for marketing purposes.

We may share your data with:

  • Third-party service providers (e.g., IT and hosting)
  • Partner lenders or funders to process your application
  • Legal and regulatory authorities where required

Where we transfer data outside the UK or EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs).

7. Cookies & Tracking

Our website uses cookies to improve user experience and gather analytics. You will be asked to accept or manage cookies when you visit our site. Please refer to our Cookie Policy for more information.