Privacy Policy

INTRODUCTION

Albatross Lending Group and affiliates (“we”, “us”, “our”) are committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and protect personal data and outlines your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. 

ABOUT US 

Albatross Lending Group is a UK-based lending business. For the purposes of data protection legislation, we act as the data controller. 

Business name: Albatross Lending Group Registered office: Aston House, Cornwall Avenue, London, N3 1LF Company number: 12686575 Data Protection Officer: Jordan Fearnley Brown Contact email: jordan@albatrosslending.co.uk 

INFORMATION WE COLLECT 

We may collect personal information depending on how you interact with us. This may include: 

• personal and contact information 
• financial and application information 
• identity and verification data required for anti-money laundering and know-your-customer checks 
• communications data. 

Where you have applied to us via an intermediary or broker your information will have been provided to us by them, on a lawful basis of legitimate interest. If you have applied to us directly the information will have been provided by you. Where personal data is not collected directly from you or a broker, it may be obtained from professional advisers, credit reference agencies, funding partners, or publicly available sources.

PURPOSES AND LAWFUL BASIS FOR PROCESSING 

We process personal data only where permitted under UK GDPR. The main purposes and lawful bases are as follows. 

Responding to enquiries and communications Lawful basis: Legitimate interests, to operate our business and respond to requests. 

Assessing and processing loan applications Lawful basis: Contract, to take steps at your request prior to entering into a contract and to perform contractual obligations. 

Managing and administering lending relationships Lawful basis: Contract and legal obligation, to manage agreements and meet regulatory requirements. 

• Identity verification, anti-money laundering, and fraud prevention Lawful basis: Legal obligation, to comply with applicable financial crime and regulatory laws. 

• Marketing communications Lawful basis: Consent, where required. Consent may be withdrawn at any time. 

We do not carry out automated decision-making that produces legal or similarly significant effects. 

PROVISION OF PERSONAL DATA 

The provision of certain personal data is primarily contractual and, in some circumstances, required to meet legal and regulatory obligations. 

Personal data is required to: 

• enter into and perform contracts with customers, suppliers, or business partners. 
• process orders, manage accounts, and deliver goods and services. 
• verify identity and prevent fraud; and 
• comply with applicable legal, regulatory, accounting, and tax obligations. 

If you choose not to provide the personal data, we request: 

• we may be unable to enter into a contract with you. 
• we may be unable to fulfil orders, supply goods, or provide services. 
• we may be unable to conduct necessary verification, compliance, or fraud prevention checks; and 
• as a result, our services may be delayed, restricted, or declined. 

Where personal data is requested for optional purposes, such as marketing communications, providing this data is not mandatory, and you may withdraw your consent at any time without affecting your ability to receive goods or services from us. 

SHARING YOUR INFORMATION 

We do not sell personal data. We may share information with professional advisers and service providers, funding or business partners involved in transactions, and regulatory or law enforcement authorities where required by law. 

To help us assess applications, prevent fraud, and meet our legal and regulatory obligations, we may obtain information about you from CRAs. We obtain this information via Creditsafe, which uses its data partner TransUnion to supply consumer credit and identity data. 

• Creditsafe Business Solutions Limited is authorised and regulated by the Financial Conduct Authority FCA Firm Reference Number: 742313 
• TransUnion International UK Limited is authorised and regulated by the Financial Conduct Authority FCA Firm Reference Number: 805757 

The information we receive may include data relating to your identity, credit commitments, payment history, and public record information. This data is used solely for legitimate business purposes, including creditworthiness assessment, identity verification, and fraud prevention, in accordance with applicable data protection laws. Further information about how Creditsafe and TransUnion process your personal data can be found in their respective privacy notices: 

• Creditsafe Privacy / Transparency Notice: 

Transparency Notice | Customers & Suppliers 

• TransUnion CRAIN (Credit Reference Agency Information Notice): 

https://www.transunion.co.uk/legal/privacy-centre/pc-credit-reference

• TransUnion Bureau Privacy Notice: 

https://www.transunion.co.uk/legal/privacy-centre/pc-bureau

Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place. These may include the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or other legally approved transfer mechanisms. 

DATA RETENTION

We retain personal data only for as long as necessary for the purposes for which it was collected. Loan and transaction records are generally retained for up to five years after the end of the business relationship, unless a longer period is required by law or regulatory obligations. 

DATA SECURITY 

We apply appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures are reviewed regularly. 

YOUR RIGHTS 

Under UK GDPR, you have the right to access your personal data; request correction of inaccurate or incomplete data; request deletion of your data where applicable; restrict or object to processing; request data portability in certain circumstances; and withdraw consent for marketing at any time. 

Requests may be made using the contact details above. We will respond in accordance with our legal obligations. 

COMPLAINTS 

If you have concerns about how we handle your personal data, please contact us so we can attempt to resolve the issue. You also have the right to complain to the Information Commissioner’s Office. 

Website: www.ico.org.uk 
Telephone: 0303 123 1113 
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. The most recent version will always be published with an updated effective date.