Privacy Policy

Last updated May 2023.

We understand how important your privacy is and we take its security seriously. Please read this policy carefully, along with our Terms and Conditions and any other documents referred to in this policy, to understand how we collect, use and store your personal and business information.

When we refer to "you” or "your”, we mean you as the potential customer which will include all of your principals, directors, shareholders, employees, and any other sub-contractor affiliated with you.

Our Privacy Policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the user and our Website. Furthermore, the way this Website processes, stores and protects user data and information will also be detailed within this policy.

By providing us with your personal and business information, you consent to the collection and use of any information you provide in accordance with this privacy policy.

Our Website and any services provided by us "Services" may contain links to third party websites that are not covered by this Privacy Policy. We therefore ask you to review the privacy statements of other websites and applications to understand their information practices.

We have drafted this policy to be as clear and concise as possible. Please read it carefully to understand our policies regarding your information and how we will treat it. By using or accessing our Website or the Services, you agree to the collection, use and disclosure of information in accordance with this policy. This Privacy Policy may change from time to time and your continued use of the Website or the Services is deemed to be acceptance of such changes, so please check periodically for updates.

If you have any comments on this Privacy Policy, please email them to:

compliance@sorodo.co.uk

You have the right to make a complaint at any time to the Information Commissioner''s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Contents of this privacy policy

Who are we (Sorodo Limited)

Our website (merchantloanadvance.co.uk)

Why we collect your information

How we collect and use your information

Automated decisioning

If you fail to provide personal data

How do our funding partners use your personal and business data

Do we pass personal data to third parties

Transfer of your information outside the European Union

Marketing

How you can access and update your information

How you can request that we stop processing your information

How you can request that we delete the information we hold about you

How you can request that we stop marketing to you

How long do we keep your information

Security precautions in place to protect the loss, misuse or alteration of your information

Credit checks and potential impact to credit score

Cookies and how we use them

Third party websites, changes to this policy and further information

Who are we

We are Sorodo Limited, and this website (www.merchantloanadvance.co.uk) ("Website") is a trading name of Sorodo Limited. We act as a business finance intermediary for you, our customer and will only collect information that is relevant to your potential finance application.

In this policy, whenever you see the words "We", "Us" or "Our", it refers to both Sorodo Limited and our trading website www.merchantloanadvance.co.uk.

  • We are registered in England and Wales under company number 08039501, and our registered office address is St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Flintshire, CH7 1XB.
  • We are authorised and regulated by the Financial Conduct Authority under firm reference number 774781.
  • We are registered on the Register of Data Controllers with the Information Commissioner's Office number ZA160887.

We respect your right to privacy and will only process personal information you in accordance with the Data Protection Legislation which for the purposes of this policy shall mean: (i) unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998 and other applicable privacy laws.

Our Website

We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience.

When you use or contact our Website, you do so at your own discretion and provide any such personal details requested at your own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed below. Every effort has been made to ensure a safe and secure form to email submission process but we advise users using such form to email processes that you do so at your own risk.

As the party responsible for data processing we ensure that the processed data:

  • is processed in accordance with the applicable privacy regulations; and
  • is sufficiently protected to not be exposed to persons who should have no access to it, this both internally and externally by taking technical, contractual and organisational safety measures.

Why we collect your information

To provide our services to you, we shall need to collect and process personal and business data about you and disclose that personal and business data to a number of third-party funders to enable them to assess your eligibility for funding.

From time to time, it may be necessary to undertake a soft credit check against you from a third party approved credit agency, which will not affect your credit rating, but, will establish your eligibility for the funding, may assist in any decision making and, may result in the lending application being processed quicker.

This personal and business data is necessary to provide you with the quotations and services that you have requested. All personal data will be held in strictest confidence and used only for the purposes of providing the service you have requested, subject to certain exceptions as described below.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. Below is a list of the purposes for which we process your personal data, and the lawful basis on which we carry out such processing:

  1. Necessary for entering into, or performing, a contract - in order to perform obligations that we undertake in providing the Services, or in order to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal and business data;

  2. Necessary for compliance with a legal obligation - we are subject to certain legal requirements which may require us to process your information. We may also be obliged by law to disclose your information to a regulatory body or law enforcement agency;

  3. Necessary for the purposes of legitimate interests - either we, or a third party, will need to process your information for the purposes of our (or a third party's) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your information protected. Our legitimate interests include ensuring that our operations are conducted in an appropriate and efficient manner, responding to requests and enquiries from you or a third party, optimising our website and customer experience and informing you about our products and services;

  4. Consent - in some circumstances, we may ask for your consent to process your information in a particular way. To the extent that we are processing your information based on your consent, you will have the right to withdraw your consent at any time. You can do this by contacting us at compliance@sorodo.co.uk at any time.

In some instances, it may be appropriate for us to combine your information with other information that we may be holding about you, such as combining your name with your geographic location or your browsing or purchasing history.

How we collect and use your information

We collect your personal and business data in the following ways:

1. When you use our website

By visiting our Website, we automatically collect data relating to your browsing activity, including but not limited to:

  • your referring domain (the website you were referred from);
  • your IP address;
  • your user-agent (your browser information);
  • the pages that you visit within our Website;
  • your geographic location (country only);
  • the preferred language used to display the webpage;
  • date and time when website pages were accessed.

The data we collect from your browsing activity is passed onto third party companies for analytical purposes only. The service provided by our third parties allows us to evaluate how visitors use our Website and this information is used to help us improve our website and our visitor’s browsing experience. All of our third-party analytics companies will not share your information or be able to identify you with any other data held by them.

2. When you complete any application and information forms

By completing our information and application forms on our Website, we will ask for the following information to be completed by yourself:

  • How much funding do you require?;
  • Your first name;
  • Your last name;
  • The legal status of your business?;
  • Your company name;
  • How long have you been trading?;
  • Your phone number;
  • Your email address;
  • Do you accept card payments?;
  • Your average monthly CARD takings?;
  • Your average monthly takings?

We will also collect the following information automatically when you apply. The information collected will be used for fraud prevention:

  • your ip address;
  • your user-agent (browser)

3. When you email, phone, live chat or otherwise

We may collect information such as your first name, last name, email address and phone number. We may also request other information from you that is relevant to your application with us, if you are already an existing customer.

4. Information we receive from other sources

We only collect personal and business information to provide our services and to enable us to make and evaluate potential eligibility for third party lenders. For details of lenders we work with, please see our 'Our funding partners' list below.

We may use publicly available records such as companies house, public-facing websites and social media platforms.

We may receive information about you if you use any of the other websites we, or our group companies, operate or the other services we provide. We are also working closely with third parties (including, for example, business partners, service providers, advertising networks, analytics providers, and search information providers) and may receive information about you from them. This may be combined with other information you provide to us, as described above.

5. Through cookies

We also collect personal information about website usage through cookies (please see our Cookie Policy) and server logs, which track the IP addresses of users visiting our site and the pages they visit.

Automated decisioning

We use systems to make automated decisions based on the personal and business data that you provided to us during the application process. This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the funders who can access your application information.

As those decisions have a legal (or similarly significant effect) on you, you have the right to challenge such decisions under GDPR, requesting human intervention, expressing your own point of view, and obtaining an explanation of the decision from us.

The right described in this section does not apply in the following circumstances:

  1. the decision is necessary for the entry into, or performance of, a contract between you and us;
  2. the decision is authorised by law; or
  3. you have given your explicit consent

Here are the types of automated decisions we make:

We have strict filtering in place with our lenders where your application may not be passed onto a funder. For example:

  • Some of our lenders will not accept sole trader applications.
  • Some lenders require a minimum trading period, for example, you have to be trading more than 3 months.
  • Some of our lenders will not accept loan amounts below or above a certain threshold.
  • Some of our lenders require you to accept card payments online or offline.

Although we have filtering in place you have the right to opt out of automated decisioning and ask for us to present your application to a lender for them to manually review.

  • You can ask that we do not make our decision based on the automated score alone.
  • You can object to an automated decision, and ask that a person reviews it.

If you want to know more about these rights, please contact us.

If you fail to provide personal data

If you choose not to provide the personal information we request, you can still visit some areas of the Website, but you may be unable to access certain options and services that involve interaction or receive our Services. You have the final decision on whether to proceed with any activity that requests personal information.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.

How do our funding partners use your personal and business data

We will never share your information for marketing purposes and the information shared will be for the purpose of providing business finance quotes only.

As we are a business finance intermediary and to provide you with business finance quotes, we will share your information with the funders listed below. Our funding partners will use your personal and business data to assess and rate your information prior to issuing a quote. Some of our funding partners may search external sources (e.g. the edited electoral roll, county court judgments, bankruptcy registers) to assess your application for accuracy. Searches of this kind may be recorded by credit agencies, but they won't affect your credit rating. We may also use other third party providers from time to time but where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.

Your data will be anonymised (your personal and business identifiable information is hidden), and only the following information will be shown to the funder; How much funding do you require, What is the finance for, How long will you need funding for, The legal status of your business, When did your business start trading, Your average monthly total turnover, Does your business accept card payments, How much of the above monthly total turnover is from card sales, Does your business have owed invoices, Your business sector, Your residential status and Would you consider a personal or business guarantee. If the funder feels they can provide you with a quote, they will then be able to view your information and will contact you directly via email and/or phone to provide you with a quote.

We will only ever share your information if we are satisfied that our funding partners have sufficient measures in place to protect your information in the same way that we do. Anyone who receives information from us has a legal duty to keep it confidential.

We do not allow our third-party service providers or funding partners to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Our funding partners:

Funder Name ICO Number Privacy Policy
Liberis (Liberis Limited) Z9770715 Privacy Policy
Capify (United Kapital Limited) Z1824458 Privacy Policy

365 Finance (365 Business Finance Limited)

ZA018910

Privacy Policy

YouLend (YouLend Limited) ZA291008 Privacy Policy
Got Capital (Got Capital Ltd) ZA064277 Privacy Policy
Swiftfund (BizLend LTD) ZA495434 Privacy Policy
Momenta Finance (Merchant Money Limited) Z303864X Privacy Policy
Recap (Retail Capital (UK) Limited) ZB301544 Privacy Policy

Do we pass personal data to third parties

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice, except for those third parties including our funding partners, as already identified in this Privacy Policy. The term "outside parties" does not include Sorodo Limited. It also does not include our website hosting partners, subcontractors and other third parties who assist us in operating our website, conducting our business, our third party lenders, or servicing you, so long as those parties agree to keep this information confidential. We will not disclose any of your personal or business data to other parties without your permission unless we are legally required to do so by, for example, a court order, for the purposes of prevention of fraud or other crime, or by a regulator.

We are also allowed to disclose your information in the following cases:

  • If we want to sell our business, or our company, we can disclose it to the potential buyer.
  • We can disclose it to other businesses in our group.
  • We can disclose it if we have a legal obligation to do so, or in order to protect other people's property, safety or rights.

We can exchange information with others to protect against fraud or credit risks.

Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.

Transfer of your information outside the European Union

We may need to transfer your personal data outside of the European Union in order to provide you with the services and products you require. Some of these countries may not have laws that protect privacy rights as extensively as in the European Union. If we do transfer your personal information to other territories, we will take proper steps to ensure that your information is properly protected and ensure that we will only deal with suppliers outside the EU who are GDPR compliant and have policies in place to protect your data.

Marketing

By providing us with personal and business data, we will not market to your data unless you explicitly opt-in during the application process. You can opt out at any time via our website and with the opt-link provided via the marketing methods used.

We will also ensure through strict policies that the funders who receive your personal and business data will not market to your data unless you explicitly opt in with the funder.

As already indicated above, with your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email and/or telephone with information, news and offers on our Services if you opt in to do so. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.

In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at compliance@sorodo.co.uk, and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible services to you.

How you can access and update your information

Under the GDPR, You have the right to:

  • request access to, deletion of or correction of, Your personal data held by Us at no cost to You;
  • request that Your personal data be transferred to another person (data portability);
  • be informed of what data processing is taking place;
  • restrict processing;
  • to object to processing of Your personal data; and
  • complain to a supervisory authority.

The accuracy of your information is important to us. You have the right to ask for a copy of the information we hold about you, this information is provided free of charge, but we reserve the right to charge a small fee for excessive requests.

We’re working on ways to make it easier for you to review and correct the information that we hold about through a secure website. In the meantime, if you believe any of the information we hold is inaccurate or out of date. Please email us at compliance@sorodo.co.uk, or write to us at F.A.O The Data Controller. Sorodo Limited. St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Flintshire, CH7 1XB. Alternatively, you can telephone 01244 456 123.

How you can request that we stop processing your information

At any time you can inform us to stop processing the information that we hold about you. You can request that we stop processing your data altogether or request that specific funders stop processing your data. We will automatically inform the funder(s) to remove your personal and business information from their systems.

We’re working on ways to make it easier for you to complete this process online. In the meantime, please email us at compliance@sorodo.co.uk, or write to us at F.A.O The Data Controller. Sorodo Limited. St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Flintshire, CH7 1XB. Alternatively, you can telephone 01244 456 123.

How you can request that we delete the information we hold about you (right to be forgotten)

If you have submitted an application through our website, then you have the right to request that we cancel and remove your personal and business data from our systems. If your application has been sent to funders will automatically inform them of your request and inform them to remove your personal and business information.

We’re working on ways to make it easier for you to complete this process online. In the meantime, if you believe any of the information we hold is inaccurate or out of date. Please email us at compliance@sorodo.co.uk, or write to us at F.A.O The Data Controller. Sorodo Limited. St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Flintshire, CH7 1XB. Alternatively, you can telephone 01244 456 123.

How you can request that we stop marketing to you

We will only market to you if you have opted in via our application or information form. With all marketing methods, we provide a full opt-out link within the marketing media.

How long do we keep your information

Depending on the type of information that we obtain, the times may vary. However, generally speaking, we will keep the information for as long as it takes us to provide you with the required service.

If you have requested for us not to use your information for the purposes of marketing, this will come into effect, but we may keep your information on record so that we can ensure your preferences are upheld.

The information that you enter on our website will be kept in our records for a minimum of six years from the end of your connection with us. This is so that we’re able to respond to any queries or complaints that may arise. The information will not be used for any other purpose.

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example FCA regulation). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract, you hold with us.

Security precautions in place to protect the loss, misuse or alteration of your information

We have implemented various measures to ensure that the information is adequately protected against unauthorised access, use, disclosure and destruction. Please keep in mind that risk can never be eliminated but can be significantly mitigated and reduced. All measures which we have taken significantly reduce the risk. We shall not be held liable by any Third Party, including you, in any event of unauthorised access, use and/or disclosure of information provided that such is not due to gross negligence, wilful misconduct, fraud or bad faith by us.

Security measures adopted by us include:

  • Access to the information stored within Sorodo Limited servers is restricted to a limited number of Sorodo Limited employees and to users designated on our Customer's accounts and Third Parties who can access the information only in specific and limited circumstances and are bound by confidentiality;
  • Sorodo Limited servers are protected by;
    • firewalls establishing a barrier between Our trusted, secure internal network and the Internet,
    • DDoS mitigation and
    • IP restrictions, limiting access to whitelisted IPs
  • Each Customer may only access information pertaining to its Customer Website that it is tracking and to the specific End Users visiting such Customers Website.
  • We use HTTPS for our services providing secure transfer of data to prevent wiretapping and man-in-the-middle attacks.

If we give you a password upon registration on our Website, you must keep it confidential. Please don't share it.

By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.

Credit checks, potential impact to your credit score and how we share your personal information with Credit Reference Agencies.

You confirm that all of the information you have given is true and complete. Whilst we do not perform formal credit checks, we may carry out a soft credit search or identity check on you with one or more credit reference agencies ("CRAs"). Furthermore, the lender may wish to carry out credit checks from a major credit reporting bureau with any personal or business information that may be supplied to them under the provision of our Services to assess your creditworthiness. A missed and/or late payment may affect your credit score.

This information is also accessible from each of the three CRAs – clicking on any of these three links will also take you to the same CRAIN document:

Callcredit (Transunion)

Equifax

Experian

Cookies and how we use them

A cookie is a small file placed on your computer’s hard drive. It enables our website to identify your computer as you view different pages on our website.

Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.

All Cookies used by and on our Website are used in accordance with current English and EU Cookie Law.

Please view our Cookie Policy.

Third party websites

The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.

Changes to this policy

Please note that this privacy policy may be amended or updated. If this occurs, then we will make a notice available on our site.

Under 18

You must be over 18 to submit an application.

Change of Purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, or where this is required or permitted by law.

Consent

By using our Website and by way of acknowledgment, you hereby consent to this Privacy Policy.

Further Information

If you have any questions or queries about this privacy policy, then please email us on compliance@sorodo.co.uk or you can write to us at: Sorodo Limited, St Andrews Park, Queens Lane, Bromfield Industrial Estate, Mold, Flintshire, CH7 1XB.

If you need further information, extra help or support please let us know and we will do our best to assist you.

Accessibility Settings