1. Who we are
We understand how important your privacy is to you and ensure any personal data you provide us with is treated with respect, is properly protected and handled in accordance with UK data protection rules and the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR).
This website is owned and operated by Smartping, a trading name of Mindflow Marketing Limited, a company registered in England and Wales (company number 09645483) with its registered office at Atrium Court, The Ring, Bracknell, England, RG12 1BW. Mindflow Marketing Limited is authorised and registered by the Financial Conduct Authority and is entered on the Financial Conduct Authority Register (registration number 770925). Mindflow Marketing Limited is also licenced by the Information Commissioner's Office, (registration number ZA232696).
Mindflow Marketing Limited is an appointed representative under Maintain Marketing Limited (company number 09829835) with its registered office at 26-32 Oxford Road, Bournemouth, England, BH8 8EZ. Maintain Marketing Limited is authorised and registered by the Financial Conduct Authority and is entered on the Financial Conduct Authority Register (registration number 727520). Maintain Marketing Limited is licenced by the Information Commissioner's Office (registration number ZA202297).
Contained within this statement and set out below are details of the type of personal data we may hold about you, our customer, how we obtain and process any personal data we may have and, most importantly, how we protect your privacy. This policy relates only to the personal data submitted or collected via this website.
If you have any queries or concerns regarding how we use your personal data or any questions regarding any of the information provided in this statement, please contact our Data Protection Officer at email@example.com
For all other queries you can contact us at firstname.lastname@example.org or write to us at Atrium Court, The Ring, Bracknell, England, RG12 1BW.
2. General Data Protection Principles
You are visiting our website to apply to be an Affiliate of Mindflow Marketing Ltd. In order to apply, we have asked you to provide us with personal information. You need to know where your personal information is being sent, who is using it and why. You also need to be sure your personal information is kept safe and used only for the purposes you have agreed to.
Under the GDPR we are required to process the personal data you provide us with in a responsible manner. In accordance with the six principles below it must be:
3. Your Personal Data
What Personal Data do we collect?
The information we ask you to provide via the application form on this website is the minimum required for us to provide you with the service.
The personal data we usually ask you to provide is:
Other ways we collect your personal data include
We also use information about you to:
Legal basis for collecting your personal data
How we process your personal data depends on the reason you have given it to us. When you are browsing our website we process your personal data on the basis that you have given consent by using the website.
When you complete all application details on our website we process this data on the basis that we have a legitimate interest in processing this data - you have come to us to provide you with a service and, as a part of providing that service, we have to process your data.
Who do we share personal data with?
In relation to your loan application your personal data will be shared with Mindflow Marketing Limited in accordance with this Privacy Notice and our panel of lenders and credit brokers. You are also agreeing that our lenders and brokers can use Credit Reference Agencies (CRAs) and Fraud Prevention Agencies (FRAs) to assess your credit (see below for more information regarding these agencies).
Please be aware that our lenders with whom we share your information may use it for their legitimate business interests to match applications, carry out fraud checks, carry out research such as analysis of market trends and customer demographics and to customise and develop the product/service which they may offer to you or other individuals in the future. Most lenders might use this for up to twelve months.
Our panel of lenders and credit brokers include the following, but are not limited to:
Credit Brokers (introducing customers to lenders):
Affiliate ROI LLC - Bizfella Limited - Butler Westbury Limited - Choose Wisely Limited - Click Loans Limited - Forefront Solutions Limited - Hamilton Digital Solutions Limited - Ineffable Limited - Interlincx Media Corporation - Leadtree Global Limited - Loan Mart Limited - Maintain Marketing Limited - Mediablanket Limited - Monevo Limited* - Money Genie Limited - Quiddi Hub Limited - Sandhurst Associates Limited - Savant International Limited - ScoresMatter Limited - Season Marketing Limited - Serpable Limited - Silver City Tech Limited - TdotUK Limited - TFLI Limited - Think Money Limited - Whitlock Corp Limited - William Ellis Sinclair (ZA033005).
*As part of your application for a loan, we will share your personal data with Monevo Limited (a regulated credit broker) who will then share your data with the members of its lender panel to try and find you a loan. Monevo may also share your personal data with TransUnion (formerly Callcredit) & other credit bureaus for the purposes of matching you to a lenderÃ¢â‚¬Â. Full information as to how they process your personal data and your rights can be found here
Lenders (providers of personal and short-term loans):
1plus1 Loans Limited t/a 1plus1 Loans - Active Securities Limited t/a 247Moneybox.com - Advancis t/a Buddy Loans - Amigo Loans t/a Amigo - AvantCredit of UK LLC t/a AvantCredit - Bamboo Limited t/a Bamboo - Care Retirement Options Limited t/a Care Finance and Loans - CashEuroNet UK LLC t/a Pounds to Pocket/Quick Quid - Cash on Go Limited t/a Peachy.co.uk - Curo Transatlantic Limited t/a WageDay Advance/Juo loans - DJS (UK) Limited t/a PiggyBank - Elevate Credit International Limited t/a Sunny.co.uk - Everyday Lending Limited t/a Everyday Loans/Trust Two/Selfy Loans - Evergreen Finance Limited Ferratum UK Limited t/a Ferratum - Gain Credit LLC t/a Lending Stream LLC - George Banco Limited t/a George Banco.com - Gracombex Limited t/a The Money Platform - Harvey & Thompson Limited t/a H&T Money - Hymarc Limited t/a Stepstone Credit - Indigo Michael Limited t/a Safety Net Credit - Lend a Hand Finance Limited - Loan Machine Limited t/a Lead Affinity - Loan Marketing Limited t/a Credit Perfect - Loans 2 Go Limited t/a Loans 2 Go - Match the Cash Limited t/a Guarantor My Loan.co.uk - MMP Financial Limited t/a SwiftSterling.co.uk - Mobile Money Ltd t/a Mobile Money - Morses Club PLC t/a Morses Club & Dot Dot Loans - My Finance Club Limited - MYJAR IT OU - Nextcredit Limited t/a Nextcredit - Novaloans Limited t/a CASH4UNOW.co.uk - PDL Finance Limited t/a Mr Lender - Progressive Money Limited - Provident Personal Credit Limited trading as Provident and Satsuma Loans with registered office at 1 Godwin Street BD1 2SU (email email@example.com ) - Quint Group Limited t/a Quint - Response Funding Limited t/a Response Funding - RS Datatech t/a UK Credit Ratings - Stagemount Limited t/a Quidmarket T Dot UK Limited t/a T.uk - Temple Finance Limited t/a PerfectHome - TFS Loans Limited t/a TFS Loans - The Quick Loan Shop Ltd t/a TheQuickLoanShopLtd.co.uk - TM Advances Limited t/a TM Advances - Total Home Loans Direct Limited t/a THL Direct - Trusted Cash Limited t/a Trusted Quid - UK Credit Limited t/a UK Credit - Uncle Buck Finance LLP t/a Uncle Buck - Valour Finance Limited t/a Savvy.co.uk - Vanquis Bank Limited - Western Circle Limited t/a CashFloat.co.uk*
*We may send personal information to Western Circle Limited who are authorised by the FCA as both a Lender and a Credit Broker. If Western Circle accepts an application but is unable to provide a customer with a loan directly, then it may choose to send the application to other lenders and/or credit brokers (all of whom will be authorised by the FCA) to find a loan.
Where customers have given their express consent to marketing, their personal data will be shared with us and our trusted third parties so we can inform them about products, services or offers which may be of interest.
Our trusted third parties include the following, but are not limited to:
Our related products, services and offers are:
Loan Comparison - Payday Loans/Short Term Credit - Debt Management - Loan Brokerage - Credit and Debit Cards - Credit Score Companies - Current Accounts - Guarantor Loans - Car Finance - Utility Switching - Broadband - Online Retailers - Claims - Tax Rebate.
We may need to disclose personal data to regulatory bodies such as the Financial Conduct Authority or Information Commissioner's Office or any other applicable regulatory, government, compliance or law enforcement agency.
We may also disclose personal data if required or permitted to do so by law or in connection with legal proceedings or in connection with the sale or transfer of our business.
Credit Reference Agencies and Fraud Prevention Agencies
Our lenders may use both credit referencing agencies and fraud prevention agencies to help make relevant decisions on any application.
Credit Reference Agencies (CRAs)
Fraud Prevention Agencies (FPAs)
When we assess an application we will also check a customerâ€™s identity in order to prevent fraud and crime; this includes money laundering. We may also make additional searches over periods of time with CRAs and FPAs. This ensures that our records are kept up to date with any vital data. This data will then be used to ascertain whether to continue or any future credit that may be available. As we have an obligation to comply with responsible lending, FPAs and CRAs assist us in doing so.
Please bear in mind that the data held may not be the same so it may be useful to contact all CRAs.
A small fee may be charged when data is requested. We have provided below contact details for the CRAs:
How long do we keep your data for?
The amount of time we retain your data for depends on the basis it was provided by you to us:
We will retain your personal data as advised above unless we have a legitimate reason for retaining it beyond those dates.
Where will your personal data be held?
Your personal data may be held within the European Economic Area which comes under the GDPR. Where personal data is transferred or stored outside of the European Economic Union we check whether the EU Commission has issued an adequacy decision, which is a confirmation from them that the personal data will be afforded the same level of protection as if it was within the European Economic Union.
If there is not an adequacy decision in place, and to comply with GDPR requirements, we will ensure the transfer of personal data is protected by other means, including where explicit consent from the data subject has been received or through contractual obligations with relevant third parties regarding usage of the personal data.
Confidentiality & security
Keeping your personal data secure and confidential is of tantamount importance to us. Due to this we have introduced rules, measures, specialist technology and implemented security policies to ensure that your data is protected.
We use Secure Sockets Layer (SSL) encryption to secure your personal data and only provide your personal data to the staff who have to access it for the function of carrying out their duties.
Whilst we make every attempt to protect your data there are still risks involved when inputting your data online and we need to make you aware of this.
We can further confirm that all parties we share your personal data with, such as our lenders, credit brokers and trusted third parties are bound by contract to maintain the security and integrity of your personal data.
Please be advised that, although Mindflow Marketing Limited takes all reasonable precautions to protect your data, no data storage or data transmission security is guaranteed. Accordingly, Mindflow Marketing Limited cannot, and does not, represent, warrant, or guarantee the complete security of any data storage or data transmission. You agree that your access to and use of this site and your use of Mindflow Marketing Limited's services, which necessarily includes data storage and data transmission, is carried out at your own risk.
4. Your Individual Rights
The GDPR provides the following rights for individuals:
Subject to certain circumstances, you are able to exercise all of the above rights.
Where you elect to exercise any of your rights please be aware we not charge you a fee.
However, if we receive excessive, repetitive or unfounded requests we are permitted to charge a reasonable fee.
Right to be informed
You have the right to be informed about the collection and use of your personal data. To be completely transparent with how we use your personal data we provide you with the following privacy information:
We regularly review, and where necessary, update our privacy information.
Right of access
You have the right to know who has access to your personal data, what it is being used for, where it's kept, and everything about your personal data as it passes through our data process.
A 'Subject Access Request' (SAR) can be made requesting us to supply you with all reasonable information or documentation that we hold relating to your personal data. Your SAR should be submitted in writing.
Before providing any information we must verify the identity of the person making the request using 'reasonable means'. We will ask you for your first name, surname, date of birth, address, a utility bill (or similar) and the method by which you received marketing communications.
Please email your SAR to our Data Protection Officer: firstname.lastname@example.org or post your request to Atrium Court, The Ring, Bracknell, England, RG12 1BW.
Responses will be provided electronically in a clear format unless requested otherwise.
We have one month to comply with this request but if the request is complex can extend the period for a further two months. You would be notified of the time limit when making the request.For more information on how you make a SAR please visit https://ico.org.uk/for-the-public/personal-information
Right to rectification
The GDPR includes a right for individuals to have inaccurate personal data rectified or completed if it is incomplete.
It is important that the personal data you input on this website is accurate, complete and up to date.
We will assume the personal data you provide is correct and provide our services on this basis. If fraudulent information is given then we may be alerted to this by a Fraud Prevention Agency.
If you think you have mistakenly given us incorrect information, please contact us at email@example.com and we will update it as soon as possible.
Whilst we make every effort to ensure the personal data we hold about you is right, if you notice any errors in any communications received from us please send us an email detailing the changes to the email address above and we will ensure it is accurate.
We will rectify the information within a month of receiving your request and inform all relevant third parties of the amendment. If the request is complex we can extend the period for a further two months.
Right to erasure
You have the right to erasure which is also known as a 'request to be forgotten'. This equates to asking for any personal data you have supplied to be removed from our systems where there is no reason to keep processing it.
This right can be exercised under the following circumstances:
We will suppress and remove all data held, upon request. Our marketing partners will immediately be informed of the request and will follow the same actions. We will however keep the communication of the 'request to be forgotten' for our records. Where we cannot remove all your personal data we will notify you.
Grounds on which we can legally refuse a request are:
Right to restrict processing
You can ask us to stop or restrict processing your personal data. It is an alternative to requesting erasure of your data.
This is not an absolute right and will only apply in certain circumstances such as:
As a matter of good practice we will automatically restrict processing your personal data whilst we are considering its accuracy or the legitimate grounds for processing the personal data in question.
When we restrict your personal data, we are still permitted to store it but not use it. We will inform all relevant third parties to confirm this right is carried out.
You can make a request for restriction at any time and we have one month in which to respond to your request. This can be extended by two months where the request is complex or we receive a number of requests. We would advise you if an extension is necessary clearly stating our reasons why.
Right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. Before transferring your personal data we will carry out rigorous checks to verify your identity.
The right to data portability applies:
If you request us to transfer your information we will do so in a format that is structured, commonly used and in a machine-readable form.
We will respond to your request within one month. This can be extended by two months where the request is complex or we receive a number of requests. We would advise you if an extension is necessary clearly stating our reasons why.
Right to object
You have the right to object to the processing of your personal data if it is for direct marketing purposes.
You can consent to receive direct marketing from us and our trusted third parties on our application page. This is not compulsory and, where consent has been given, it can be withdrawn at any time.
As soon as a 'right to object' request is received, we will cease processing your personal data and contact all parties we deal with to ensure they also cease processing your personal data. We ask for 3-5 working days to cease all communications.
5. Further Information
Notification of Breach
We make a promise as a company, that we will inform you at the first sign of a data breach. We want to make sure we are being completely transparent with you regarding your data and the security of your data. We will contact you via email or phone, to inform you of any suspicious activity.
Data Protection Officer
Within our company we have a designated DPO (Data Protection Officer), their contact details are as follows:
By calling: 0800 3600 284
Write to: The Data Protection Officer, Mindflow Marketing Limited, Atrium Court, The Ring, Bracknell, England, RG12 1BW
If you have any complaints about how we have used your personal data please contact our Data Protection Officer at firstname.lastname@example.org.
We do recommend that you bring any issues to our attention as soon as possible. The sooner we know about the issue the sooner we can help resolve it.
The ICO may be contacted at https://ico.org.uk/concerns/
By post at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Telephone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.
Usage of links to other sites
When you visit this website a small text file known as a 'cookie' is placed on your computer or other device which may provide some personal data details from you. Some cookies are required for the functioning of the website, others allow us to recognise you each time you visit and remember your preferences. Cookies are also used to improve user experience on the website, advertising, tracking and browsing habits.
Processing special categories of personal data
Should we be required to process your special categories of personal data, then we will notify you and seek your explicit consent prior to us doing so. Special categories of personal data as defined under GDPR are:
We do not knowingly collect any personal data from children under the age of eighteen. Applicants on this website must be eighteen years of age or older to use our services.