This website is operated by Citrus Loans which a trading style of Aspire Money Limited who recognise the importance of protecting your privacy. Our policy is designed to follow the requirements of the General Data Protection Regulation (GDPR) which comes/came into force on the 25th May 2018.
This policy explains why we collect personal information from people who visit our website, how we use it, the conditions under which we may disclose it to others and how we will keep it secure. This policy will be continuously assessed against changes in regulation, business practices and our customers' needs so please check this page occasionally to ensure that you're happy with any changes. By using our website, you're agreeing to be bound by this Policy. Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to Unit 1, Castle Court 2, Castlegate Way, Dudley, West Midlands DY1 4RH. Alternatively, you can telephone 020 3915 9994
Who are we?
Aspire Money Limited is a loan broker that is authorised and regulated by the Financial Conduct Authority (FCA), Firm Reference number 681346. The registered address is as stated above. Aspire Money comprises of a number of trading styles which can be identified on the FCA Register. (See link below)
How do we collect information from you?
We obtain information about you when you use our website, for example, when you contact us about products and services, or make a loan application.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, IP address, and information regarding what pages are accessed and when or if you make an online loan application or accept an offer from us, as explained below.
If you choose to correspond with us through email, we may retain the content of your email messages together with your email address and our responses. We provide the same protections for these electronic communications that we employ in the maintenance of information received by mail and telephone.
Web Site Use Information
Similar to other commercial Web sites, our Web site utilises a standard technology called "cookies" (see explanation below, "What Are Cookies?") and web server log files to collect information about how our Web site is used. Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at our Web site, and the Web sites visited just before and just after our Web site
How is your information used?
To process the application or enquiry you have made;
We make, or cause a search or searches to be made, at a credit reference agency on yourself and any other named Person (s) on the application or enquiry. In most cases when credit reference agencies receive a search they will place a search "footprint" on your credit file whether or not the application proceeds, however, our panel of lenders only do soft searches which do not leave a footprint on your file. Should a situation arise where a footprint is likely to be left you will be informed.
We will search at credit reference and fraud prevention agencies for information on all named Person (s) on the application or enquiry and their financial associates'; We will use the information provided to us by credit reference and fraud prevention agencies to help make credit or credit related decisions, to verify identity, for the prevention and detection of fraud and/or money laundering, and to manage accounts.
The information which we and other organisations provide to the credit reference and fraud prevention agencies may be supplied by credit reference agencies to other organisations and used by them to perform similar checks.
We may also disclose personal information about you to the extent required by Law, Court Order, by Government order or decree.
Except as described above, we will not disclose your personal information to Third Parties, without your consent.
You may be assured that Citrus Loans and any company associated with us will treat all personal data and sensitive personal data as confidential and will not process it other than for a legitimate purpose.
Steps will be taken to ensure that the information is accurate and kept up to date and not kept for longer than is necessary. Measures will also be taken to safeguard against unauthorised or unlawful processing and accidental loss or destruction or damage to data.
We review our retention periods for personal information on a regular basis. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant transaction you hold with us.
Conditions for Processing
We will ensure any use of personal data is justified using at least one of the conditions for processing and this will be specifically documented. All staff who are responsible for processing personal data will be aware of the conditions for processing. The conditions for processing will be available to data subjects in the form of a privacy notice.
For processing to be lawful under the GDPR, Citrus Loans will need to identify a lawful basis before it can process personal data. These are often referred to as the "conditions for processing".
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf:
We may pass your information to our third-party service providers, agent's, lenders and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. However, if/when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
Please be reassured that we will not release your information to third parties beyond Citrus Loans for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Third Party Product Providers we work in association with:
You have a choice about whether or not you wish to receive information from us.
We will only accept that Consent has been given by a clear affirmative act such as by a written statement, including by electronic means, or an oral statement. This could include ticking a box when visiting our internet website, which clearly indicates in this context your acceptance of the proposed processing of your personal data.
We will not contact you for marketing purposes by post, email, phone or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us by email email@example.com or telephone on 020 3915 9996.
How you can access and update your information
The accuracy of your information is important to us. We're working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: firstname.lastname@example.org, or write to us at: Unit 1, Castle Court 2, Castlegate Way, Dudley, West Midlands DY1 4RH. Alternatively, you can telephone 020 3915 9994
Subject Access Request
You have the right to ask for a copy of the information that Citrus Loans hold about you free of charge. However, we are entitled to charge a "reasonable fee" if a request is manifestly unfounded or excessive, particularly if it is repetitive. Any fee will be based on the administrative cost of providing the information. Information requested will be provided without delay and at the latest within one month of receipt. Citrus Loans is required to verify the identity of the person making the request, using 'reasonable means'.
Article 20 of GDPR allows for Data Subjects to receive their personal data, which they have provided to a Data Controller, in a structured, commonly used and machine-readable format, and to transmit it to another Data Controller. The aim of this right is to support user choice, user control and consumer empowerment
The right to data portability allows our consumers to obtain and reuse their personal data for their own purposes across different services.
It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
When does the right to data portability apply?
The right to data portability only applies:
to personal data you have provided to a Citrus;
where the processing is based on your consent or for the performance of a contract; and
when processing is carried out by automated means.
How will we comply?
We will provide the personal data in a structured, commonly used and machine-readable form. Machine readable means that the information is structured so that software can extract specific elements of the data. This enables other organisations to use the data.
The information will be provided free of charge.
How long do we have to comply?
We will respond without undue delay, and within one month.
This can be extended by two months where the request is complex or we receive a number of requests. We will inform you within one month of the receipt of your request and explain why the extension is necessary.
Where we are not taking action in response to a request, we will explain, informing you of their right to complain to the supervisory authority and to a judicial remedy without undue delay and at the latest within one month.
Note that the right to data portability does not override your right of access to all information we hold about you which includes paper files and automated data. For the Subject Access data procedure, refer to the "Access your data" Section above.
You can request for a Data Portability or a Subject Request by either contacting us via email to email@example.com or by writing to Unit 1, Castle Court 2, Castlegate Way, Dudley, West Midlands DY1 4RH. Alternatively, you can telephone 020 3915 9994
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it's treated securely. When we receive data for use it is authenticated with an SSL certificate that sits on our server.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at
your own risk.
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
Use of 'cookies'
Links to other websites
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union ('EU'). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU or one of our service providers is located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you're agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in January 2018.