Capify Merchant Cash Advances and Capify Business Loans are provided by Capify UK LLC and UK SME Capital LLC
Capify is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you or about you (including information you provide to us), will be processed by us.
This website and our services are not intended for children and we do not knowingly collect data relating to children.
It is important that you read this policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This policy supplements the other notices and is not intended to override them.
Controller and our contact details
Capify is made up of different legal entities, details of which are provided below:
Capify UK LLC (registered in the USA)
United Kapital Limited LLC (registered in the USA)
Capiota Limited LLC (registered in the USA)
UK SME Capital LLC (registered in the USA)
United Kapital Limited (registered in England and Wales under company number 06575165)
Capiota Limited (registered in England and Wales under company number 08080805)
Capify UK Limited (registered in England and Wales under company number 11715963)
United Merchant Services Limited (registered in England and Wales under company number: 06786988)
(together “the Capify Group”).
We will let you know which entity will be the controller of your data when you purchase a product or service from us, but the nominated representative for all data privacy matters for the Capify Group is our Head of Legal, who can be contacted by post at Station House, Stamford New Road, Altrincham, WA14 1EP or by email at [email protected].
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Collection of your personal data
Personal data that may be collected by us includes the following:
We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your website usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to process your application or perform the contract we have or are trying to enter into with you (for example, to provide you with our products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Purpose and legal bases for processing
We may collect and use your personal data in the following ways:
If you are an existing customer, we may contact you by telephone, SMS, e-mail or by written material with information about goods and services similar to those which were the subject of a previous sale or to deal with any requests for information or as a result of any breach of the terms of your agreement.
If you are a potential new business customer and we do not think that we will be able to lend to your business, we may pass your data onto third parties who we think may be willing to lend to your business to contact you by electronic means or letter.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Generally, we do not rely on consent as a legal basis for processing your personal data, although you are entitled to object to the processing of your personal data where we are relying on legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. You can exercise your rights any time by contacting us at [email protected]. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
When we may contact you
The contacting of customers and relevant parties will be exercised on the following basis:
The above includes (but is not limited to) a customer abandoning an application online before submission, direct marketing, the previous provision of working capital, or where the customer has requested to be added to the communications and/or newsletter campaign emails. This would have been either by opting in to receive offers from the Group or by opting in to receive such via third party collaborative competitions.
The channels for which a legitimate interest assessment (“LIA”) has been conducted are as follows:
We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decided which of our services may be relevant for you. You will receive marketing communications from us if you have requested information from us or engaged our services previously, and you have not opted out of receiving such marketing. We will usually get your express opt-in consent before we share your personal information with any third party for marketing purposes. The only exception to this is if you are a potential new business customer and we do not think that we will be able to lend to your business, we may pass your data onto third parties who we think may be willing to lend to your business to contact you by electronic means, post or telephone.
You can ask us or a third party to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you, by contacting us at [email protected] or by informing us during a call. When you opt out of receiving these marketing messages, this does not mean we will stop processing your personal data provided to us as a result of any services we provide to you.
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at [email protected]. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data, without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
To whom may the personal data be disclosed?
We may permit selected third parties to use your data to provide you with information about products and services which may be of interest to you and they may contact you about these by email, post or telephone.
We may also share your data with third party processors that are required in order for our business to function. These data processors include but are not limited to:
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may disclose your personal information (as well as any other information about your payment records under any agreement with us) to:
The above includes exchanging information with other companies and organisations including Credit Reference Agencies for the purposes of fraud protection and credit risk reduction.
Credit Reference Agencies and CRAIN
In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs)”. When you apply for financial products from us, we may also carry out periodic searches at CRAs to manage your account.
Where the application is in the name of a company we will carry out credit and identify checks against the directors and shareholders of the company. Where the application is in the name of a partnership or LLP we will carry out those checks against partners or members of the applicant; where the application is a small partnership or sole trader we will carry out credit checks on the owners/partners and any connected members of the applicant(s).
To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We will use this information to:
Using information in this way is necessary for our legitimate interests of managing our credit and regulatory risk.
We will continue to exchange information about you with CRAs while you have a relationship with the Group. If you do not repay in full and on time, we are at liberty to report the same to the CRAs.
When CRAs receive a search from us they will place a Directors credit search on your credit file that may be seen by other lenders. However, whilst a Directors credit search is visible to other lenders and therefore Clearscore classifies this as a hard footprint, A Directors credit search will not impact an individual’s personal credit score and is not used within consumer lenders’ credit policy decisions.
In utilising the data held with credit reference agencies, we must abide by the Principles of Reciprocity by contributing the same level of credit performance data that we receive. As such, we will continue to exchange information about your repayment history with credit reference agencies while you have a relationship with us.
If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your file until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention and your data protection rights with the CRAs are explained in more detail in the industry-wide credit reference agency information notice (“CRAIN”).
The CRAIN is accessible from each of the three CRAs set out below – clicking on any of these three links will take you to the same CRAIN Document.
Call Credit: www.callcredit.co.uk/crain
If you would like more details of the CRAs from which we have obtained or may obtain your personal information, please contact us at [email protected].
We share your personal data within the Capify Group. This will involve the transfer of your data outside the UK.
Many of our external third parties are based outside the UK, in countries such as India, Vietnam, Ukraine the USA or within the European Union, so their processing of your personal data will involve a transfer of data outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers.
Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:
Please contact us at [email protected] if you would like further information on the specific mechanism used by us when transferring your personal data outside of the EEA.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
In the absence of the Group having any overriding lawful or contractual requirement to the contrary, personal data will be kept for a period of 6 years from the date of last contact.
Personal data rights
We want you to have in control over your information and under certain circumstances, you have the right to do the following:
If you wish to exercise any of your rights set out above, simply contact us at [email protected] detailing your request. We will aim to respond to all legitimate requests relating to your rights above within one month of receipt of your request. Occasionally it may take us longer than one month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up your response.
Third party links
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. Clicking on those links may allow such third parties to collect or share data about you. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Cookies served by Equifax are held on Capify’s website. Equifax is a credit reporting agency. These cookies will be used to serve adverts to visitors based upon the websites they’ve been to previously.
Click here for more information about Equifax and how to disable this cookie.
Personal data requirement and the consequences of failing to provide it
If the personal data we require is not disclosed to us, and we require such personal data by law or under the terms of a contract, we may be unable to progress your application or perform the contract we have or are trying to enter into with you (for example, to provide you with a cash advance or a business loan). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.
No automated processing
We do not use automated processing for decision-making to make decisions about individuals. All applications are reviewed and assessed by our team on their own respective merits.
IP addresses and cookies
We may collect information about your computer, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
Last updated 14 September 2022.