Privacy Policy

For the purposes of the policy "you" or "your" means you as a user of the App Site or as a participant in the Services and/or a user of the Services Sites (as defined below). "We", "our" or "us" means GAIN Credit LLC of Wisteria Grange Barn, Pikes End, Pinner, London, United Kingdom, HA5 2EX, and its affiliates.

This policy, your credit agreement and any additional terms of use incorporated by reference into this policy, together (our Terms) applies to your use of:

• Drafty mobile application software (App) available for Android at https://play.google.com/store/apps/details?id=com.globalanalytics.draftyloc and for iOS at https://itunes.apple.com/app/id1122421410 (App Site), once you have downloaded or streamed a copy of the App onto your mobile telephone or handheld device (Device).
• Any of the services accessible through the App (Services) that are available on the App Site or other sites of ours such as www.lendingstream.co.uk and www.drafty.co.uk (Our Sites), unless otherwise stated that a separate privacy policy or use of information statement applies to a particular Service, in which case that privacy policy only applies.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We give you choices about the ways we use and share your personal information, and we'll respect the choices you make.

For the purpose of the Data Protection Act 1998, the data controller is GAIN Credit LLC. GAIN Credit LLC is a registered Data Controller under the terms of the Data Protection Act 1998, details of our notification to the regulator for data protection, may be found in the Information Commissioner's Office Public Register of Data Controllers at www.ico.org.uk under registration number Z2752028.

We may collect and process the following data about you:

• Information you give us (Submitted information): You may give us information about you by filling in forms on the App Site and Our Sites. This includes information you provide when you register to use the App Site, download or register an App, subscribe to any of our Services, search for an App or Service,
• and when you report a problem with an App, our Services, or any of Our Sites. The information you give us may include your name, email address, mailing address, information about your transactions including loan balances, phone number, employer name, take-home pay, and banking information (such as bank sort code, debit card number and account number).

• Information we collect about you and your device. Each time you visit one of Our Sites or use one of our Apps and/or Services we may automatically collect the following information:
  • technical information, including the type of mobile device you use, a unique device identifier (for example, your Device's IMEI number, the MAC address of the Device's wireless network interface, or the mobile phone number used by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting(Device Information);
  • information about your computer, including your IP address, operating system and browser type (this is statistical data about browsing actions and patterns and is not in individually identifiable form); and automatic information obtained by using "cookies" when your browser accesses our Website and when you log-in (see the "Cookies" section below for more information);
  • details of your use of any of our Apps or your visits to any of Our Sites including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access (Log Information).
• Information we receive from other sources (Third Party Information). We work closely with third parties (including, for example, credit reference agencies, fraud prevention agencies, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
• Unique application numbers: when you install or uninstall a Service containing a unique application number or when such a Service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.
• Contact with us: If you contact our customer services team or use our feedback form, We may keep a record of that correspondence or call.

We may use your personal information for a number of purposes including:

• in the normal course of our business to provide you with the Services or products you request, such as processing loan transactions and updating your account records;
• to contact third parties, such as your employer, who you have nominated to verify information about yourself;
• to enhance your experience of using our App and/or Our Sites or our Services;
• for conducting statistical analysis;
• to identify you when you contact us or visit our App Site or Our Sites;
• to identify which of our products, or our partners' products, might interest you;
• to prevent and detect fraud, this may involve the use of voice detection technology to analyse recordings of your telephone calls with us;
• for other regulatory checks including credit assessment;
• for editorial or feedback purposes for our advertisers;
• aggregated information about users for editorial or feedback purposes for our advertisers.

We may act as brokers as well as direct lenders, and our products and services may sometimes be provided in conjunction with our business partners. Thus, it may be necessary to disclose your information to those partners to provide you with the products or services you request. However, we will only disclose your information to such third parties where we have your express consent to do so via an 'opt in' mechanism on our website.

We may also share the personal information you submit with our associated group companies (which includes any company linked to us in some way by common ownership or management) for the purposes of: (a) the provision of products and service you request; (b) consumer profiling and market research; and (c) to contact you by post, phone or electronically about related products and services, offers and events, unless you opt out as described below (see the Marketing and Opt Out Rights section). A list of associated companies is available on request by contacting GAIN Credit LLC, or its related brands, directly via the contact details provided below.

If you consent via the opt in process, we may also share your personal information with selected third parties who may use it to contact you by post, telephone, email, SMS or other reasonable methods in relation to offers they feel might interest you, to seek your feedback, suggestions or opinions on current products, or for editorial, survey, research and product development purposes.

We may also share your personal information with third parties under the following circumstances:

• with lenders, credit reference agencies, customer service providers and collection agencies. We have trusted relationships with these carefully selected third parties who perform services on our behalf. All service providers are bound by contract to maintain the security of your personal information. Credit reference agencies may add to their records about you, information about our search of their records and your application with us, and this will be seen by other organisations that make searches;
• with a purchaser, in the event our business or substantially all of its assets are acquired by a third party (in which case personal information held about customers will be one of the transferred assets);
• in order to enforce any of our terms and conditions;
• with fraud prevention or law enforcement agencies, in the event false or inaccurate information is provided and fraud is identified. We and other organisations may also access and use this information to prevent fraud and money laundering, for example when checking details on applications for credit and credit related and other facilities; managing credit and credit related accounts or other facilities; recovering debt; checking details on proposals and claims for all types of insurance; and checking details of job applicants and employees. For further details of the relevant fraud prevention agencies please contact us as described at the end of this Privacy Policy;
• with individuals who you nominate as your referees to verify certain information that you provide to us;
• if required or compelled to do so by any legal authority, as required by law or when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on us;
• with other third party service providers, who act as agents to perform tasks on behalf of and under the instructions of GAIN Credit LLC. These service providers must agree to use personal information only for the purposes for which they have been engaged by us and must either: (1) agree to provide adequate protections for the personal information that are no less protective than those set forth in this Privacy Policy; or (2) comply with another mechanism permitted by European data protection law(s) for transfers and processing of personal information (such as for example contractual obligations under the EU model clauses).

Please note that for full details at to how we may make use of your information to determine and/or provide provision of loan facilities you should read the Use of Information Statement contained in your pre-contractual loan documentation.

We may also request that you provide details of individuals who are able to act as referees on your behalf by verifying some of the personal information you provide about yourself. The information we will request about these third parties will include their name, address and phone number.

We use cookies to distinguish you from other users of the App, Our Sites and App Site. This helps us to provide you with a good experience when you use the App or browse the App Site and also allows us to improve the App, Our Sites and the App Site. For detailed information on the cookies we use and the purposes for which we use them, see our cookie policy.

GAIN Credit LLC participates in and is certified under the "Privacy Shield" regime for the purposes of transferring personal data outside the European Economic Area. Please refer to our Privacy Shield Policy for further information.

By visiting our App, Our Sites and/or the App Site, you understand and agree that we may contact you via the phone number or e-mail address you enter on your loan application to assist you with your loan or to discuss other products and services that GAIN Credit LLC may provide for you. You may opt-out of receiving these marketing communications from us or from our associated companies by responding to any of our e-mail communications with "remove" in the subject line or by sending us an e-mail to customercare@drafty.co.uk.

If you opt-out of our use of your personal information for marketing purposes, we will make reasonable efforts to honour such choice within 10 business days. We reserve the right to take reasonable steps to authenticate your identity with respect to any such request or other inquiry.

As noted above, if you consent to allow us to share your information with selected third parties, you may receive follow-up contact and offers from third party companies and, while we only work with selected partners, we are not responsible for the services or representations of these third parties. To opt-out of receiving further marketing emails, calls, or SMS messages from such third party, please contact the third party directly.

We are aware of the importance of the data we collect from you and therefore we use advanced technology to protect your information. We take reasonable precautions to protect personal information from loss, misuse and unauthorised access, disclosure, alteration and destruction.

For example, we store data in encrypted form on computers and control access via secure web pages. We also employ firewalls and other security technologies to protect our servers from external attack. In addition, we train our employees in the proper handling of personal information and when we use other companies to provide services for us, we require them to protect the confidentiality of personal information they receive.

When you enter certain more-sensitive information (such as your bank sort code or account number) on the application form, we encrypt that information using secure socket layer technology.

We only keep your personal information for as long as necessary, for the purposes for which it was collected, to provide you with services and to conduct our legitimate business interests or where otherwise required by law. In addition, we take reasonable steps to ensure that the data we collect is relevant for its intended purposes, and is accurate, and up to date.

You may request a copy of the information we hold on you by contacting us as described at the end of this Privacy Policy and requesting further details. There is a charge for this service (usually £10) to help us cover the administrative costs of responding to your request. You will also need to provide identification so that we may verify that you authorised to access the personal information you have requested.

If your personal information changes, or if you no longer desire our service, you may correct, update or remove it by making the change within the edit your profile section of the site or by emailing us at customercare@drafty.co.uk.

If you submit or create a blog on our App Site or Our Sites, you should be aware that any personal information you submit can be read, collected, or used by other users of these blogs, and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.

We post customer testimonials, which may contain personally identifiable information, on the App Site, banners and/or Our Sites as well as some other websites with GAIN Credit LLC or its related brands' presence.

Our App, Our Sites and/or App Site may contain links to third party websites. If you follow a link to any of these third-party websites, please note that such websites have their own terms and privacy policies, and that we are not responsible or liable for any of the practices of these third-party sites.

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the App, Our Site, the App Site or the Services.

If you have any questions or concerns about the use of your personal information as described above, please contact us at Drafty, a trading name of GAIN Credit LLC, Wisteria Grange Barn, Pikes End, Pinner, London, United Kingdom, HA5 2EX | Registered Address: 251 Little Falls Drive, Wilmington, DE 19808, USA|Registered in the State of Delaware, USA | Registration Number: 4124111 | Authorised and Regulated by the Financial Conduct Authority. Registration Number 689378 | You can contact us at 0203 365 0135 (Call charges apply. Standard charges from BT landlines, mobiles and other providers may vary) or email us at info@drafty.co.uk. | Copyright © GAIN Credit LLC

GAIN Credit LLC is certified under and participates in the "Privacy Shield" regime for the purposes of transferring personal data outside the European Economic Area ("EEA").

GAIN Credit LLC complies with the EU-US Privacy Shield Framework as set forth by FTC regarding the collection, use, and retention of personal information from European Union member countries. If there is any conflict between this policy and the Privacy Shield Principles, the Privacy Shield Principles will apply. Please note that our affiliates Global Analytics India Private Limited (GAI) and GAIN Credit, Inc (GC) also adhere to the Privacy Shield Principles.

GAIN Credit LLC is committed to applying the Privacy Shield Privacy Principles of Notice; Choice; Accountability for onward transfer; Security; Data Integrity and Purpose Limitation; Access; Recourse; Enforcement and Liability to all EU personal data. All employees of GAIN Credit LLC have to comply with the Privacy Shield and GAIN Credit LLC is potentially liable for onward transfers of personal data to third parties.

To view our certification and for further information on the Privacy Shield please visit https://www.privacyshield.gov. The US Federal Trade Commission (FTC) has jurisdiction over our compliance with the Privacy Shield. GAIN Credit LLC is subject to the investigatory and investigation powers of the FTC. GAIN Credit LLC will renew its certification annually.

The Privacy Shield applies to the information we collect about you that is transferred outside the EEA. Each time you apply for a loan, we may transfer your personal information outside the EEA (including to our associated companies in India and the USA) – please refer to the section of our Privacy Policy titled "Information we collect about you" for an explanation of why we collect your information (this being covered by the Privacy Shield if your data is transferred outside of the EEA).

Please refer to the section of our Privacy Policy titled "Sharing your information" for a description of the circumstances in which we may disclose your personal information to third parties. In some cases we may be required to disclose personal information in response to a lawful request made by public authorities, including national security or law enforcement. Please note that regarding our affiliates, GAI has access to customer information in order to perform back office duties and GC has limited access to information in order to perform managerial functions as part of its function as a parent company in our group. Both GAI and GC are committed to the Privacy Shield Principles.

Under the Privacy Shield you have a right to access, correct or delete your personal information. If your data is inaccurate or you would like it updated, deleted or corrected, please contact us at customercare@drafty.co.uk.

In compliance with the EU-US Privacy Shield Principles, GAIN Credit LLC to resolving complaints about your privacy and our collection or use of your personal information – please contact us at customercare@drafty.co.uk.

For privacy complaints that we do not adequately resolve, GAIN Credit LLC has chosen to cooperate with EU data protection authorities (DPAs) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please contact us to be directed to the relevant DPA contacts.

In the event of a dispute, there is the possibility, under certain conditions, for you, the individual to invoke binding arbitration. You can do this by seeking redress from the Privacy Shield Panel.

We may amend this policy from time to time and may update it in line with any amendments made to the Privacy Shield Principles.

This policy was last updated on 30.11.17