Home/Privacy Policy

Privacy Policy

How Glender Ltd collects, uses, and protects your personal data.

Last updated: 1 January 2025

1. Who We Are

Glender Ltd ("Glender", "we", "us", "our") is a company registered in England & Wales. We are authorised and regulated by the Financial Conduct Authority (FCA) as a credit broker (FCA reference number: 123456). Our registered office is at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Glender Ltd is the data controller responsible for your personal data.

2. What Data We Collect

We may collect and process the following categories of personal data:

Personal Information

  • Full name, date of birth, and contact details (email, phone number, postal address)
  • National Insurance number and tax residency information
  • Identification documents (passport, driving licence, proof of address)

Financial Information

  • Income and employment details
  • Bank statements and existing financial commitments
  • Credit history and credit reference agency data
  • Details of existing property portfolios and assets

Property Information

  • Property addresses and valuations
  • Details of proposed purchases, developments, or refurbishments
  • Planning permissions and title information

Technical Data

  • IP address, browser type, and device information
  • Usage data and interaction patterns on our platform
  • Cookies and similar tracking technologies (see our Cookie Policy)

3. How We Use Your Data

We use your personal data for the following purposes:

  • Matching you with lenders: Sharing relevant application details with our panel of lenders to obtain finance offers suited to your requirements.
  • Credit and identity checks: Conducting credit reference agency searches and identity verification to assess affordability and prevent fraud.
  • Managing your account: Providing access to the Glender platform, processing applications, and tracking case progress.
  • Communication: Sending you updates about your application, important service notifications, and relevant product information.
  • Regulatory compliance: Fulfilling our obligations under FCA rules, anti-money laundering regulations, and other applicable laws.
  • Platform improvement: Analysing usage patterns to improve our technology, service, and user experience.

4. Legal Basis for Processing

We process your personal data under the following lawful bases:

  • Contract: Processing necessary for the performance of our credit broking agreement with you, including matching you with lenders and managing your application.
  • Legitimate interest: Processing necessary for our legitimate business interests, such as fraud prevention, platform security, and service improvement, provided these interests do not override your fundamental rights.
  • Legal obligation: Processing required to comply with FCA regulations, anti-money laundering laws, and other legal requirements.
  • Consent: Where you have given explicit consent, such as for marketing communications. You may withdraw consent at any time.

5. Who We Share Data With

We may share your personal data with the following third parties:

  • Lenders: Our panel of regulated lenders and financial institutions for the purpose of obtaining finance offers.
  • Credit reference agencies: Including Experian, Equifax, and TransUnion, to conduct credit searches and verify your identity.
  • Identity verification providers: Third-party services used to confirm your identity and prevent fraud.
  • Professional advisers: Solicitors, valuers, and other professionals involved in the finance process.
  • Regulatory bodies: The FCA, the Information Commissioner's Office (ICO), and other authorities where required by law.
  • Technology providers: Hosting, analytics, and platform services that process data on our behalf under strict contractual obligations.

We do not sell your personal data to any third party.

6. Data Retention

We retain your personal data for the following periods:

  • Active applications: For the duration of the application and finance process.
  • Completed cases: For 6 years after case completion, as required by FCA record-keeping obligations.
  • Unsuccessful applications: For 3 years from the date of the last activity, unless you request earlier deletion.
  • Marketing preferences: Until you withdraw consent or unsubscribe.
  • Technical logs: For up to 12 months for security and performance monitoring.

After the relevant retention period, your data will be securely deleted or anonymised.

7. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to restrict processing: Request a restriction on processing in certain circumstances.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at privacy@glender.io. We will respond within one month of receiving your request.

8. Cookies

Our platform uses cookies and similar technologies to provide functionality, analyse usage, and support marketing efforts. For full details, please read our Cookie Policy.

9. International Transfers

Your personal data is primarily stored and processed within the United Kingdom and European Economic Area (EEA). Where we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the ICO and adequacy decisions.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including 256-bit SSL encryption, access controls, regular security audits, and staff training on data protection. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or through a prominent notice on our platform. We encourage you to review this page periodically.

12. Contact Us

If you have any questions about this privacy policy or wish to exercise your data protection rights, please contact us:

  • Email: privacy@glender.io
  • Post: Data Protection Officer, Glender Ltd, 71-75 Shelton Street, Covent Garden, London WC2H 9JQ

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.