We have carefully considered our duties and obligations under the new General Data Protection Regulations (GDPR) including the purposes and legal basis for processing data. We will only use your personal information for the legitimate interests of the business as a membership organisation.
Should you have any questions, please do not hesitate to contact us via email, email@example.com
- how and when we collect your personal data, and what information we collect:
- how and why we use your personal data; and
- your rights to control your personal data.
How we Collect Data and the Type of Data we Collect
If you engage with us in any way, we may collect the following information about you through the methods of contact you choose to use at the point of engagement:
- information you provide through our website and through our application and verification processes;
- information you provide through communications with us, whether in writing (including by letter or email) or on the telephone (including by way of recorded calls)
- information we obtain through your engagement with us on social media, including on blogs, forums and through Facebook and Twitter and other social media sites; and
- information provided on your behalf by your representatives or agents (“Agents”) who engage with us on your behalf in the ways described above.
From time to time we obtain information from outside sources to help us carry out our business functions. This information, which often contains personal data, includes:
- information and reports from credit reference agencies, fraud prevention agencies, insolvency practitioners, debt advisers and tracing agents;
- commercial databases and marketing databases; and
- public records and other publicly available information sources.
- your personal details (including name, date of birth, current and previous postal addresses);
- your contact information (including phone, fax and e-mail details); (for Borrowers, those representing borrowers and relevant institutional investors) your business name and contact information;
- financial information (including bank or building society account details);
- information you provide in our registration or application processes (including, if you are a Borrower, Agent or relevant investor, certain personal data, identity verification, contact details and financial information about directors, partners, members, shareholders, beneficial owners and guarantors);
- information you provide in your dealings with us and through your interaction with the marketplace;
If you are a Borrower or a director, partner, member, shareholder, beneficial owner or guarantor of a Borrower, you will also need to provide us with the following information, which we may also collect from third parties:
- information about your business or company, such as previous credit applications and the conduct of your accounts, and similar personal credit information;
- credit reference checks (see section below for more detail)
- electoral register information; and
- fraud prevention information;
- passwords and security question answers.
In addition to the personal and financial information you submit, or we collect as described above, we may also collect information about your computer (including, where available, your IP address, operating system and browser type), your interaction with the marketplace and our website, and email performance data. We use this information for several reasons, including for marketing, for marketplace administration and for service improvement. Our Cookies Policy describes these processes in more information.
We also collect and retain:
- copies of our correspondence with you as well as other data we collect relating to your activities on the marketplace and your arrangements with Sourced Capital;
- details about visitors to our website for the purposes of aggregating statistics or reporting purposes and to calculate referral fees; and
- comments made on blogs and discussion forums in connection with the marketplace.
We may, particularly in relation to borrowers, investors or guarantors, be given sensitive personal data (such as medical information or criminal records). Where relevant, we will hold and process this data to allow us to make decisions about you and your accounts with us or with which you are connected. This may involve us sharing your sensitive personal data with your Agents. We will process sensitive personal data only in accordance with the requirements of applicable privacy law.
If you provide information about other people (for example, if you represent a borrower and you provide information about directors, partners, members, shareholders or beneficial owners other than yourself) then you confirm:
- by providing information about other people, that you have all relevant permissions and authority (i) to make all those disclosures, (ii) to act on their behalf and (iii) in relation to partners, members, shareholders or beneficial owners of borrowers, to allow us to make credit checks at credit reference agencies in respect of those persons.
How we Use Your Data
We collect, store and use your personal data:
- to inform you of marketplace developments and activity, and of changes to our products and services;
- to develop and improve our services, products and business, including analysing and improving our credit risk models and our customer service offering;
- if you are a Borrower (or a director, partner, member, shareholder, beneficial owner or guarantor of a borrower):
- to ascertain your borrowing needs;
- to assess your creditworthiness and to make credit-related decisions; and
- if you miss any repayment of your loan, to trace your whereabouts and recover debts or enforce a loan contract and to verify any payment plan you have proposed or income and expenditure form you have submitted;
- to transfer money;
- to carry out mandatory or other regulatory checks;
- to comply with our legal and regulatory obligations;
- to carry out statistical analysis, market research and testing;
- to contact you (including by SMS and e-mail) with products and services which Sourced Capital think may interest you (at all times taking into consideration your rights at law including your right to opt-out from receiving marketing from us);
- to open accounts with us and to manage and maintain those accounts;
- to verify your identity and the other information you have provided to us, including your bank account information and (if relevant) the identity of your business associates;
- to update the records we hold about you from time to time;
- to provide and administer the marketplace and our related services; and
- for the prevention and detection of fraud or other illegal or criminal acts
How and Why we Store and Retain Your Data
We will not keep your personal data for longer than is necessary for the purposes for which it was collected and is processed, and for the purposes of satisfying our legal, accounting or regulatory reporting requirements.
These requirements generally permit us to retain our Borrower and Lender records for a period of six years after the end of the borrowing/investing relationship (i.e. the date on which we no longer provide services to you as a Borrower or Lender). We may retain data for longer than this in certain circumstances, for example in the event of an ongoing dispute.
Sharing your Data
Disclosing your information
We may disclose your personal data to other registered members of our marketplace, including:
- to operate the marketplace and seek to match investors and borrowers;
- in the loan contract and personal guarantee, when investors and borrowers are matched;
- to provide transactional and performance information;
- to provide updates (including if and when there are late repayments or if and when a risk-profile has been changed); and
- if required to enforce (or make preparations to enforce) any loan contract.
If you, as a registered member of our marketplace, receive information about another registered member, then you must only use that information to communicate with Sourced Capital about your loan contract with that member. You acknowledge that Sourced Capital is not responsible for misuse of transactional or other information by Sourced Capital members, but you must inform Sourced Capital promptly if you are the victim of any misuse of that information.
We may disclose your personal data as follows:
- to companies in our group and our affiliates;
to our suppliers, sub-contractors and third party data processors (including card payment and direct debit payment processors, marketing and data analytics service providers, collection agents, tracing agents, insolvency practitioners, professional advisers and persons who provide us with the following services from time to time: identification and fraud check; marketing; technology; marketplace support; and back-up and business continuity);
- with any third party you have asked us to share your personal data with, including social media sites if you have asked us to connect with your social media account;
- to credit reference and fraud prevention agencies (see sections below for more information on this);
- if we are unable to provide you with credit and if you consent, to third parties who may be in a position to arrange credit for you;
- to a third party if it acquires all or part of our business or assets in connection with the acquisition, or to a successor in interest in the unlikely event of our insolvency, winding up or liquidation;
- If we are required to do so by applicable law and regulation, governmental, tax or regulatory body or law enforcement agency;
- if you are represented by an Agent, to your Agent; and
- to any other person with your prior consent to do so.
Third parties who process your personal data on our behalf are only permitted to process your personal data in accordance with our instructions and we will take steps to ensure that the transfer and any on-going processing by those third parties is carried out securely and in accordance with applicable privacy laws.
Save as expressly provided above, or otherwise without your consent, Sourced Capital will not share your personal data with any third party.
We are part of a group of companies and, in order to support our business in the most efficient manner possible, we share infrastructure and functions across our business internationally. This means that we may transfer your personal data to, or your personal data may be accessible in, any location in which we do business.
If your information is transferred to or accessible in a country which is not considered by the European Community to adequately protect of personal data (such as the USA), we will always take steps to ensure that your information is protected and that those transfers comply with applicable privacy laws.
We may transfer your information to other countries, including those outside the European Economic Area, either for storage purposes or if we engage suppliers, sub-contractors or third-party data processors who are based or have operations overseas. We will always take steps to ensure that your information is protected and that those transfers comply with applicable privacy laws.
Credit Reference Agencies (“CRAs”)
From time to time we undertake credit reference checks against borrowers and investors (and against directors, partners, members, shareholders and beneficial owners of borrowers and investors), guarantors and Agents:
- as part of the application process;
- for general credit management and know-your-customer (KYC) checks during the term of a loan; and
- if there are late repayments or default.
When CRAs receive a search request from Sourced Capital they will:
- place a credit search “footprint” on your business credit file following each credit application, whether or not your application proceeds. If the search was for a credit application the record of that search may be seen by other organisations when your business applies for credit in the future;
- place an enquiry or organisational search on the personal credit files of directors, partners, members, beneficial owners and shareholders that have been searched, as well as an associate enquiry search on your personal financial partner’s credit file, if they are a director;
- link together the previous and subsequent names advised by you of anyone that is a party to the account;
- place an enquiry or identification search on the record of any shareholder or beneficial owner and who Sourced Capital has checked; and
- create a record of the name and address of your business and its proprietors (if there is not one already).
We will give details of all loans taken through the marketplace and how they are managed to the CRAs. If you borrow and do not repay in full and on time, the CRAs will record the outstanding debt and, in some cases, the length of time that the debt remains outstanding; other organisations may see these updates and this affect your ability to obtain credit in the future.
Any records shared with CRAs will remain on file for six years after your account is closed, whether any outstanding sums have been settled by you or following a default.
You can contact the CRAs currently operating in the UK. The information they hold may not be the same so you may consider contacting them all. They will charge you a small statutory fee. They are:
- Creditsafe, Bryn House, Caerphilly Business Park, Van Road, Caerphilly, CF83 3GR or call 02920 886 500
- CallCredit, Consumer Services Team, PO Box 491, Leeds, LS3 1WZ or call 0870 0601414
- Equifax, Credit File Advice Centre, PO Box 3001, Bradford, BD1 5US or call 0870 010 0583 or log on to www.myequifax.co.uk
- Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0844 4818000 or log on to www.experian.co.uk
False information and Fraud Prevention Agencies (“FPAs”)
If you give us false or inaccurate information or if we suspect or identify fraud we may record this and may also pass this information to FPAs (such as CIFAS) and other organisations involved in crime and fraud prevention including law enforcement agencies.
We and other organisations may access and use this information in order to prevent fraud, money laundering or other criminal activity (for example, by checking details on credit applications, for managing credit and recovering debt). We also use FPAs to screen job applicants and employees.
Please contact us if you want to receive details of the relevant fraud prevention agencies.
Your rights Third Parties
You have rights under the GDPR:
- Exercise your right to request access to certain personal data records we hold about you (a subject access request), by emailing firstname.lastname@example.org with the subject line “subject access request”;
- Request that we update and correct any out-of-date or inaccurate personal data we hold about you by emailing us at email@example.com, and also log-in to your Sourced account and make changes using the Account Settings function;
- Contact us to register your preferences for how we contact you;
- Opt out of any marketing communications that Sourced may send you by emailing us at firstname.lastname@example.org, by calling us on 0333 123 1330, by writing to our Data Protection Officer at Capital House, 6 Webster Court, Warrington, England, WA5 8WD, or by following the link on any email marketing you have received or by following the appropriate opt-out procedures that we include on all marketing materials; and
- Exercise your right to object to our continued processing or your right of erasure, neither of which is a guaranteed or absolute right. We will consider all requests of this nature and take into account any compelling legitimate grounds to continue processing, for example our need to continue to process your personal data in connection with any legal or regulatory requirements to which we are subject; and
- Tell us if you have changed your mind about us referring you to a third party broker or lender.
You may also request that the CRAs we use provide you with information that they hold about you. You must contact them directly to do this.
Sourced Capital takes appropriate technical and organisational measures to safeguard the personal data that you provide to us, but we accept no liability if communications are intercepted by third parties or incorrectly delivered or not delivered.
If we transfer your information to third parties we will take steps to ensure that the transfer and any on-going processing by those third parties is carried out securely and in accordance with applicable privacy laws.
You also have a responsibility to ensure that your information is kept secure. If you are a member of our marketplace, you must:
- keep your login details secret;
- log out of your account when not using it;
- maintain good internet security (for example, be careful when using public WiFi or shared access internet connections); and
- tell us immediately if you think your account has been compromised.
We may request further specific information to help us confirm your identity should you wish to access your personal data. This is a security measure that ensures we do not disclose any private information to an individual who does not have the right to receive it.
We aim to respond to all legitimate requests within one month of receipt of the request, however should your request be complex we may take slightly longer to process your data (up to an additional two months). In prolonged cases, we will contact you within the initial month of the request being submitted with an estimated response time.
You have the right to take any complaints about how we process your personal data to the Information Commissioner:
0303 123 1113.
Information Commissioner’s Office
For more details, please address any questions, comments and requests regarding our data, email@example.com
Sourced Capital is a trading name of Peer Funding Limited registered in England and Wales under company number 08773883.
Our registered address is Sourced Capital, 2 Plantation Way, Worthing, BN13 2AF.
You can contact us using the following information:
Telephone: 0333 900 9999
Post: Sourced Capital, Capital House, 6 Webster Court, Warrington, England, WA5 8WD