Privacy Policy

Last Updated: 19th June 2025

By visiting the Website you are accepting and consenting to the practices described in this Privacy Policy.

At Bluecroft Finance we are committed to protecting and respecting your privacy. We know that you care about how your information is used and shared and we appreciate your trust in us to do that carefully and sensibly. This notice describes our privacy policy and forms part of our website terms and conditions (“Website Terms”).

Bluecroft Finance believes it is important to protect your Personal Data (as defined in the UK GDPR and the Data Protection Act 2018) and we are committed to giving you a personalised service that meets your needs in a way that also protects your privacy. This privacy policy outlines our commitment to protecting and respecting your privacy. For the purpose of the Data Protection Legislation and this notice, we are the ‘data controller’, which means we are responsible for deciding how we hold and use personal data about you.

If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website https://ico.org.uk/.

This Policy may be changed from time to time therefore, please ensure you regularly check this page to see if you are happy with any of the changes made.

We also collect data from credit reference agencies that we use to make our lending decisions. When we do so the credit reference agency will place a search footprint on your credit file that may then be seen by other companies that use credit reference data.

We may also collect data from fraud protection agencies that may or may not be separate from a credit reference agency.

We use this information because:

  • It is necessary to deliver suitable credit related products to you or your company
  • It allows us to meet our legal and regulatory requirements
  • It is in our legitimate interests to understand your financial position and ensure responsible lending.

 

The data we collect will be:

  • Information about your credit history you provide to us
  • Information about individuals you are financially linked with (e.g husband or wife)
  • Your previous history in dealing with us
  • Information we may receive directly from third parties (e.g a broker)
  • Information we receive from checking with credit reference agencies, fraud prevention agencies and watchlists

 

For these purposes we will share information with the various agencies, and in doing so, the following may be true:

  • The credit reference or fraud prevention agency, whether your application proceeds or not, may add details of our search and the credit application to the details the hold on you
  • We may report details of the facility we give you or your company and how that facility is being operated including arrears, defaults or other failures to operate in line with the facility agreement to the credit reference or fraud prevention agency
  • The credit reference or fraud prevention agency may pass any of the data captured to other companies that may use it for credit checking and any fraud purposes
  • The credit reference or fraud prevention agency may use the information in producing statistical analysis about credit and fraud on an anonymous basis
  • The credit reference or fraud prevention agency or us may link financial details with any financially linked person. This may mean that each other’s details may be taken into account on future credit decisions relating to you or the linked person. To remove this at a credit reference agency please contact them.

Further details of the credit reference agencies and how they use your data can be found at

Experian

Equifax

Transunion

We collect Personal Data from you:

  • When you apply or take a service or product from us through our website or app.
    • When you contact us, or if you have replied to a communication from us.
    • When you submit a form either on our website or social media platform.
  • When you submit a feedback form via our email, telephone or our online contact us form.
  • Through Cookies on our website that provide us with website usage information.

This includes (but is not limited to):

  • Name
  • Date of Birth
  • Address
  • Contact Details
  • Employment Details
  • Bank Details
  • CRA information
  • Any sensitive information you share with us.

This includes (but is not limited to):

  • Name
  • Date of Birth
  • Address
  • Contact Details
  • Employment Details
  • Bank Details
  • CRA information
  • Any sensitive information you share with us.

In order for us to process your data we have to have a lawful basis to do so.  We are relying on the following basis to do so:

(a) Consent: you have given clear consent for us to process your personal data for a specific purpose. For example, when we ask for your consent it allows you to have the right of control over your data and how it is processed.  You will find these consent boxes at different opportunities in the application and you will find an opt out on all our marketing communications and through our website.

(b) Contract: the processing is necessary to enter into the contract with you for us to be able to provide you with the loan matching or other services you have specifically requested for. This will also be relevant even if you have asked us for a quote.

(c) Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).

(f) Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests. For example, once you have used our services, we may retain some form of your data for statistical analysis so that we can ensure compliance and improve our products for the future.

We use your information so that:

  • We can process your application.
  • We can verify your identity when you contact us.
  • We can identify accounts, services and products you may have from us.
  • We can offer you other products.
  • We can improve your account administration.
  • We can manage your account as and when needed.
  • It can help us prevent and detect fraud and loss.
  • We can manage risk and prevent crime; and
  • It will improve our business overall and develop better ways we can serve our customers.

Emails and recorded calls are retained for a period of time and then destroyed in accordance with our Data Retention Policy.

• All our staff.
• Third parties including police. government or regulatory agencies should they request it.
• Any officials who request it for legal proceedings.
• If our company and all of its assets are bought by a third party your personal data will also be transferred to this third party.
• If we need to pass on personal data to others who offer administration services, marketing information and customer services

We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us, or where we have another legitimate interest in doing so.

The following activities are carried out by third-party service providers.

IT services, marketing services and banking services.

All our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data.

We carry out comprehensive due-diligence on each party that we work with to ensure your personal data is secure and that the communication you receive is relevant to your needs. 

  • We use encrypted software.
  • We continually test our systems to see whether it can be penetrated by malicious software and outside third parties looking to steal data.
  • We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information

We will not disclose your Personal Data to any third party except in accordance with this Privacy Policy.  Any third party we share your data with must ensure they provide the necessary assurances that they meet and maintain the same level of high standards we provide in security and privacy.

We invest heavily in data security so you should be assured that your data is safe.

Yes.

You may be sent some direct marketing communications via SMS, telephone call or email regarding our products.  You will be contacted via the communication details you have submitted in our website contact form. Ourselves and companies within our group may contact you regarding products and services that we feel may be of interest to you if you have given consent. Marketing consent can be revoked at any time by emailing [email protected].

If you consented to receiving marketing communication from us, there will be an opt-out on every correspondence you receive.   You can also change your mind at any time by emailing us at [email protected] or visiting our website.

To update your information you may do so online in your own account or emailing us at [email protected]

You have the right of access to your personal data. You may complete a Subject Access Request to get a copy of your personal information. Please email us at [email protected]

There will be no fee for us to provide you with this information as long as it is not manifestly unfounded or excessive.

The Bluecroft Finance’s website openly uses cookies which collates information such as your IP address, browser type, operating system, referring URLs and information on actions taken or interaction with our digital assets.

Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic to tailor the website to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

Cookies cannot be used to identify you personally and are used to improve services for you, for example through:

  1. letting you navigate between pages efficiently;
  2. enabling a service to recognise your computer so you don’t have to give the same information during one task;
  3. recognising that you have already given a username and password so you don’t need to enter it for every web page requested;
  4. measuring how many people are using services, so they can be made easier to use and that there is enough capacity to ensure that they are fast.
    See allaboutcookies.org or www.youronlinechoices.eu to learn more about cookies.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic to tailor the website customer needs. These cookies only collect information in an anonymous form, including the number of website visitors and the pages visited. No personal information is collected or stored by Bluecroft Finance. We only use this information for statistical analysis purposes and then the data Is removed from the system.

Yes, we can update our privacy policy without letting you know. We will review this at a minimum annually.

For as long as it is needed to manage your account and for a maximum of six years unless a longer period is required by law.

You have the following rights in relation to your Data:

Right to access – the right to request copies of the information we hold about you at any time, or that we modify, update, or delete such information. If we provide you with access to the information, we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request for which you will be notified of the reasons why.

Right to correct – the right to have your Data rectified if it is inaccurate or incomplete.

Right to erase – the right to request that we delete or remove your Data from our systems.

Right to object – the right to object to our use of your Data including where we use it for legitimate interests.

To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact [email protected]

You have the following rights for your data:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

For further information in relation your rights visit www.ico.org.uk