We do not sell your personal data, and we share it only where there is a clear, lawful reason. The recipients fall into a small number of categories, each tied to running a Credicorp Flex or Credicorp Slice facility properly and meeting our legal duties.
Who we may share with
- Identity and fraud-check providers who help us verify the people behind a borrowing company.
- Credit reference agencies, for the purposes set out separately in our credit-reference material.
- Payment and banking partners who process disbursements and repayments.
- Technology and hosting providers who operate our systems under contract.
- Professional advisers such as lawyers and auditors, where needed.
- Regulators and authorities where the law requires disclosure.
How we control these relationships
Where a third party processes data on our behalf, they act under a written contract that limits how they may use it and requires them to keep it secure. They cannot use your data for their own purposes unless they are a separate controller, such as a regulator acting under law.
Transparency
Our privacy notice describes these categories in more detail. If you want to know whether a specific organisation has received your data, you can ask through a subject access request.
See also: What happens if there is a data breach?, How do I complain about how you handled my data?, Who is the data controller for my information?.