Security & Privacy Policy

Get the right funding for your business.

Everyday we help lots of businesses just like yours get the funding they need. From start-ups to well established companies, we can help your business grow.

Security

All the data we collect from you on the website is protected against unauthorised access. We maintain appropriate security measures and procedures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you on the website. We will not be responsible for breaches of our security beyond our reasonable control.

Links to Third Party Sites

Where there are links on the website to other sites, not operated by One Business Solutions Ltd, the content of those linked sites is not covered by this privacy policy and is not endorsed by One Business Solutions Ltd. These other sites will have separate privacy and data collection practices. We do not have responsibility or liability for these independent policies nor for the content, security or privacy practices of those other sites.

Consent

By using the website, you signify your agreement to be bound by the One Business Solutions Ltd Privacy Policy. If you do not agree with any term in this Policy, please do not use the Website or submit any personally identifiable information.

Contact

We strive to ensure that the information we maintain about our visitors is accurate, current and complete. If you have any questions regarding this policy or if you wish to review, update or correct your personal information, we can be contacted by mail or phone as follows:

Privacy Policy

One Business Solutions Ltd is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you or about you (including information you provide to us), will be processed by us. 

This website and our services are not intended for children and we do not knowingly collect data relating to children. 

It is important that you read this policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This policy supplements the other notices and is not intended to override them. 

Controller and our contact details 

One Business Solutions Ltd is made up of different legal entities, details of which are provided below: 

One Business Solutions Ltd (registered in England and Wales under company number 13788230) 

This privacy policy is issued on behalf of the One Business Solutions Ltd Group so when we mention (“One Business Solutions Ltd”, “the Group”, “we”, “us” or “our”) we are referring to the relevant company in the One Business Solutions Ltd responsible for processing your data.

We will let you know which entity will be the controller of your data when you purchase a product or service from us, but the nominated representative for all data privacy matters for the One Business Solutions Ltd is our Head of Legal, who can be contacted by post Automotive House 1st Floor East, Grays Place, Slough, Berkshire, England, SL2 5AF

hello@Onebusinesssolutions.co.uk 

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. 

Changes to this privacy policy and your duty to inform us of changes  

We keep our privacy policy under regular review. It is important that your personal data, held by the Group, is accurate and current. Please keep us informed if your personal data changes during your relationship with us. To do so, please contact us at hello@onebusinesssolutions.co.uk 

Collection of your personal data 

Personal data that may be collected by us includes the following: 

  • Information that you provide by visiting our website, including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that you access;
  • Information provided at the time of registering with us, including, but not limited to, your name, contact number, email address, date of birth, gender, passport or other identification details and financial information (including details of card transactions);
  • Information obtained from third parties providing basic information on senior decision makers at potential customers of ours, including their name, job title, employer’s name, work postal address, telephone number and email address;
  • Address and contact details;
  • Information provided as part of an application by a company about directors or shareholders of that company;
  • Information provided as part of an application by a partnership or LLP about partners or members of the applicant;
  • Information obtained from credit reference agencies as described in more detail below;
  • Information provided as part of an application by a small partnership /sole trader and any connected financial associates.
  • Information that you provide when providing feedback or when you report a problem with our website; and
  • Information that you provide when you contact us or we contact you. We may keep a record of that correspondence and information you disclose to us.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your website usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice. 

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. 

If you fail to provide personal data   

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to process your application or perform the contract we have or are trying to enter into with you (for example, to provide you with our products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time. 

Purpose and legal bases for processing 

We may collect and use your personal data in the following ways: 

  • to process your application (or the application of a company/partnership or shareholding  which you are connected to) with us;
  • to make, or cause searches to be made, at a credit reference agency, and other checks which we consider appropriate or necessary to fulfil any of our legal obligations on an ongoing basis;
  • to ensure that content from our website is presented in the most effective manner for you and for your computer;
  • to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes or we have a legitimate interest;
  • to allow you to participate in interactive features of our service, when you choose to do so; and/or
  • to notify you about changes to our service.

If you are an existing customer, we may contact you by telephone, SMS, e-mail or by written material with information about goods and services similar to those which were the subject of a previous sale or to deal with any requests for information or as a result of any breach of the terms of your agreement. 

If you are a potential new business customer and we do not think that we will be able to lend to your business, we may pass your data onto third parties who we think may be willing to lend to your business to contact you by electronic means or letter. 

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: 

  • to carry out our obligations arising from any contract entered into between you and us;
  • to comply with our legal obligations, or to exercise or defend our legal or contractual rights; or
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

Generally, we do not rely on consent as a legal basis for processing your personal data, although you are entitled to object to the processing of your personal data where we are relying on legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. You can exercise your rights any time by contacting us at hello@onebusinesssolutions.co.uk In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. 

When we may contact you 

The contacting of customers and relevant parties will be exercised on the following basis: 

  • where the data subject has given express consent to the processing of the personal data for one or more specific purposes to either the Group or its affiliates; or
  • where it is a party who we believe has a legitimate interest in the communication. This will be because a party:
  • has previously utilised the services of the Group;
  • has indicated an interest in the financial products provided by the Group; or
  • may have a professional interest in the Group and the services it provides.

The above includes (but is not limited to) a customer abandoning an application online before submission, direct marketing, the previous provision of working capital, or where the customer has requested to be added to the communications and/or newsletter campaign emails. This would have been either by opting in to receive offers from the Group or by opting in to receive such via third party collaborative competitions. 

The channels for which a legitimate interest assessment (“LIA”) has been conducted are as follows: 

  • PR;
  • Direct Marketing;
  • PPC Retargeting;
  • Email, SMS and other messaging services;
  • Social Media;
  • Customer Services; and
  • Affiliate companies.

Marketing 

We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decided which of our services may be relevant for you. You will receive marketing communications from us if you have requested information from us or engaged our services previously, and you have not opted out of receiving such marketing. We will usually get your express opt-in consent before we share your personal information with any third party for marketing purposes. The only exception to this is if you are a potential new business customer and we do not think that we will be able to lend to your business, we may pass your data onto third parties who we think may be willing to lend to your business to contact you by electronic means, post or telephone. 

Opting out 

You can ask us or a third party to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you, by contacting us at hello@onebusinesssolutions.co.uk or by informing us during a call. When you opt out of receiving these marketing messages, this does not mean we will stop processing your personal data provided to us as a result of any services we provide to you. 

Change of Purpose 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at hello@onebusinesssolutions.co.uk. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data, without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. 

To whom may the personal data be disclosed? 

We may permit selected third parties to use your data to provide you with information about products and services which may be of interest to you and they may contact you about these by email, post or telephone. 

We may also share your data with third party processors that are required in order for our business to function. These data processors include but are not limited to: 

  • Consumer Review Partners – including Trustpilot;
  • Reward Partners;
  • Paid Search Platforms – including Google AdWords’ and Analytics;
  • Email service providers;
  • Marketing Automations;
  • Social Media platforms;
  • Customer Relationship Management Systems; and
  • Outbound call centres who may contact you on our behalf to find out if you are interested in certain of our products or services which we believe may be of interest to you.
  • Third party partners undertaking managed outsourced functionality/validation on our behalf.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. 

We may disclose your personal information (as well as any other information about your payment records under any agreement with us) to: 

  • relevant legal authorities or third parties if required by law;
  • any member of our Group, which means subsidiaries, or the holding company both as defined in section 1159 of the Companies Act 2006 (as may be amended or re-enacted from time to time);
  • third parties in the event that we sell (or otherwise dispose of, including by way of security) or buy any business or assets, in which case we may disclose your personal data to the prospective seller, disposee or buyer of such business or assets;
  • if we or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation and other agreements; or
  • to protect the rights, property, or safety of the Group, subsidiaries, customers, or others; and
  • any debt collecting agents, third party agents or High Court Enforcement agents and in respect of any proposed charge of any agreement with us or our interest in any such agreement, or their advisers.

The above includes exchanging information with other companies and organisations including Credit Reference Agencies for the purposes of fraud protection and credit risk reduction. 

Credit Reference Agencies and CRAIN 

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs)”. When you apply for financial products from us, we may also carry out periodic searches at CRAs to manage your account. 

Where the application is in the name of a company we will carry out credit and identify checks against the directors and shareholders of the company.  Where the application is in the name of a partnership or LLP we will carry out those checks against partners or members of the applicant; where the application is a small partnership or sole trader we will carry out credit checks on the owners/partners and any connected members of the applicant(s). 

To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information. 

We will use this information to: 

  • assess creditworthiness and affordability;
  • verify accuracy of the data you have provided to us;
  • prevent criminal activity, fraud and money laundering
  • manage your account;
  • trace and recover debts; and
  • ensure any offers provided to you are appropriate to your circumstances.

Using information in this way is necessary for our legitimate interests of managing our credit and regulatory risk. 

We will continue to exchange information about you with CRAs while you have a relationship with the Group. If you do not repay in full and on time, we are at liberty to report the same to the CRAs. 

When CRAs receive a search from us they will place a Directors footprint on your credit file that may be seen by other lenders.  However, whilst a Director footprint is visible to other lenders and therefore Clearscore classifies this as a hard footprint, A Director footprint will not impact an individual’s personal credit score and is not used within consumer lenders’ credit policy decisions. 

In utilising the data held with credit reference agencies, we must abide by the Principles of Reciprocity by contributing the same level of credit performance data that we receive. As such, we will continue to exchange information about your repayment history with credit reference agencies while you have a relationship with us. 

If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your file until such time as you or your partner successfully files for a disassociation with the CRAs to break that link. 

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention and your data protection rights with the CRAs are explained in more detail in the industry-wide credit reference agency information notice (“CRAIN”). 

The CRAIN is accessible from each of the three CRAs set out below – clicking on any of these three links will take you to the same CRAIN Document. 

Call Credit: www.callcredit.co.uk/crain 

Equifax: www.equifax.co.uk/crain 

Experian: www.experian.co.uk/crain 

If you would like more details of the CRAs from which we have obtained or may obtain your personal information, please contact us at hello@onebusinesssolutions.co.uk  

 

 

International transfers 

We share your personal data within One Business Solutions Ltd. This will involve the transfer of your data outside the UK. 

Many of our external third parties are based outside the UK, in countries such as India, Vietnam, Ukraine the USA or within the European Union, so their processing of your personal data will involve a transfer of data outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. 

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented: 

  • we will only transfer your personal data to a country that has been deemed to provide an adequate level of protection for personal data by the UK government; or
  • where we use certain service providers, we may use specific contract terms approved by the UK data protection authority which give personal data the same protection it has in the UK.

Please contact us at hello@onebusinesssolutions.co.uk if you would like further information on the specific mechanism used by us when transferring your personal data outside of the EEA. 

Data security 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. 

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. 

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. 

Retention Period 

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. 

In the absence of the Group having any overriding lawful or contractual requirement to the contrary, personal data will be kept for a period of 6 years from the date of last contact. 

Personal data rights 

We want you to have in control over your information and under certain circumstances, you have the right to do the following: 

  • to request access to the personal data we hold on you;
  • to request any rectification and /or erasure of your personal data or processing concerning the data subject;
  • to object to processing of your personal data or to request restriction of processing your personal data;
  • to exercise your right to data portability;
  • to exercise your right to be forgotten if you no longer wish for us to store any of your personal details. Unless we have an overriding legal or contractual right, all applicable data will be deleted from our systems;
  • to exercise your right to withdraw consent to processing at any time, without affecting the lawfulness of processing based on consent before its withdrawal. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. You should note that notwithstanding the withdrawal of consent, we may be legally required to retain some or all of your personal data; and
  • to exercise your right to lodge a complaint with a supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority so please contact us in the first instance.

If you wish to exercise any of your rights set out above, simply contact us at hello@onebusinesssolutions.co.uk detailing your request. We will aim to respond to all legitimate requests relating to your rights above within one month of receipt of your request. Occasionally it may take us longer than one month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up your response. 

Third party links 

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. Clicking on those links may allow such third parties to collect or share data about you. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. 

Cookies served by Equifax are held on One Business Solutions website. CookieYes is a credit reporting agency. These cookies will be used to serve adverts to visitors based upon the websites they’ve been to previously. 

Personal data requirement and the consequences of failing to provide it 

If the personal data we require is not disclosed to us, and we require such personal data by law or under the terms of a contract, we may be unable to progress your application or perform the contract we have or are trying to enter into with you (for example, to provide you with a cash advance or a business loan). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time. 

No automated processing 

We do not use automated processing for decision-making to make decisions about individuals. All applications are reviewed and assessed by our team on their own respective merits. 

IP addresses and cookies 

We may collect information about your computer, including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us: 

  • to estimate our audience size and usage pattern;
  • to store information about your preferences, and so allow us to customise our site according to your individual interests;
  • to speed up your searches; and
  • to recognise you when you return to our site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system may issue cookies when you log on to our site. For more information about the cookies we use, please see our Cookie Policy

Changes to our privacy policy 

We reserve the right to change this privacy policy at any time and without prior notification. Any changes we may make to our privacy policy in the future will be posted on our website and will be effective upon posting. 

Last updated 17 January 2023.