Privacy Policy for end users

August 2019

Smartr365 Finance Ltd fully respects your right to privacy. We want you to understand the terms and conditions surrounding the capture, use and processing of any information we process on behalf of brokers about end clients.

This policy tells you how we process your personal information as a data processor on behalf of your broker / intermediary / introducer (data controller). Please take a few minutes to read it, and show it to anyone else connected to the product/service we provide.

This privacy policy relates to end clients whose broker / intermediary / introducer uses the Smartr365 platform to capture, store and process personal information.  We have a separate privacy policy for professional business clients, which can be found here.

When we talk about personal information we mean information about an individual that can identify them, like their name, address, e-mail address, telephone number and financial details. Any reference to “information” or “data” in this policy is a reference to personal information about a living individual.

We may collect and process the following personal information about you:

Type of data:
Who you are
Where you live
How to contact you
Examples of how we use it:
Servicing your product
Analysis & profiling
Enhancing our product and service offering
Product development and pricing

Type of data:
Personal details                                                 
Family details
Visual images & personal appearance
Financial details
Lifestyle and social circumstances
Examples of how we use it:
Analysis & profiling
Product development and pricing

Type of data:
• Bank and / or card details
• How you use your product
• Changes you make to your product or account
Examples of how we use it:
Servicing your product
Making sure our products and services are fit for purpose

Type of data:
Your creditworthiness
Examples of how we use it:
Product development and pricing
Making sure the product is right for you

Type of data:
Consent & preferences                                          
Ways you want us to market to you
Examples of how we use it:

Type of data:
Details on the devices and technology you use
Examples of how we use it:
Making sure our products and services are fit for purpose

Type of data:
Open data and public records                                      
Electoral register
Land register
Other information about you that is openly available on the internet 
Examples of how we use it:
Product administration

Type of data:
Documentary data and national identifiers                                    
Details about you that are stored in documents like:
Your passport
Drivers licence
Birth certificate
National Insurance number
Examples of how we use it:
Prevent financial crime  


Information we process about you is either entered into the Smartr365 platform by a broker, intermediary or introducer or directly by you following an initial consultation with your broker / intermediary / introducer. To understand where your broker, intermediary or introducer sourced your information, you would need to speak to them directly.

Please refer to our cookie policy for more information on how we use cookies.

We use personal information that we hold about you:

To carry out our responsibilities resulting from any agreements you’ve entered into with us and to provide you with the information, products and services that you’ve asked from us.

To provide you with marketing information about services and products we offer which may be of interest to you. If you have opted in to receive marketing from us, based on your marketing preferences, we may deliver this information by post, telephone, e-mail, SMS or personalised online marketing via our own platform, social media platforms and/or other third party websites e.g. YouTube.  Please note that if you choose not to receive online marketing, you will not see personalised messages using your personal data, however you may still see generic online advertising about our products and services. We will not sell your data to third parties for them to market to you. We may also send marketing to you using our “legitimate interests”, please see below for further information.

To tell you about changes to our services and products.

To comply with any applicable legal or regulatory requirements (including “know your customer” checks, or to comply with any applicable regulatory reporting or disclosure requirements).

For carrying out market research, statistical analysis and customer profiling to help us to improve our processes, products and services and generate new business (e.g. to understand digital behaviours, identify financial attitudes and develop more engaging communications).

To define our pricing and product / service development strategies.

To run our business in an efficient and proper way. This includes testing our systems, managing our financial position, business capability, planning, communications, corporate governance, and audit.

• For any other purpose that we've agreed with you from time to time.

When you apply for a product or to receive a service from us, the application form you fill out or the resulting contract may contain additional conditions relating to the way we use and process your personal information. These will apply in addition to the uses described in this document.

In some cases, we may use software or systems to make automated decisions (including profiling) based on the personal information we have, or collect from others. These may include:

The prevention and detection of fraud and financial crime: To perform transaction monitoring, identity verification, money laundering and sanctions checks, and to identify politically exposed individuals. We are required by law to perform these activities which may be achieved using solely automated means to make decisions about you. We may use these activities to decline the services you have requested or to stop providing existing services to you.

• Servicing activities such as: (i) Personalising the content and design of communications and online services and (ii) Determining when to provide tailored communications about your product (e.g. as a result of changes in your personal circumstances or lifestyle) and the appropriate channel(s) to use

These may be achieved using profiling in order to predict certain characteristics about you (e.g. your economic situation, interests, personal preferences or transactional behaviour). The activities will not have a detrimental effect on you.

Data protection laws require us to meet certain conditions before we’re allowed to use your personal information in the way we describe in this privacy policy. We take these responsibilities extremely seriously. To use your personal information, we’ll rely on the following conditions, depending on the activities we’re carrying out:

Providing our contracts & services to you: We’ll process your personal information to carry out our responsibilities resulting from any agreements you’ve entered into with us and to provide you with the information, products and services you’ve asked from us, which may include online services.

Complying with applicable laws: Complying with applicable laws: We may process your personal information to comply with any legal obligation we’re subject to.

Legitimate interests: To use your personal data for any other purpose described in this privacy policy, we’ll rely on a condition known as "legitimate interests". It’s in our legitimate interests to collect your personal data as it provides us with the information that we need to provide our services to you more effectively. We may use your information to:

Carry out market research and product development which can include creating customer demographics and/or profiling.

Continue to send marketing information, via post only, to customers who purchased a product before 25th May 2018 and did not opt-out, until such time as they have reviewed their marketing preferences (which can be done at any time).

Send marketing information, via post only, to customers who have a relevant and appropriate relationship with us.

Develop and test the effectiveness of marketing activities.

Develop, test and manage our brands, products and services.

Study and also manage how our customers use products and services from us and our business partners.

Manage risk for us and our customers.

This requires us to carry out an assessment of our interests in using your personal data against the interests you have as a citizen and the rights you have under data protection laws.

The outcome of this assessment will determine whether we can use your personal data in the ways described in this privacy policy (except in relation to marketing, where we’ll always rely on your consent). We’ll always act reasonably and give full and proper consideration to your interests in carrying out this assessment.

Consent: We may provide you with marketing information about our services or products where you’ve provided your consent for us to do so. You may opt out of marketing at any time by e-mailing or telephoning us.

Special category (sensitive) data: We do not currently process any special category data.

Criminal conviction data: We do not currently process any criminal conviction data.

Please be aware that the personal information you provide to us, and which we collect about you, is required for us to be able to provide our services to you and without it we may not be able to do so..

We’ll keep your personal information in accordance with our internal retention policies. We’ll determine the length of time we keep it for based on the minimum retention periods required by law or regulation. We’ll only keep your personal information after this period if there’s a legitimate and provable business reason to do so.

We’ll only disclose your information to:

Other companies within the Group, third-party suppliers, contractors and service providers for the purposes listed under “How do we use your information” above.

Selected third parties, so that they can contact you with details of the services that they provide, where you have expressly opted-in or consented to the disclosure of your personal data for these purposes.

Our regulators, government (e.g. HMRC) and law enforcement or fraud prevention agencies, as well as our professional advisers etc.

Additionally, we may disclose your personal information to third parties:

In the event that we sell or buy any business or assets, in which case we’ll disclose your personal data to the prospective seller or buyer of such business or assets.

If we, or substantially all of our assets, are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.

In order to enforce or apply the terms of any contract with you.

If we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or regulatory requirements, or otherwise for the prevention or detection of fraud or crime.

To protect you and us from financial crime, we may be required to verify the identity of new and sometimes existing customers. This may be achieved by using reference agencies to search sources of information relating to you (an identity search). This will not affect your credit rating. If you’ve been introduced to us by another company (e.g. bank, insurer, building.

We may access and use from other countries the information recorded by fraud prevention agencies.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“) to third-party suppliers, delegates or agents. We’ll take all reasonably necessary steps to make sure that your data is treated securely and in accordance with this privacy policy.

We’ll only transfer your data to a recipient outside the EEA where we’re permitted to do so by law (for instance, (A) where the transfer is based on standard data protection clauses adopted or approved by the European Commission, (B) where the transfer is to a territory that is deemed adequate by the European Commission, or (C) where the recipient is subject to an approved certification mechanism and the personal information is subject to appropriate safeguards, etc.).

Unfortunately, sending information via e-mail is not completely secure; anything you send is done so at your own risk. Once received, we will secure your information in accordance with our security procedures and controls.

You have rights under data protection law that relate to the way we process your personal data. More information on these rights can be found on the Information Commissioner’s website. If you wish to exercise any of these rights, please get in touch.

Your rights: 

1. The right to access the personal data that we hold about you.

2. The right to make us correct any inaccurate personal data we hold about you

3. The right to make us erase any personal data we hold about you. This right will only apply where for example:

• We no longer need to use the personal data to achieve the purpose we collected it for

• You withdraw your consent if we’re using your personal data based on that consent

• Where you object to the way we use your data, and there is no overriding legitimate interest

4. The right to restrict our processing of the personal data we hold about you. This right will only apply where for example:

• You dispute the accuracy of the personal data we hold

• You would like your data erased, but we require to hold it in order to stop its processing

• You have the right to require us to erase the personal data but would prefer that our processing is restricted instead

• Where we no longer need to use the personal data to achieve the purpose, we collected it for, but you need the data for legal claims.

5. The right to object to our processing of personal data we hold about you (including for the purposes of sending marketing materials to you).

6. The right to receive personal data, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to make us transfer this personal data to another organisation.

7. The right to withdraw your consent, where we’re relying on it to useyour personal data (for example, toprovide you with marketing information about our services or products).

8.  For automated decisions (including profiling), you have right to:

• Obtain an explanation of the decision and challenge it

• Request for the decision to be reviewed by a human being. 

Our Service may contain links to other sites that are not operated by us, for example Digidentity, Halifax. If you click on any third party link from Smartr365, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

If you have any questions about this privacy policy or wish to exercise any of your rights, please get in touch.

If you have any concerns about the way we process your personal data, or are not happy with the way we’ve handled a request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner’s Office. Their address is:

First Contact Team
Information Commissioner's Office
Wycliffe House
Water Lane

Smartr365 Finance Ltd complies with the requirements of the relevant legislation in the United Kingdom, specifically:

• The General Data Protection Regulation 2016/679 (GDPR)

• The UK data protection act 2018

• PECR (Privacy & Electronic Communications (EU Directive) Regulations 2003

Smartr365’s registered office is at 1 Queen Caroline Street, Hammersmith, W6 9YN and we are a company registered in the UK under company number 10487227. We are registered on the Information Commissioner’s Office Register and act as the data controller when processing your data, and as a processor when processing your clients’ data on your behalf. Our designated Data Protection Officer can be contacted on 

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. By being an end user of Smartr365 Finance Ltd website you agree to be bound by the amended policy.

If you have any questions about this Privacy Policy, please contact us:

• By visiting this page on our website:
• By email:
• By mail: 1 Queen Caroline Street, London, W6 9YN