I. Lawful Basis and Transparency

SmartMoneyPeeps blog (“We, Us”) is committed to protecting your personal data. We want you to be familiar with how we collect, process, use and disclose Users’ (“your”) personal data. This notice (the “Privacy Policy”) describes our practices in connection with any personal data we collect from you, or that you provide to us. By visiting www.smartmoneypeeps.com and making use of any of the services listed in the “Categories” section below, you are accepting and consenting to this Privacy Policy.

Why we collect information

To provide our services to you, we need to collect and process personal and business data about you and disclose that personal and business data to a number of third-party funders. This personal and business data is necessary to provide you with the finance services that you have requested. All personal data will be held in strictest confidence and used only for the purposes of providing the service you have requested, subject to certain exceptions as described below.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. Below is a list of the purposes for which we process your personal data, and the lawful basis on which we carry out such processing:

Necessary for entering into, or performing, a contract – in order to perform obligations that we undertake in providing the Services, or in order to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal and business data;

Necessary for compliance with a legal obligation – we are subject to certain legal requirements which may require us to process your information. We may also be obliged by law to disclose your information to a regulatory body or law enforcement agency;

Necessary for the purposes of legitimate interests – either we, or a third party, will need to process your information for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your information protected. Our legitimate interests include ensuring that our operations are conducted in an appropriate and efficient manner, responding to requests and enquiries from you or a third party, optimizing our website and customer experience and informing you about our products and services;

Consent – in some circumstances, we may ask for your consent to process your information in a particular way. To the extent that we are processing your information based on your consent, you will have the right to withdraw your consent at any time. You can do this by contacting us at www.smartmoneypeeps.com at any time.

In some instances, it may be appropriate for us to combine your information with other information that we may be holding about you, such as combining your name with your geographic location or your browsing or purchasing history.

How we collect information

We collect your personal and web data in the following ways:

1. When you use our website

By visiting our Website, we automatically collect data relating to your browsing activity, including but not limited to:

  • Your referring domain (the website you were referred from);
  • Your IP address;
  • Your user-agent (your browser information);
  • The pages that you visit within our Website;
  • Your geographic location (country only);
  • The preferred language used to display the webpage;
  • Date and time when website pages were accessed.

2. When you complete our application form

By completing the user form on our Website, we will ask for the following information to be completed by yourself:

  • Your full name;
  • Your email address
  • Your website address

3. Through cookies

We also collect personal information about website usage through cookies (please see our Cookie Policy) and server logs, which track the IP addresses of users visiting our site and the pages they visit.

Automation

We use systems to make automated decisions based on the personal and web data that you provided to us during the application process. This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the funders who can access your application information.

As those decisions have a legal (or similarly significant effect) on you, you have the right to challenge to such decisions under GDPR, requesting human intervention, expressing your own point of view, and obtaining an explanation of the decision from us.

The right described in this section does not apply in the following circumstances:

The decision is necessary for the entry into, or performance of, a contract between you and us;

The decision is authorized by law; or

You have given your explicit consent

You can ask that we do not make our decision based on the automated score alone.

You can object to an automated decision, and ask that a person reviews it.

If you want to know more about these rights, please contact us.

4. If you fail to provide personal data

If you choose not to provide the personal information we request, you can still visit some areas of the Website, but you may be unable to access certain options and services that involve interaction or receive our Services. You have the final decision on whether to proceed with any activity that requests personal information.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.

How do our funding partners use your personal and business data?

We will never share your information for marketing purposes and the information shared will be for the purpose of providing business finance quotes only.

As we are a business finance intermediary and to provide you with business finance quotes, we will share your information with the funders listed below. Our funding partners will use your personal and business data to assess and rate your information prior to issuing a quote. Some of our funding partners may search external sources (e.g. county court judgments, bankruptcy registers) to assess your application for accuracy. Searches of this kind may be recorded by credit agencies, but they won’t affect your credit rating. We may also use other third party providers from time to time but where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.

Your data will be anonymized. We will only ever share your information if we are satisfied that our funding partners have sufficient measures in place to protect your information in the same way that we do. Anyone who receives information from us has a legal duty to keep it confidential.

We do not allow our third-party service providers or funding partners to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Do we pass personal data to third parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice, except for those third parties including our funding partners, as already identified in this Privacy Policy. The term “outside parties” does not include smart money peeps. It also does not include our website hosting partners, subcontractors and other third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We will not disclose any of your personal or business data to other parties without your permission unless we are legally required to do so by, for example, a court order, for the purposes of prevention of fraud or other crime, or by a regulator.

We’re working on ways to make it easier for you to review and correct the information that we hold about through a secure website. In the meantime, if you any of the information we hold is inaccurate or out of date. Please email us at www.smartmoneypeeps@gmail.com

II. DATA SECURTY

 Disclosures of your personal data

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice, except for those third parties including our funding partners, as already identified in this Privacy Policy. The term “outside parties” does not include SMART MONEY PEEPS. It also does not include our website hosting partners, subcontractors and other third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We will not disclose any of your personal or business data to other parties without your permission unless we are legally required to do so by a court order for the purposes of prevention of fraud or other crime, or by a regulator.

We are also allowed to disclose your information in the following cases:

If we want to sell our business, or our company, we can disclose it to the potential buyer.

We can disclose it to other businesses in our group.

We can disclose it if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights.

We can exchange information with others to protect against fraud or credit risks.

Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.

 Transfer of your information outside the European Union

We may need to transfer your personal data outside of the European Union in order to provide you with the services and products you require. Some of these countries may not have laws that protect privacy rights as extensively as in the European Union. If we do transfer your personal information to other territories, we will take proper steps to ensure that your information is properly protected and ensure that we will only deal with suppliers outside the EU who are GDPR compliant and have policies in place to protect your data.

Marketing

By providing us with personal and web data, we will not market to your data unless you explicitly opt-in during the application process. You can opt out at any time via our website and with the opt-link provided via the marketing methods used.

We will also ensure through strict policies that the funders who receive your personal and business data will not market to your data unless you explicitly opt in with the funder.

As already indicated above, with your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email and/or telephone with information, news and offers on our Services if you opt in to do so.

We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.

In addition, if you do not want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at compliance smartmoneypeeps.com, and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible services to you.

How you can access and update your information

Under the GDPR, You have the right to:

  • Request access to, deletion of or correction of, your personal data held by us at no cost to You;
  • Request that your personal data be transferred to another person (data portability);

Be informed of what data processing is taking place restrict processing to object to processing of your personal data and complain to a supervisory authority. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We cannot guarantee the security of any personal data that you disclose online, for example when it is sent by email. You accept the inherent security risks of providing information online over the internet and will not hold SMART MONEY PEEPS responsible for any breach of security unless this is due to Social Finance’s negligence or willful default.

Security precautions in place to protect the loss, misuse or alteration of your information

We have implemented various measures to ensure that the information is adequately protected against unauthorized access, use, disclosure and destruction. Please keep in mind that risk can never be eliminated but can be significantly mitigated and reduced. All measures which we have taken significantly reduce the risk. We shall not be held liable by any Third Party, including you, in any event of unauthorized access, use and/or disclosure of information provided that such is not due to gross negligence, willful misconduct, fraud or bad faith by us.

Security measures adopted by us include:

Access to the information stored within SMART MONEY PEEPS is restricted to a limited number of SMART MONEY PEEPS employees and to users designated on our Customer’s accounts and Third Parties who can access the information only in specific and limited circumstances and are bound by confidentiality;

SmartMoneyPeeps servers are protected by;

  • Firewalls establishing a barrier between our trusted, secure internal network and the Internet,
  • DDOS mitigation and
  • IP restrictions, limiting access to whitelisted IPs

Each Customer may only access information pertaining to its Customer Website that it is tracking and to the specific End Users visiting such Customers Website.

We use HTTPS for our services providing secure transfer of data to prevent wiretapping and man-in-the-middle attacks.

If we give you a password upon registration on our Website, you must keep it confidential. Please DO NOT SHARE IT.

Data retention

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

You can request details of retention periods for specific categories of your personal data by contacting us.

 III. ACCOUNTABILITY AND GOVERNANCE

We have designated an official at SmartMoneyPeeps responsible for ensuring GDPR compliance. Our personnel is empowered to evaluate data protection policies and the implementation of those policies. This includes any signed third-party services that handle the personal data of your data subjects, including analytics software, email services, cloud servers, etc. The vast majority of services have a standard data processing agreement available on their websites for you to review. They spell out the rights and obligations of each party for GDPR compliance. We only use third parties that are reliable and can make sufficient data protection guarantees.

For our Subscribers outside the EU, We have appointed a representative within one of the EU member states to communicate on our behalf with our data protection authorities.

 IV. PRIVACY RIGHTS

It’s easy for you to request and receive all the information we have about you. You have the right to see your personal data we have about them and how we are using it.  You also have a right to know how long we plan to store your information and the reason for keeping it that length of time. In compliance with GDPR under Article 16 You have a right to a first copy of this information for free thirty-days after request. But we can charge you a reasonable fee for subsequent copies after we have verified the identity of the person requesting the data.

It’s easy for your customers to correct or update inaccurate or incomplete information. We do our best to keep data up to date by putting a data quality process in place, and make it easy for our customers to view (Article 15) and update their personal information for accuracy and completeness.

It’s easy for you to request to have their personal data deleted. You have the right to ask us to delete all the personal data SmartMoneyPeeps have about you, within a month on request after proper verification. However, we can deny the request on grounds such as the exercise of freedom of speech or compliance with legal obligations

It is easy for you to ask us to stop processing your data. You can request us to restrict or stop processing of your data if certain grounds apply within 30-days mainly if there’s some dispute about the lawfulness of the processing or the accuracy of the data. Though processing is restricted, we will keep storing your data. We will notify you before we begin processing your data again.

We will issue a copy of your personal data in a format that can be easy for you to transfer to another company. This means that we should be able to send your personal data in a commonly readable format (e.g. a spreadsheet) either to you or to a third party you designate.