Privacy Notice for Eazy Business Finance
Effective Date: 2023-06-14
At Eazy Business Finance, we are committed to protecting your data and being transparent about how we use it. This Privacy Notice explains the purposes for which we process your data and your rights under UK data protection legislation. If you have any questions or concerns regarding processing your personal data, don’t hesitate to get in touch with us at email@example.com on 0756 376 9388.
We process personal data to provide commercial finance facilities to clients and engage with prospective clients and partners. The legal basis for processing your data depends on the specific circumstances. For customers, we process your data to provide financial facilities, invoice you, and maintain communication with you, which is necessary for the performance of a contract (Article 6(1)(b) of the UK GDPR).
We also process your data to perform due diligence checks as required by the UK's anti-money laundering legislation, which is our legal obligation (Article 6(1)(c) of the UK GDPR).
For prospective customers, we process your data to communicate with you and send occasional updates on our services. If you are from a 'business' entity, we may send you information as a legitimate interest activity (Article 6(1)(f) of the UK GDPR). If you are a sole trader, we can market to you without consent, as allowed by the Privacy and Electronic Communications Regulations 2003 (amended).
b. Prospective Customers:
We generally only transfer your data to other recipients with your permission. However, there are some exceptions:
We use the services of other organisations as data processors, and they are bound by data processing contracts to handle your data in accordance with the UK GDPR. These organisations include a cloud-based CRM platform (resident in the EEA), a marketing platform for email marketing (data stored in the USA using Standard Contractual Clauses), and a cloud-based email and document storage platform (data held in the UK). We also utilise the Zoom video conference platform for remote interviews and meetings.
We only transfer or process data outside the UK if the processor we use requires it. In such cases, we ensure approved mechanisms are in place under Article 46 of the UK GDPR, such as adequacy decisions, standard contractual clauses, or derogations in exceptional circumstances.
We retain your data only for as long as necessary for the stated purposes, legal obligations, or other legitimate purposes. The retention periods are determined based on the criteria set by the Financial Conduct Authority.