CommunityBlogContact UsLogin

Privacy Policy

Last updated: September 2020

This privacy notice is to let you know how Fronted gathers and processes your personal information.

This notice provides you with information regarding your rights and obligations and explains how, why and when we collect and process your personal data.

We take personal data seriously. Anything containing personally identifiable information is kept safe and we have put in place appropriate technical and other security measures to protect it.

We need to collect certain types of information to allow us to make a decision on your request for financial products. We also need to comply with legal and regulatory requirements relating to anti-fraud, anti-money laundering, know your customer and responsible lending obligations.

We will only collect the information we need to be able to provide you with the service you have requested. You need to make sure that the information you provide is accurate, complete and not misleading. Your personal information may need to be disclosed when we are obliged to by law, for purposes of national security, taxation, defence of a legal claim or criminal investigations.

If you have any questions or want to exercise any of your rights set out in this Privacy Policy, please contact us at

Who are we?

We are Fronted Holding Ltd and all subsidiaries. Our registered office is at Fronted, 81 Rivington Street, London, England, EC2A 3AY. We are registered in England and Wales under company number 12278750. We are registered on the Information Commissioner’s Office (ICO) Register under number: CSN0780570.

We can be contacted:

by post at Fronted, 81 Rivington Street, London, England, EC2A 3AY;

by email at

What data do we collect?

Here is the top line summary of the data we collect.

When we use your personal information we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.

The legal bases we may rely on include:

  • consent: where you have given us clear consent for us to process your personal information for a specific purpose
  • contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
  • legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations)
  • legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests)

We’ll break down the information further in the next sections. To use our full range of services and products, we will collect some or all of the following information:

When information is collected Why we ask for this How and why we use your information
When you register with us.Contact details: Your name, Email address, Renting information including salary, budget and may include your property agent or landlord’s details. Legitimate Interest We ask for this:to create and manage your account with us, to communicate with you about your account, to assess if we can pre-qualify you for a Fronted Deposit. We rely on legitimate interest as the lawful basis for collecting and using your personal information. Our legitimate interests are for you to have a clear understanding of our products and if we can provide our services to you. We will keep this information until:you close your account with us or we close your account.
When you interact with the Fronted platform Visiting and browsing the site Interactions with chat bot, email or any other form of communication Clicking through links. Legitimate Interest We use this information to improve our platform and product offering. This means customers have a clear understanding of our product. Your details may be shared with third party platforms including Google Analytics, Intercom, MixPanel and Full Story. Personal data will not be kept longer than is viewed as necessary as per GDPR guidelines. All storage of data will be with purpose. We may need to keep personal information due to legal requirements, see more details of this in the ‘Your Rights’ section.
When managing products and services including: our existing relationship with you, Keep you updated on products and services, Operate and provide lending services, Handling payments received from and provided to you, Appling charges, fees and interest due on customer accounts. Contracts and Consent To ensure that you are kept up to date with our policies when you have signed up as a user. To provide customers with the provided service that they have signed up for.
When following regulations and keeping our customer information safe: To detect, investigate, report and seek to prevent financial crime. To control risk for us and our customers. To obey laws and regulations that apply to us. To respond to complaints and resolve them. To meet our business responsibilities of managing our financial position, business capability, planning, communications, corporate governance, audit and all that is outlined in FCA sandbox requirements. Legal Obligation and Legitimate Interest When developing our products and services. To comply with regulation and any other legal practices both under FCA and GDPR guidance. To be efficient with our contractual duties.
Continuing use of data: To develop and carry out marketing activity. Statistical analysis and research. To improve, guide, manage and develop our products and services. Legitimate interest and Consent Developing products and services to promote responsible lending and helping to prevent over-indebtedness. Promoting products to interested parties with similar needs and wants.

Device & Website Usage Data

Data collected about your use of our websites. Information about your device, network, and web activity.

We collect personal information about you when you access our website, register with us, contact us, send us feedback, purchase products or services via our website, post material to our website and complete customer surveys or participate in competitions via our website.

We collect this personal information from you either directly, such as when you or indirectly, such as your browsing activity while on our website.

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your Identity, Contact and Financial Data through forms or by corresponding with us through website chat phone, email or otherwise. This includes personal data you provide when you:

  • create an account on our website;
  • enquire about our products;
  • request marketing to be sent to you;
  • give us feedback or contact us.

We may also request a scan of an identity document if this is required for “know your customer” or anti-money laundering purposes.

To make it clear, here are the definitions and uses of:

– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, read our cookie policy.

– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site. More information about the use of these can be found in our cookie policy.

– When you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information including credit card numbers, email address, and phone number.

Account & Profile Data

Data about you as a customer, prospect or subscriber. Terms are as per the below:

  • Customer is a person who has successfully received a Fronted Deposit
  • Prospect is a person who has applied for a Fronted Deposit
  • Subscriber is a person who is interested in Fronted and its related products

Data includes details such as your name, email address, address and product interests.

How Do We Use Your Personal Information

We may use your information to:

Deliver our products and services.

We use information to fulfil our contracts with you, and to deliver our products and services effectively. This allows us to:

Improve our products and services.

  • Your use of our product and service means we can create insights which will assist us in improving our products and services.

Market our products and services.

  • We only send what you want is relevant to you, including communication about products and services and advertising our products and services to you.

Prevent fraud and abuse.

  • This includes identifying unusual or suspicious interactions with our website and payment systems.

Comply with local laws and regulations.

  • This includes maintaining accurate financial records as required by local laws and regulations.

Our use of third parties

Third parties assist us in our marketing efforts and to deliver our products to you and in the provision of our services.  We collect this personal data by using cookies, server logs, visit statistics such as Google Analytics and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our Cookie Policy for further details. We may also record within the browser information necessary for the functioning of the website, for example whether cookie consent has been agreed to or progress through online form

We collect personal information received from other sources such as data from credit reference agencies, open banking data (including name, address, bank account number, sort codes, balance, overdraft limit and statement information) and results of “politically exposed persons” or sanction checks.

What third-party parties we currently use

Google Analytics

Google Analytics allows us to see how users are finding out about Fronted and if our use of social or paid campaigns are working to draw users to sign up to our platform.

You can read more about how Google uses your Personal Information here: You can also opt-out of Google Analytics here:


MixPanel helps us to understand how visitors navigate through our site. We use this data when seeing how we can better display and structure information.

You can read more about how MixPanel uses your Personal Information here: You can also opt-out of MixPanel here:


Intercom allows us to communicate with you via the chatbot or emails. As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience.

You can read more about how Intercom uses your Personal Information here: You can also enquire directly to Intercom at If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.

Full Story

Full Story allows us to better understand our users experience (e.g. how much time they spend on which pages, what links users like and don’t like) and this enables us to build and maintain our service with user feedback. Full Story uses cookies and other technologies to collect data on our users’ behaviour and their devices (devices’ IP addresses captured and stored in an anonymised form), device screen size, device type, Browser information, geographic location (country only), preferred language used to display our website).

You can read more about how Full Story uses your Personal Information here: You can also opt-out of Full Story at or by accessing their opt-out service here.

Smart Look

Smart Look allows us to understand and make changes to our site and services to allow a better user experience. This includes tracking user activity e.g. site navigation and using this information to see if our team can fix any problems a user had when completing sign up. Smart Look uses cookies and other technologies to collect data on our users’ behaviour including the anonymised capture of devices’ IP addresses. Smart Look also processes and stores data when a user completes account registration.

You can read more about how Smart Look uses your Personal Information here: You can also opt-out of Smart Look at or by accessing their opt-out service here.


Sentry allows us to fix and optimise the code that keeps Fronted running. To monitor if there are any errors or ways that we can make your experience smoother, Sendry may collect information including how you interact with Fronted using cookies and monitoring to see that all sensitive information (including financial information) is confidential and encrypted. No private information is stored on Sentry’s servers.

You can read more about how Sentry uses your Personal Information here: You can also opt-out of Full Story at or by

Privacy Shield information

At Fronted we are committed to protecting your data and where possible we use UK based processing. There has been a recent GDPR legislation change in which Privacy Shields are now invalid. Though the UK is not a part of the EU, we are still conscious of US based processing of data and how to ensure our customers are protected.

Fronted are following guidance from the Information Commissioner’s Office (ICO), the UK’s information rights body and the European Data Protection Board (EDPB) that US data processing will only happen where suitable. If there is further authorisation needed, we will add the option onto our website.

We have identified MixPanel, Full Story, Smart Look and Sentry as third parties with potential US data processing. We will be updating our practices and Privacy Policy if a review is needed of the aforementioned companies as per ICO and EDPB guidance.

Disclosures of your personal data

We will be working with a regulated AISP and Credit Reference Agency, Credit Kudos and other legitimate agencies. This policy will be updated to reflect how data will be used following our move to trade. We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.

We may share your personal data with the parties set out below for these purposes:

  • Credit Reference Agencies (“CRAs”) and Fraud Prevention Agencies (“FPAs”).
  • Firms, businesses and professional advisors (e.g. lawyers and auditors) that help us provide you with the right product and services.
  • Service providers and business partners who assist with the running of the website and the operation of our business including hosting providers and payment processors. For example, personal data is shared with (amongst others):
  • Credit Kudos; a Credit Reference Agency that uses Open Banking data
  • Equifax; to connect consumer credit ratings and protect consumers against fraud.
  • HM Revenue & Customs, regulators and other authorities acting as processors or controllers who require reporting of processing activities in certain circumstances.
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

The personal information we collect about you depends on the particular activities carried out through our website. This is so we can create and manage your account with us, verify your identity, provide our services, customise our website and its content to your particular preferences, notify you of any changes and improve our services.

This information includes (but is not limited to):

  • your name, address and contact details
  • date of birth
  • bank account and payment details
  • information about the services we provide to you
  • your account details
  • salary
  • Open banking data (transactional information from your bank account)
  • details of any feedback you give us by phone, email, post or via social media

This information is recorded by both Fronted and external organisations that may access and use this information to prevent fraud and money laundering. CRAs and FPAs may use your information for statistical analysis. Information held by CRAs and FPAs will be disclosed to us and to other organisations in order to (for example):

  • prevent fraud and money laundering and to check and assess applications for credit, credit related facilities or other facilities;
  • recover debts that you owe and trace your whereabouts;
  • manage credit accounts and other facilities and decide appropriate credit limits;
  • verify your identity;
  • make decisions on credit and other facilities for you or your business;
  • check details on proposals and claims for all types of insurance; and
  • check details of job applicants and employees.

If you are to use a Fronted Deposit, we will give details of your loan and how you manage it to the CRAs. If you borrow and do not repay in full and on time, the CRAs will record the outstanding debt and, in some cases, the length of time that the debt remains outstanding. Other organisations may see these updates and this may affect your ability to obtain credit in the future.

If you fall behind with your payments and a full payment or satisfactory proposal is not received within 14 Days of a “Notice of Default” being issued then a “Formal Demand” will be issued and a default registered on your Credit File with CRA’s.

This information may be supplied to other organisations by CRAs and FPAs to perform similar checks and to trace your whereabouts and recover debts that you owe.

If you give us false or inaccurate information and we have reasonable grounds to suspect fraud or we identify fraud we may record this and may also pass this information to FPAs and other organisations involved in crime and fraud prevention including law enforcement agencies who may then access this information.

Equifax, Experian and TransUnion, the ICO and the major financial services trade associations have developed a common statement, Credit Reference Agency Information Notice (CRAIN). This defines the standards that all three Credit Reference Agencies will apply across all products and services in relation to processing consumer data. You can read the CRAIN here.

Use of Automation

We may use systems to make automated decisions using the personal information we have obtained from you and other sources about you or your business. Automating decisions allows us to make consistent, efficient and quick decisions regarding the products and services we offer. These automated decisions can affect the products and services we may offer you now or in the future, or the price that we charge you for them.

We will ensure that you are aware of when automated decisions are being made. Currently all customer interactions will be reviewed manually by an underwriter. This data will then be used to help move towards more automated decisions and communication.

Currently we use automation in the following areas:

Decision How Automation occurs
Fronted Deposit estimate When you apply for a Fronted Deposit, from your salary, rent and other details, we automatically calculate what deposit range we could offer you.
Audience grouping We may group customers with similar characteristics e.g. living with roommates. This is so we can tailor messaging and products to your needs.
Detecting Fraud We use analytics to alert us if there are discrepancies or there is usual activity.
Opening Accounts Both when you sign up for an account or connect your details, automation occurs when creating your user profile. Before proceeding, all information is manually checked by an underwriter.

Your data rights and preferences

Do Not Track

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.


We are committed to ensuring that your information is secure. Appropriate security measures are in place to protect against loss, misuse or alteration of information collected from you, including measures to prevent, as far as possible, access to our databases by parties other than Fronted.

Retention of Data

We will retain your personal data for as long as we are required to under relevant legislation and regulation, and where no specific rules apply, for no longer than it is necessary for our lawful purposes. This will usually be no more than six years from the end of our relationship with you. The retention period of your personal data may need to be extended where we require this to bring or defend legal claims.

We may also retain data for longer periods for statistical purposes, and if so we will anonymise this.

Why do we collect and store data?

We will keep your personal information for as long as is necessary to fulfil the purposes outlined in this privacy policy, unless we are required or permitted by law to retain that information for longer than this.

We will need to keep your personal information for as long as you are a customer.

After your relationship with Fronted ends, we may keep your data for up to 6 years for the following scenarios:

  • To respond to any queries or complaints
  • To show that we have acted and treated you fairly
  • To maintain records according to rules and regulations that apply to us

In some circumstances, we will keep your data for longer than 6 years if we cannot delete it for regulatory or legal reasons. If it is required to extend our retention period, we will continue to ensure that your privacy is protected and we will only use it for the specified reasons.

How can you amend your marketing preferences?

Both when you enter our site or sign up as a user, we will confirm that you have opted into our services. Any electronic marketing communications we send you will include clear instructions to follow should you wish to unsubscribe at any time.

You may also amend your contact preferences by emailing us at

Your Rights

As a data subject, you have a number of rights:

  • the right to be informed about the collection and use of your personal data;
  • the right to access the personal data we hold about you (Subject Access Request);
  • the right to rectify inaccurate personal data or complete it if it is incomplete;
  • the right to erasure and have your personal data deleted;
  • the right to request restriction of or suppression of your personal data;
  • the right to obtain and make use of your personal data for your own purposes across different services ("portability");
  • the right to object to the processing of your personal data in certain circumstances; and
  • rights related to automated decision-making including profiling.

Your data protection rights are subject to certain restrictions and conditions and financial organisations are required to retain a range of your information for legal and regulatory reasons including responsible lending and the prevention of financial crime.

Fronted is required to keep a record of the information reported to the Credit Reference Agencies about you and will therefore retain repayment information regarding your loan for six years from the date that the loan is settled/closed. If your account is recorded as defaulted, the data is kept for six years from the date of the default. This may be extended where we require this to bring or defend legal claims.

If you think that any of the personal data we hold about you is wrong or incomplete you have the right to challenge it.

We will not make a charge for handing your rights request, unless we consider it to be manifestly unfounded or excessive involving a disproportionate effort (particularly if this is a repeated request). If you would like to exercise any of the rights outlined above, you can make it in writing by emailing

We will assess your request and if we decide not to act upon it or place certain restrictions on it, we will inform you of our reasons for this.

You have the right to complain to us and to the data protection regulator, the Information Commissioner’s Office. Their address is: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. They can be contacted by phone on 0303 123 1113 (local rate) or 01625 545745 if you prefer to use a national rate number.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation. You can find details on how to report a concern at:

International Data Transfers

We will only send your data outside of the European Economic Area ('EEA') to:

  • Follow your instructions (e.g. right to portability); or
  • Comply with a legal duty; or
  • Work with our agents and advisers who we use to help run your accounts and services

Some of our third parties as referenced in the ‘Third Parties’ section, are based outside the EEA, and stores your data as per the Standard Contractual Clauses (SCC) outlined in GDPR.  Transfer it to a non-EEA country with privacy laws that give you the same protection as the EEA as per Standard Contractual Clauses (SCC). You can find out more about data protection on the European Commission Justice website here. When you send an email to Fronted, you agree to your data being stored and processed in this way.

Fraud Prevention Agencies may also transfer your personal information outside of the EEA, when this occurs they impose contractual obligations on the companies or organisations that receive your information so that they protect your personal information to the standard required in the EEA. They may also require the companies or organisations who receive that personal information to subscribe to 'international frameworks' intended to enable secure sharing of personal information.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you would like to know how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit Get Safe Online.

Our website may contain hyperlinks to websites that are not operated by us. We urge you to review any privacy policy posted on any site you visit before using the site or providing any personal information about yourself.


We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. Updated versions of this policy will be posted on our website. If there are significant changes we’ll let customers know by email.

Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at:

If you would like this website privacy policy in another format (for example: audio, large print, braille) please contact us at:

v2.0 – Last Updated: September 2020

Join Waitlist
Contact Us

Fronted is a trading name of Fronted Holding LTD. We are registered in England and Wales (Company Number 12278750). Our registered office address is 81 Rivington Street, London, EC2A 3AY. We are part of the FCA regulatory sandbox - Cohort 6. The regulatory sandbox allows firms to test innovative offerings in a live environment. More information on the FCA's regulatory sandbox can be found here.

Made with ❤️ and ☕️ in London