GDPR Policy

Lendit Loans GDPR Policy

1. Introduction

Lendit Loans ("the Company") is committed to protecting the privacy and personal data of our customers, employees, and other stakeholders in accordance with the General Data Protection Regulation (GDPR) and other relevant data protection laws and regulations. This GDPR Policy outlines our commitment to compliance with data protection requirements and our approach to handling personal data responsibly and securely.

2. Scope

This policy applies to all personal data processed by Lendit Loans in the course of our business activities, including but not limited to customer information, employee records, and data collected from website visitors and other third parties.

3. Principles of Data Protection

Lendit Loans adheres to the following principles of data protection as outlined in the GDPR:

- Lawfulness, fairness, and transparency: We will process personal data lawfully, fairly, and transparently, ensuring that individuals are informed about how their data is being used.
- Purpose limitation: We will only collect and process personal data for specified, explicit, and legitimate purposes and will not use it for any other purposes without consent.
- Data minimisation: We will only collect and process personal data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
- Accuracy: We will take reasonable steps to ensure that personal data is accurate, up-to-date, and kept current.
- Storage limitation: We will not keep personal data for longer than is necessary for the purposes for which it is processed.
- Integrity and confidentiality: We will process personal data in a manner that ensures its security, including protection against unauthorised or unlawful processing and accidental loss, destruction, or damage.
4. Data Collection and Processing

Lendit Loans collects and processes personal data for the following purposes:

- Providing financial services to customers
- Managing employee records and payroll
- Marketing and communication with customers
- Compliance with legal and regulatory requirements

We will only collect personal data that is necessary for the purposes for which it is processed, and we will obtain consent from individuals before collecting or processing their data where required by law.

5. Data Security

Lendit Loans implements appropriate technical and organizational measures to ensure the security of personal data and protect it against unauthorized or unlawful processing and accidental loss, destruction, or damage. This includes measures such as encryption, access controls, and regular security assessments.

6. Data Subject Rights

Lendit Loans respects the rights of data subjects as outlined in the GDPR, including the right to access, rectification, erasure, restriction of processing, data portability, and objection to processing. Data subjects can exercise these rights by contacting our Data Protection Officer (DPO) using the contact details provided in this policy.

7. Data Transfers

Lendit Loans may transfer personal data to third parties, including service providers and business partners, for the purposes outlined in this policy. We will only transfer personal data to third parties that provide sufficient guarantees regarding the protection of personal data and comply with applicable data protection laws and regulations.

8. Data Breach Response

In the event of a data breach involving personal data, Lendit Loans will promptly assess the breach, take appropriate measures to mitigate its impact, and notify the relevant supervisory authority and affected individuals as required by law.

9. Training and Awareness

Lendit Loans provides regular training and awareness programs to employees regarding their responsibilities under data protection laws and regulations and the importance of protecting personal data.

10. Compliance Monitoring and Review

Lendit Loans conducts regular audits and assessments to monitor compliance with this GDPR Policy and applicable data protection laws and regulations. We will review and update this policy as necessary to reflect changes in the legal and regulatory landscape or our business operations.

11. Contact Information

If you have any questions or concerns about this GDPR Policy or our data protection practices, please contact our Data Protection Officer (DPO) on 0151 452 0935.