Back to Policies

Privacy Policy

Last updated: March 2026  —  TP Commercial Finance Ltd

1. Who We Are

TP Commercial Finance Ltd (“TPCF”, “we”, “us”, “our”) is a company registered in England and Wales, with its registered office at 5 Garrick Street, London, WC2E 9AR. We operate the Loan Intel loan book intelligence platform (the “Platform”), accessible at www.loan-intel.com.

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, TPCF is the data controller in respect of personal data collected through the Platform and our website.

If you have questions about this Privacy Policy or our data practices, please contact us at support@loan-intel.com.

2. What Data We Collect

We collect and process the following categories of data:

Account and Contact Data

  • Name and job title of the individual registering on behalf of a lender organisation
  • Business email address and telephone number
  • Name and registered details of the organisation you represent
  • Login credentials (passwords are stored as one-way hashed values and never in plaintext)

Platform Usage Data

  • Log data including IP address, browser type, pages visited, and timestamps
  • Search queries conducted within the Platform
  • Data contributed to the Platform by your organisation (loan performance records, decline data)
  • Communications with our support team

Technical Data

  • Cookie data (see Section 8 below and our Cookie Policy)
  • Session tokens and authentication data
  • Device type and operating system information

The Loan Intel Platform is designed primarily around corporate entity data — company registration numbers, company names, and corporate financial performance. Personal data of company officers (directors, persons of significant control) sourced from the Companies House public register may be processed for the purpose of identifying corporate network structures. This data is not shared between platform users or across lender boundaries, and is not used for individual profiling.

3. How We Use Your Data

We use the data we collect for the following purposes:

  • Providing the Platform: To create and manage your account, authenticate your access, and deliver the features and services you have subscribed to.
  • Communications: To send you service-related notifications, product updates, security alerts, and responses to enquiries.
  • Platform Improvement: To analyse usage patterns, identify bugs, and develop new features. This is done using aggregated and anonymised data where possible.
  • Security and Fraud Prevention: To monitor for unauthorised access, prevent abuse, and maintain the integrity of the Platform.
  • Legal Compliance: To meet our obligations under applicable law, including financial record-keeping requirements.
  • Billing: To process subscription payments and maintain billing records.

4. Legal Basis for Processing

Under the UK GDPR, we rely on the following lawful bases for processing your personal data:

  • Contract (Article 6(1)(b)): Processing necessary to perform our contract with you, including providing the Platform, managing your account, and processing payments.
  • Legitimate Interests (Article 6(1)(f)): Processing necessary for our legitimate business interests, including security monitoring, fraud prevention, improving our services, and communicating product updates. We have balanced these interests against your rights and concluded they do not override your fundamental rights and freedoms.
  • Legal Obligation (Article 6(1)(c)): Processing required to comply with our legal obligations, including financial record-keeping and responding to lawful requests from regulatory authorities.
  • Consent (Article 6(1)(a)): Where we rely on consent (for example, for certain marketing communications or non-essential cookies), you may withdraw consent at any time without affecting the lawfulness of prior processing.

5. Data Sharing

We do not sell your personal data. We do not share your personal data with third parties for their own marketing purposes. We may share data in the following limited circumstances:

  • Service Providers: We engage trusted third-party providers to support the Platform, including cloud hosting providers, payment processors, and analytics tools. All processors are contractually bound to process data only on our instructions and to maintain appropriate security standards.
  • Legal Requirements: We may disclose data where required by law, court order, or regulatory authority, including the Information Commissioner's Office (ICO) or Financial Conduct Authority (FCA).
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to the same protections described in this policy.
  • Protecting Rights: We may share data to protect the rights, property, or safety of TPCF, our clients, or others, where permitted by law.

Lender-contributed loan data within the Platform is ring-fenced. Your institution's specific loan data is never shared with or made identifiable to other lender organisations on the Platform. Only anonymised aggregate intelligence derived from the collective dataset is shared across lenders.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention periods are as follows:

  • Active account data: Retained for the duration of your subscription and up to 6 months after account closure to enable reactivation or dispute resolution.
  • Contributed loan data: Retained for up to 7 years from the date of contribution, in line with financial record-keeping obligations.
  • Audit and access logs: Retained for 12 months.
  • Billing records: Retained for 7 years in accordance with HMRC requirements.
  • Support communications: Retained for 2 years.

Following the applicable retention period, data is securely deleted or anonymised. On written request at account closure, we will delete personal data within 30 days, subject to any legal retention obligations.

7. Your Rights

Under UK GDPR, you have the following rights in respect of your personal data:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to rectification: You may ask us to correct inaccurate or incomplete data.
  • Right to erasure: In certain circumstances, you may ask us to delete your personal data.
  • Right to restrict processing: You may ask us to limit how we use your data in certain circumstances.
  • Right to data portability: You may request your data in a structured, machine-readable format where technically feasible.
  • Right to object: You may object to processing based on legitimate interests. We will consider your objection and cease processing unless we have compelling legitimate grounds.
  • Rights related to automated decision-making: You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects, unless you have consented or it is necessary for a contract.

To exercise any of these rights, please contact us at support@loan-intel.com. We will respond to your request within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

We use cookies and similar tracking technologies on the Platform. Essential cookies are required for the Platform to function and cannot be disabled. We also use analytics and preference cookies, subject to your consent.

For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

9. Security

We implement industry-standard technical and organisational security measures to protect your personal data against unauthorised access, loss, disclosure, or alteration. These measures include 256-bit AES encryption at rest, TLS 1.3 encryption in transit, role-based access controls, multi-factor authentication, regular penetration testing, and immutable audit logging.

We maintain a 24-hour incident response SLA for confirmed security events. For more information, please see our Security & Compliance page.

Whilst we take all reasonable steps to protect your data, no system is completely secure. If you believe your account has been compromised, please contact us immediately at support@loan-intel.com.

10. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact:

TP Commercial Finance Ltd

5 Garrick Street, London, WC2E 9AR

support@loan-intel.com
← Back to all policies