We are registered in England and Wales under company number 09998904, and have our registered office at 48 Warwick, London, W1B. We are registered with the Information Commissioner’s Office under registration number ZA271378.
2. What Information do we Collect?
The information we gather enables us to personalise, improve and continue to operate the Services. In connection with certain aspects of the Services, we may request, collect and/or display some Personal Information. We collect the following types of information from our users.
i. Account Information
When You create an Account, You (the “User”) will provide information that could be Personal Information, such as Your username, password, email address and, as applicable, other information related to Your business. We may also collect:
Information that you provide by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. This includes information provided at the time of registering to use our Site, subscribing to our Services, posting material, participating in discussion boards or other social media functions on our Site or requesting further Services. We may also ask you for information when you report a problem with our Site.If you contact us, we may keep a record of that correspondence.We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.Details of transactions you carry out through our Site and of the fulfilment of your orders.Details of your visits to our Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.We may collect information about your computer, including where available your IP address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; for system administration and to report aggregate information. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
You acknowledge that this information may be personal to You, and by creating an account on the Services and providing Personal Information to us, You allow us to identify You and therefore may not be anonymous. We may use Your contact information to send You information and deliverables created in conjunction with our Services. You may unsubscribe from certain communications from us through Your Account settings, although we, regardless, reserve the right to contact You when we believe it is necessary, such as for account recovery purposes.
ii. User Information
All content submitted by You to the Services which is not Personal Information under the Act, including but not limited to User Information which is not Personal Information, may be retained by us indefinitely, even after You terminate Your account. Any content which is Personal Information under the Act may be retained by us for long as is reasonably necessary for (i) improving or enhancing the Services we provide to all of our users; (ii) protecting, enforcing or complying with our legal rights and obligations; or (iii) any other purpose permitted under the Act.
iii. Payment Information
iv. IP Address Information and Other Information Collected Automatically (including Cookies)
Generally, the Services automatically collect usage information, such as the number and frequency of visitors to the Site. We may use this data in aggregate form, that is, as a statistical measure, but not in a manner that would identify You personally. This type of aggregate data enables us and third parties authorized by us to figure out how often individuals use parts of the Services so that we can analyse and improve them.
We use Google Analytics and you can find out about that here: https://www.google.com/policies/privacy/partners
v. Email Communications
We may receive a confirmation when You open an email from us. We use this confirmation to improve our customer service.
vi. Aggregate Information:
We collect statistical information about how both unregistered and registered users, collectively, use the Services (“Aggregate Information”). Some of this information is derived from Personal Information. This statistical information is not Personal Information and cannot be tied back to You, Your Account or Your web browser..
3. Where do we Store Your Personal Data?
We will only transfer Personal Information outside the EEA if one of the following conditions applies:
(a) the European Commission has issued a decision confirming that the country to which we transfer the Personal Data ensures an adequate level of protection for the Data Subjects' rights and freedoms;
(b) appropriate safeguards are in place such as binding corporate rules, standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism;
(c) you have consented to the proposed transfer after being informed of any potential risks; or
(d) the transfer is necessary for one of the other reasons set out in the GDPR, including for our legitimate interest.
Personal InformationAll information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
4. What Use is Made of the Information?
We use information held about you in the following ways:
• To ensure that content from our Site is presented in the most effective manner for you and for your computer.
• To provide you with information, products or services that you request from us or which we feel may interest you, subject, where relevant, to your having consented to being contacted for such purposes.
• To carry out our obligations arising from any contracts entered into between you and us.
• To allow you to participate in interactive features of our Service, when you choose to do so.
• To notify you about changes to our Service.
• To comply with our legal obligations, for example in relation to the prevention of financial crime.
• We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you.
• If you are an existing customer, we will only contact you by electronic means (email or SMS) with information about goods and services similar to those which were the subject of a previous sale to you.
• If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means for marketing purposes only, where relevant,if you have consented to this.
• If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please contact us at firstname.lastname@example.org
How, and With Whom, Is My Information Shared?
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
• Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
• Our or our group’s professional advisors, auditors, partners, managers or insurers.
• Analytics and search engine providers that assist us in the improvement and optimisation of our Site.
We may disclose your personal information to third parties:
• In the event that we sell or buy any business or assets, in which case we may disclose your Personal Information to the prospective seller or buyer of such business or assets.
• If we or substantially all of our assets are acquired by a third party, in which case Personal Information held by us about our customers will be one of the transferred assets.
i. IP Address Information:
ii. Information You Elect to Share:
iii. Aggregate Information:
We share Aggregate Information with our partners, service providers and other persons with whom we conduct business. We share this type of statistical data so that our partners can understand how and how often people use our Services and their services or websites, which facilitates improving both their services and how our Services interface with them. In addition, these third parties may share with us non-private, aggregated or otherwise non Personal Information about You that they have independently developed or acquired.
iv. Email Communications with Us:
As part of the Services, You may receive email and other communications from us, such as communications relating to Your Account.
v. Payment Information:
As stated above, we do not currently collect Your payment method, as that information is collected and stored by our Payment Processor. However, we may from time to time request and receive some of Your financial information from our Payment Processor for the purposes of completing transactions You have initiated through the Services, enrolling You in discount, rebate, and other programs in which You elect to participate, protecting against or identify possible fraudulent transactions, and otherwise as needed to manage our business. As stated above, we may, as a result of Your use of the Services, obtain from You Financial Information pertaining either to You or Your customers, that You provide us as a result of Your use of such Services. Such Financial Information may be used by us and may be disclosed to Third Party Services that You authorize us to use, solely in furtherance of the Services.
vi. Information Disclosed for Our Protection and the Protection of Others:
vii. Information We Share With Your Consent:
Except as set forth above, to the extent You have not already pre-authorized us to do so, You will be notified when Your Personal Information and/or Your User Information (including Financial Information) of Yours may be shared with third parties (including but not limited to Third Party Services), and will be able to prevent the sharing of this information.
5. Is Information About Me Secure?
Your Account information will be protected by a password for Your privacy and security. You need to prevent unauthorized access to Your Account, Personal Information and User Information (including Financial Information) of Yours, as applicable, by selecting and protecting Your password appropriately and limiting access to Your computer and browser by signing off after You have finished accessing Your Account.
We use industry standard methods and techniques to protect Account information to ensure that it is kept private; however, we cannot guarantee the security of any Account information (including Personal Information and User Information of Yours that You provide us). Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
6. What Information of Mine Can I Access?
If You are a registered user, You can access information associated with Your Account (including User Information) by logging into the Services. Registered and unregistered users can access and delete cookies through their web browser settings.
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. You are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties.
7. What are Your Rights?
You have the following rights in relation to your Personal Information:
Information Right - The right to receive detailed information about our Personal Information collection and data processing activities.
Personal Data Access Right - The right to:
• Obtain confirmation from us.
• Access your processed Personal Information, including receiving a copy on request unless providing a copy adversely affects the rights and freedoms of others.
• Obtain certain information about our processing including:
-purposes of data processing;
-categories of Personal Information processed;
-recipients or categories of recipients who receive Personal Information from the data controller;
-how long the data controller stores the Personal Information, or the criteria the data controller uses to determine retention periods;
-information on the Personal Information's source if the data controller does not collect it directly from the data subject;
-information on the safeguards used to secure cross-border data transfers, if applicable; and
-whether the data controller uses automated decision-making, including profiling, the auto-decision logic used, and the consequences of this processing for the data subject.
Notification of your rights to:
• request correction or erasure of Personal Information;
• restrict or object to certain types of Personal Information processing; and
• make a complaint with the local data protection authority.
Personal Data Correction Right
The right to:
• Correct inaccurate Personal Information held by us
• Complete incomplete Personal Information held by us
Personal Data Erasure Right ("Right to be Forgotten")
The right to request erasure of your Personal Information if one of the following applies:
• The Personal Information is no longer necessary for the purpose we collected it.
• You withdrew your consent to our processing activities and no other legal justification for processing applies.
• You objected to processing that is either:
o necessary for us to perform a task in the public interest or in the exercise of official authority vested in us; or
o necessary to pursue our or a third party's legitimate interests, and
no other compelling legitimate grounds to process Personal Information apply.
• You object to processing for direct marketing purposes.
• We unlawfully processed the Personal Information.
• European Union or member state law requires erasure to comply with a legal obligation that applies to us.
• We collected the Personal Information in the context of offering online services to children under Article 8(1).
Data Processing Restriction Right
You may restrict the processing of your Personal Information when:
You contest the accuracy of the Personal Information.
The processing is unlawful.
We no longer need to process the Personal Information but you need the Personal Information for the establishment, exercise, or defence of legal claims.
Data Processing Objection Right
The GDPR grants you the right to object to data processing under certain circumstances, including:
• For direct marketing purposes, including profiling related to direct marketing.
• For scientific or historical research purposes or statistical purposes under Article 89(1), unless the processing is necessary for the performance of a task carried out in the public interest.
• For processing, including any profiling, based on the following legal grounds:
o necessary to perform a task in the public interest under Article 6(1)(e); or
o necessary for the data controller's or a third party's legitimate interests under Article 6(1)(f).
Data Portability Right
The right to data portability includes the right to:
• Receive a copy of the Personal Information from us in a commonly used and machine-readable format and store it for further personal use on a private device.
• Transmit the Personal Information to another data controller.
• Have Personal Information transmitted directly from one data controller to another where technically possible.
Automated Decision-Making Objection Right
You have the right to not be subject to automated decision-making, including profiling, which has legal or other significant effects on the data subject (Article 22(1) and Recital 71, GDPR).
Breach Notification Right
When a Personal Information breach is likely to result in a high risk to your rights, we must notify you of the security breach without undue delay.
You can also exercise these rights at any time by contacting us at email@example.com.
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Information to these websites.
9. What Choices Do I Have Regarding My Information?
You can always opt not to disclose certain information to us, even though it may be needed to take advantage of some of our features.
You can inactivate Your Account. Please note that we will need to verify that You have the authority to inactivate the Account, and activity generated prior to inactivation will remain stored by us and may be publicly accessible on an anonymous basis.
You can choose not to use certain features on the Services.
10. Our Use of Third Party Services for Invoice Finance
In order to provide you with invoice finance, we will make use of Credit reference agencies and Fraud Prevention Agencies.
i. What is a credit reference agency?
Credit reference agencies (CRAs) collect and maintain information on consumers' and businesses' credit behaviour, on behalf of organisations in the UK.
ii. What is a fraud prevention agency?
Fraud Prevention Agencies (FPAs) collect, maintain and share, information on known and suspected fraudulent activity. Some CRAs also act as FPAs.
iii. Why do we use them?
If you apply for invoice financing to Satago, we will check our own records but we will also contact CRAs to get information on your company's credit behaviour with other organisations. This will help us make the best possible assessment of your company's overall situation before we make a decision.
iv. Where do we get the information?
1. Publicly available information:
The Electoral Register from Local Authorities
County Court Judgments from Registry Trust
Bankruptcy (and other similar orders) from the Insolvency Service
2. Credit information comes from information on applications to banks, building societies, credit card companies and also from the conduct of those accounts.
3. Company information and information about directors and shareholders comes from Companies House, other publicly available directories and proprietary directories at CRAs.
4. Information about proprietors of non limited businesses from publicly available directories and proprietary directories at CRAs.
v. How will I know if my information is to be sent to a CRA or FPA?
You will be told when you apply for invoice financing.
vi. Why is my data used in this way?
We and other organisations want to make the best possible decisions we can, in order to make sure that your business will be able to repay us. Some organisations may also use the information to check your identity. In this way we can ensure that we all take responsible decisions. At the same time, we also want to take decisions quickly and easily and, by using up to date information, provided electronically, we are able to make the most reliable and fair decisions possible.
vii. Who controls what these agencies are allowed to do with my data?
All organisations that collect and process personal data are regulated by the Data Protection Act 1998, overseen by the Information Commissioner's Office. All credit reference agencies are in regular dialogue with the Commissioner. Use of the Electoral Register is controlled under the Representation of the People Act 2000 and the Supplementary Regulations to the Representation of the People Act 2002. Use of data from Companies House, about directors, is controlled under the Companies Act 2006 and The Companies (Disclosure of Address) Regulations 2009.
viii. Can just anyone look at data held at credit reference agencies?
No, access to information is strictly controlled and only those companies that are entitled to do so, may see it. Usually that will only be with your agreement or (very occasionally) if there is a legal requirement it could be done without requiring your consent.
ix. What does Satago check when I apply for invoice financing?
When you apply to us for invoice financing, we may:
1. Check our own records for information on:
a. Your business accounts;
b. Shareholders who are beneficial owners of 20% or more of your business;
2. Search at credit reference agencies for information on:
a. your business;
b. your business accounts;
c. identity information on beneficial owners of your business;
d. If you are a director, we will seek confirmation, from credit reference agencies, that the residential address that you provide is the same as that shown on the restricted register of directors’ usual addresses at Companies House.
e. Search at fraud prevention agencies for information on your business, beneficial owners and your address(es).
x. What we do with the information you supply as part of your application?
- Information that is supplied to us will be sent to the credit reference agencies;
2. If you give us false or inaccurate information and we suspect or identify fraud, we will record this and may also pass this information to fraud prevention agencies and other organisations involved in crime and fraud prevention;
3. Record information at credit reference agencies about your application, your business, you and the ultimate beneficial owners of your business;
4. If you provide information about shareholders, we will record this information at credit reference agencies.
You must be sure that you have the agreement of your shareholders to disclose information about them.If any of the information that you provide to us changes (for example if you change contact details) then you must notify us promptly by email to firstname.lastname@example.org.
xi. What we do with the information we obtain as part of the application?
1. Assess this application for credit and/or;
2. Check details on applications for credit and credit related or other facilities;
3. Verify your identity and the identity of other directors and shareholders;
4. Undertake checks for the prevention and detection of crime or fraud and/or money laundering;
5. We may use scoring methods to assess your application and to verify your identity.
xii. What we do when we agree to finance some of your invoices?
1. We will give details of the transaction, including names and parties to the account, and how you manage it to credit reference agencies;
2. If you sell us one or many invoices and do not repay us as per the terms of our agreement for invoice financing, we will tell credit reference agencies;
3. We may make periodic searches of our own group records and credit reference agencies to manage your account with us, including whether to continue or extend invoice financing;
4. We may also check at fraud prevention agencies to prevent or detect fraud.
5. If you have obtained Advances from us and do not make payments that you owe us, we will trace your whereabouts and recover payment.
xiii. What do credit reference agencies do when they receive a search from us?
1. The agencies place a credit search “footprint” on your company credit file whether or not this application for invoice finance proceeds. The record of that search (but not the name of the organisation that carried it out) may be seen by other organisations when your business applies for credit in the future;
2. Place an enquiry or identification search on the record of any shareholder who is a beneficial owner and who we have checked;
3. Create a record of the name and address of your business and its proprietors if there is not one already.
xiv. What will credit agency supply to us?
1. Information about your business or company such as previous applications for credit and the conduct of the accounts;
2. Public information such as County Court Judgments (CCJs) and bankruptcies;
3. Electoral Register information on you and your business partners;
4. Fraud prevention information;
5. Confirmation or otherwise that the usual residential addresses, supplied by directors, match those on the restricted register held at Companies House (or for those directors’ addresses registered under section 243 of the Companies Act, that the usual residential addresses supplied by directors, match those on the credit reference agency’s proprietary business directory
xv. What will credit reference agencies do with the information we supply to them?
1. Credit reference agencies will record the details that are supplied on your business and business account including previous and subsequent names of parties to the account and how you manage it/them.
2. If your business enters into an invoice finance agreement with Satago and does not repay in full and on time, credit reference agencies will record the outstanding liability.
3. Records shared with credit reference agencies remain on file for 6 years after they are closed whether settled by you or defaulted;
4. Information on shareholders who are beneficial owners will be used and supplied to others only
1. for the purpose of the performance of identity checks
2. with their specific consent
xvi. How your data will NOT be used by credit reference agencies?
1. It will not be used to create a blacklist;
2. It will not be used by the credit reference agency to make a decision.
xvii. How will my data be used by credit reference agencies?
The information which we and other organisations provide to the credit reference agencies about you, your business partners and details about your business may be supplied by credit reference agencies to other organisations and used by them to:
1. Prevent crime, fraud and money laundering by, for example checking details provided on applications for credit and credit related or other facilities;
2. Check the operation of credit and credit-related accounts;
3. Verify your identity if you or your business partner(s) applies for other facilities;
4. Make decisions on credit and credit related services about your business;
5. Manage your business credit or credit related account(s);
6. Trace your whereabouts and recover debts that you owe.
7. Undertake statistical analysis and system testing.
xviii. How can my data be used by fraud prevention agencies?
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by clicking the following link: Full notice.
The information which we provide to the fraud prevention agencies about you, your business partners and your business may be supplied by fraud prevention agencies to other organisations and used by them and us to prevent crime, fraud and money laundering by, for example:
1. Checking details provided on applications for credit and credit related or other facilities;
2. Managing credit and credit related accounts or facilities;
3. Cross checking details provided on proposals and claims for all types of insurance;
4. Checking details on applications for jobs or when checked as part of employment, including all types of insurance proposals and claims;
2. Verify your identity if you or your business partner(s) applies for other facilities
3. Trace your whereabouts and recover debts that you owe;
4. Conduct other checks to prevent or detect fraud;
5. Organisations may access and use from other countries the information
6. Undertake statistical analysis and system testing;
7. Your data may also be used for other purposes for which you give your specific recorded by fraud prevention agencies; permission or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act 1998.
11. How do I get more information?
You can contact the CRAs currently operating in the UK. The information they hold may not be the same so it is worth contacting them all:
1. CallCredit, Consumer Services Team, PO Box 491, Leeds, LS3 1WZ or call 0870 0601414
2. Equifax PLC, Credit File Advice Centre, PO Box 3001, Bradford, BD1 5US or call 0870 010 0583 or log on to www.myequifax.com
3. Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0844 4818000 or log on to
For the avoidance of doubt, the limitations set out in the “Our Liabilities and Responsibilities” section of our General User Terms and Conditions apply in respect of our collection and use of your information, as set out above, in connection with the Finance application process.
Please also note that we will not be required by virtue of any agreement between us to delete, surrender or dispose of any information that we believe, in our reasonable judgement, is or may be required to retain for legal or compliance purposes, including to protect or enforce our rights under this agreement (or any other claim or defence we may have in relation to you) or to protect the rights of third parties. We may also at our entire discretion delete without notice to you all information that we hold relating to your application if your subscription to our service expires or is cancelled.
12. What If I Have Questions or Concerns?
If You have any questions or concerns regarding privacy using the Services, please send us a detailed message to email@example.com