Book a Demo

Privacy Policy

Last Updated: 4th November 2024

Section 1. About Credit Canary

Credit Canary is a limited company registered in England and Wales under company number 14117508 and whose registered office is Unit D, Pendyris Street, Cardiff, Wales, CF11 6BH.

Credit Canary acts as both a data controller and a data processor concerning personal information. As a data controller, Credit Canary is responsible for managing and protecting the personal data collected through our direct interactions with you. Credit Canary serves as a data processor when providing services to clients. In these instances, our responsibilities are outlined in individual contracts with each client.

DPO: James Fell, Chief Executive Officer — dpo@creditcanary.co.uk — Unit D, Pendyris Street, Cardiff, Wales, CF11 6BH

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO) to which it is registered under ZB437267.

Section 2. Information that Credit Canary collects

2.1 Client-Provided Data

Personal details, contact information, identification numbers, fraud-related information, other relevant data.

2.2 External Sources

Public records, third-party data providers, internally built databases.

2.3 Financial and Credit Data

Bank account and transactional data via Open Banking (PSD agent of obconnect Limited, FRN: 935017); credit reference data from TransUnion International UK Limited (Company Number: 03961870).

2.4 Service User Information

Contact details, financial information for billing.

2.5 Website Visitor Data

Device information, usage data, cookies.

2.6 Direct Submissions

Name, contact details, nature of inquiry.

Section 3. How Credit Canary may use your information

  • 3.1 Client Service Delivery
  • 3.2 Service Operation and Improvement: analyse usage patterns, enhance functionality, strengthen security, prevent fraud, resolve issues.
  • 3.3 Legal Compliance and Rights Protection
  • 3.4 Consent-Based Usage
  • 3.5 Data Triangulation: combining information for categorisation, enrichment and validation.
  • 3.6 Aggregate Data: anonymised aggregate information for research and analysis.

Section 4. Legal Basis for Data Collection and Use

  • 4.1 Consent
  • 4.2 Contractual Obligations
  • 4.3 Legal Compliance
  • 4.4 Legitimate Interests
  • 4.5 Performance of Agreement

Section 5. Information Sharing Practices

  • 5.1 Client Service Delivery
  • 5.2 Business Transitions
  • 5.3 Partnerships with Service Providers
  • 5.4 Legal and Regulatory Compliance
  • 5.5 User-Directed Sharing

Section 6. Website Tracking and Marketing

Activity logs, embedded solutions, digital identifiers, web beacons.

Section 7. Safeguarding Your Data

  • 7.1 Advanced Security Standards (ISO27001)
  • 7.2 Robust Storage Solutions (encrypted Azure servers, UK)
  • 7.3 Strict Access Controls
  • 7.4 Confidentiality Agreements
  • 7.5 Two-factor authentication (2FA)
  • 7.6 Limited Data Exports
  • 7.7 Reporting Security Concerns: dpo@creditcanary.co.uk

Section 8. Transfer of Data

  • 8.1 Stringent Data Protection Standards
  • 8.2 Contractual Safeguards
  • 8.3 Global Service Accessibility

Section 9. Retention of Data

  • 9.1 Purpose-Driven Retention
  • 9.2 Tailored Retention Periods
  • 9.3 Minimisation and Necessity
  • 9.4 Regular Reviews
  • 9.5 Your Right to Be Forgotten: dpo@creditcanary.co.uk

Section 10. Your legal rights

Right to be informed, right of access, right to rectification, right to erasure, right to object, right to restrict processing, right to data portability.

Contact: dpo@creditcanary.co.uk

Section 11. Notification of changes and acceptance of policy

Credit Canary keeps this Privacy Policy under review. Continued access constitutes acceptance of modifications.

Section 12. Interpretation

All uses of "including" mean "including but not limited to."