We in the Portify group (which covers data controllers Portify Financial Services Limited and Portify Limited) care about your privacy. We collect and process personal information with your privacy in mind.
This policy describes how we collect and use your personal data when you contact us, use our services, and/or become a Portify user. It also outlines your rights and how to exercise them. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it.
It is important that you read this policy before starting to use our services.
By personal data, we mean information about you from which you can be identified directly or indirectly such as your name, email address, gender, age, mobile and home telephone number, financial information, and your IP address.
We will collect and process the following personal data about you:
We use the personal data held about you in the following ways:
We do not disclose information about identifiable individuals to our advertisers or third parties but we may provide them with anonymous aggregate information about our users (for example, we may inform them that 100 women aged over 40 have clicked on their advertisement on any given day or the fact that a specific age group tends to have more direct debits on their account than another age group). We may use the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.
We may disclose your personal information to any member of our group from time to time, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.
We use social media platforms to promote our services and administer and obtain insights from accounts and pages we run on such platforms. In relation to such insights data, both we and the third party platform are controllers of any insights data relating to that page or account. For Facebook fan pages, we are required to enter into a contract with Facebook to reflect joint controllership. You can download this contract here. It contains further details and explanations on the joint controllership with Facebook in the context of fan page insights.
We will store your data on servers based within the UK or European Economic Area (EEA).
Occasionally we may use service delivery partners that are based outside the UK or EEA. Where your personal data is transferred outside the UK or EEA, it will only be transferred to countries that have been identified as providing adequate protection for personal data or to a third party where we have approved transfer mechanisms in place to protect your personal data – which is generally undertaken by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties which may certified under that scheme).
We will take all steps reasonably necessary to ensure that we treat your personal data securely. In particular, we shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
All personal data we hold is stored on our secure servers. Data relating to your payment transactions will be securely encrypted using TLS (Transport Layer Security). Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Site or App, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the App or our Site. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We use the very latest framework releases. We use tried and tested modules, and apply fundamental security considerations to every aspect of software design and development. We also frequently review and externally test our software. We filter identifiable information from server logs, encrypt identifiable information in our secure databases, and we only communicate over encrypted protocols.
In order to process your application, we may perform credit and identity checks on you with one or more credit reference agencies (“CRAs”). To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information. We will use this information to:
We will continue to exchange information about you with CRAs while you are subscribed to Portify Plus. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.
When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at www.experian.co.uk/crain CRAIN is also accessible from each of the three CRAs:
You have a number of rights under applicable data protection legislation. Some of these rights are complex, and not all of the details have been included below. In particular, you should be aware that these rights are not absolute and may be subject to certain conditions and exemptions. Further information can be found here.
Please note that you can access much of your data on the App or on the Site itself where you can make corrections, updates or deletions.
We reserve the right to charge an administrative fee if your request in relation to your rights is manifestly unfounded or excessive.
We may send you marketing communications from time to time.
You can choose to no longer receive marketing emails from us by contacting us at [email protected] or clicking unsubscribe from a marketing email. Please note that it may take us a few days to update our records to reflect your request If you ask us to remove you from our marketing list, we shall keep a record of your name and email address to ensure that we do not send you marketing information.
Our Sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates (including, but not limited to, websites on which the App or the Service are advertised). If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.
Please know if you have any complaints of any kind. We will do our absolute best to resolve them. If we are unable to do so, remember that you have a right to complain to the UK data protection regulator, the Information Commissioner’s Office.
We will give you at least 30 days’ notice of any material change by sending you an SMS or email with details of the change or notifying you of a change when you next start the App.
Portify Limited, trading as Portify and Portify Financial Services Limited, are both British companies registered at 31 Great Sutton Street, London, United Kingdom, EC1V 0NA.
Portify is committed to protecting and respecting your data and privacy. We have a nominated Data Protection Officer in charge of this. Portify is the responsible entity for processing your personal data noted above, and is known as the “controller” under applicable laws. That means that we determine how and why we will use your personal data.
Questions, comments and requests regarding these terms are welcomed. You can reach us and the Data Protection Officer on [email protected].