Privacy Policy
​
Company Name: LOAN EXPRESS (UK) LTD
Company Number: 15132291
Address: 9 Dacre Street, London, England, SW1H 0DJ
Email: support@loanxpress.co.uk
Website: www.loanxpress.co.uk
​
1. Introduction
​
LOAN EXPRESS (UK) LTD ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, store and protect your personal information, your rights under UK data protection laws, and how to exercise those rights.
​
We are authorised and regulated by the Financial Conduct Authority (FCA) and act as a data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
​
2. Scope of This Policy
​
This policy applies to:
-
Visitors to our website www.loanxpress.co.uk
-
Applicants and customers using our loan services
-
Individuals who communicate with us by phone, email, or other channels
-
Individuals whose data we may receive from third-party sources
3. Information We Collect
​
We collect and process different types of personal data, depending on your relationship with us.
a. Personal Identification Information
-
Full name
-
Date of birth
-
Residential address (current and previous)
-
Email address
-
Telephone number(s)
-
Gender
-
Nationality
b. Financial and Employment Information
-
Employment status and details
-
Income and expenditure
-
Bank account details
-
Credit history
-
Loan purpose
-
Outstanding debts
c. Identity Verification and Regulatory Information
-
National Insurance Number
-
Driving licence or passport (for ID checks)
-
Utility bills or bank statements
-
Sanctions or fraud database checks
d. Technical and Usage Data
-
IP address
-
Browser type and version
-
Device type
-
Operating system
-
Referrer URL
-
Pages viewed
-
Time and date of access
-
Clickstream data
-
Cookie identifiers (see Section 8)
e. Communication and Correspondence
-
Emails, calls, chat records
-
Customer service interactions
-
Complaints and enquiries
f. Special Category Data
We do not typically collect special category data (e.g., health, biometric, or ethnicity) unless required for fraud prevention or regulatory compliance.
4. How We Collect Your Data
​
We may collect your data in the following ways:
-
Directly from you (via online forms, telephone, email)
-
From third-party partners and introducers
-
From credit reference agencies (CRAs)
-
From publicly available sources (e.g., Companies House)
-
From fraud prevention databases
5. Legal Basis for Processing
​
We rely on the following legal grounds to process your personal data:
​
Legal Basis Purpose
​
Consent For optional marketing communications
Contract To enter into and perform a loan-related agreement
Legal Obligation To comply with regulatory duties (e.g., AML, FCA rules)
Legitimate Interests For business efficiency, fraud prevention, website analytics, etc.
Vital Interests (rare) To protect someone’s life or well-being (in exceptional circumstances)
​
​
6. How We Use Your Data
​
We use your personal data to:
-
Assess your eligibility for loan products
-
Verify your identity and perform fraud checks
-
Conduct creditworthiness assessments
-
Connect you with appropriate lenders or partners
-
Administer your loan application and manage agreements
-
Respond to your enquiries or complaints
-
Monitor website usage and improve user experience
-
Comply with legal and regulatory obligations
-
Prevent and detect criminal activity (including fraud and money laundering)
-
Send marketing communications (where legally permitted)
7. Automated Decision-Making
​
We may use automated decision-making (including profiling) for credit and affordability assessments. This helps us determine:
-
Your loan eligibility
-
Loan amount and terms
-
Risk levels for anti-fraud purposes
You have the right to request a manual review of any decision made solely by automated means. Please contact us at support@loanxpress.co.uk if you wish to exercise this right.
​
8. Cookies and Website Analytics
​
We use cookies and tracking technologies on our website. Cookies are small text files stored on your device that help us:
​
-
Understand how users interact with our site
-
Save user preferences
-
Enable secure logins
-
Improve website functionality and performance
Types of Cookies We Use:
​
-
Essential cookies – Required for site functionality
-
Analytical cookies – To analyse traffic and usage (e.g., Google Analytics)
-
Marketing cookies – To personalise and measure ads (with consent)
For more details, see our Cookie Policy
You can manage cookie preferences in your browser settings or through our cookie banner.
9. Who We Share Your Data With
​
We may share your data with the following categories of third parties:
​
-
Credit Reference Agencies (CRAs): Experian, Equifax, TransUnion
-
Lenders and loan partners: To provide you with finance options
-
Fraud Prevention Agencies (FPAs): CIFAS, National Hunter
-
Regulatory Authorities: FCA, ICO, HMRC, law enforcement
-
Technology Providers: Hosting, email, CRM, analytics platforms
-
Professional Advisers: Lawyers, accountants, auditors
-
Payment Processors: For secure payment management
-
Debt Collection Agencies: If applicable
All third-party processors are contractually obligated to process your data securely and in compliance with data protection law.
10. International Data Transfers
​
We may transfer your data outside the UK (e.g., to service providers in the EEA or USA). In such cases, we ensure:
​
-
The destination country has an adequacy decision, or
-
We use Standard Contractual Clauses (SCCs) or equivalent safeguards
You can request a copy of these safeguards by contacting us.
11. Data Retention
We retain your personal data only as long as necessary to fulfil the purposes for which it was collected and to comply with legal, regulatory, and operational requirements.
​
Typical retention periods include:
​
-
Loan applications: 6 years from the date of closure or withdrawal
-
Call recordings: 12–24 months
-
Complaint records: 6 years
-
Marketing opt-outs: Indefinitely, to ensure compliance
We securely delete or anonymise data when it is no longer required.
12. How We Protect Your Data
We take your data security seriously. Our protective measures include:
​
-
Secure socket layer (SSL) encryption
-
Role-based access control
-
Encrypted databases and backups
-
Firewalls and antivirus systems
-
Staff training and data access policies
-
Regular audits and vulnerability assessments
Despite our best efforts, no system can be 100% secure. Please use secure methods to communicate sensitive information.
13. Your Data Protection Rights
Under UK GDPR, you have the following rights:
RightDescription
AccessRequest a copy of your personal data
RectificationRequest correction of inaccurate data
ErasureRequest deletion of data in certain circumstances
RestrictionAsk us to stop processing while a dispute is being resolved
Data PortabilityReceive your data in a structured format and transfer it elsewhere
ObjectionObject to processing based on legitimate interests or marketing
Withdraw ConsentWithdraw previously given consent (e.g., marketing emails)
Complaint to ICOLodge a complaint with the Information Commissioner’s Office