About Us

Your Trusted Finance Partner

Praevidus Commercial Finance offers expert lending solutions tailored for businesses of all sizes, ensuring strategic support to help you navigate complex funding landscapes and achieve your growth ambitions.

Expertise You Can Trust

Tailored Financial Solutions For You

With over 20 years in corporate & business banking, our experienced team provides personalised support, helping businesses review their funding needs for growth, acquisitions, working capital, and more to thrive in the UK market.

• Registered Company Name - Praevidus Commercial Finance Limited

• Registered Office Address - 134 Hythe Hill, Colchester, CO1 2NF

• Company Registration Number - 15848224

• ICO Number - ZB723372

Privacy Notice

Praevidus Commercial Finance website is owned by Praevidus Commercial Finance Limited, which is a data controller of your personal data.

We have adopted this Privacy Policy, which determines how we are processing the information collected by Praevidus Commercial Finance, which also provides the reasons why we must collect certain personal data about you. Therefore, you must read this Privacy Policy before using Praevidus Commercial Finance website.

We take care of your personal data and undertake to guarantee its confidentiality and security.

Who we are

Praevidus Commercial Finance Limited, is an independent commercial finance broker. We are committed to protecting your personal data and ensuring transparency in how we use it.

Data Controller: Praevidus Commercial Finance Limited

AFS Compliance Ltd acts as the principal firm under the Financial Conduct Authority (FCA) Appointed Representative (AR) regime. We are responsible for overseeing compliance through a network of Appointed Representatives (ARs) who operate under our regulatory permissions.

We provide access to our bespoke compliance platform, BIPS, which is used to process finance applications, enforce compliance workflows, and manage deal flow securely. BIPS logs user activity, automates regulatory checks, and ensures consistent adherence to legal and financial standards.

As Principal, we are the data controller for activities related to regulatory oversight, AML, monitoring, and platform performance. In some cases, we act as joint controllers or processors in coordination with ARs and lenders. Joint controller roles are governed by the Data Use and Access Act 2025 (DUAA), which sets out mandatory joint-controller responsibilities, record-keeping, and liability sharing.

Email: gdpr@afsuk.com

Our Data Protection Officer (DPO) can be contacted at the above email for any questions about this notice or your rights.

What Personal Data We Collect

We may collect and process the following categories of personal data:

• Type Identity & Contact Data

• Category Name, date of birth, address, phone numbers, email address, ID documentation (passport, driving license)

• Type Financial & Credit Data

• Category Income, expenditure, credit history, employment details, Bank details, financial commitments, and credit reports

• Type Transactional Data

• Category Details about the finance products or services you’ve engaged with

• Type Usage Data

• Category IP address, browser type, interaction with our website or services

• Type Special Category Data

• Category Health information (e.g., if disclosed as part of accessibility or vulnerability declarations)
  Only collected with explicit consent

BIPS, our compliance platform, automatically logs deal-related activity, time-stamps key compliance events, and tracks access to sensitive data. These logs are used for regulatory supervision and internal auditing.

How We Collect Your Data

We collect data:

• Directly from you – via forms, phone, email, or our website

• From third parties – including credit reference agencies, introducers, franchisees, and fraud prevention bodies

• Via automated technology – such as cookies and web analytics tools

Why We Process Your Data (Purposes & Lawful Bases)

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

1. Consent: the individual has given clear consent for you to process their personal data for a specific purpose

2. Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract

3. Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations)

4. Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law

5. Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)

• Purpose To assess and arrange finance products

• Legal Basis Contractual necessity (Art. 6(1)(b))

• Explanation To take steps at your request prior to entering a finance agreement

• Purpose To carry out credit and fraud checks

• Legal Basis Legitimate Interests (Art. 6(1)(f)) & Contractual necessity (Art. 6(1)(b))

• Explanation These checks are required by financial crime laws and to assess your suitability for finance.

  To take steps at your request prior to entering a finance agreement.

• Purpose To communicate with you about your application or finance options

• Legal Basis Contractual necessity (Art. 6(1)(b)) & Legitimate Interests (Art. 6(1)(f))

• Explanation To ensure clear service delivery and client care

• Purpose To refer your application to lenders or franchisee brokers

• Legal Basis Legitimate Interests (Art. 6(1)(f)) & Contractual necessity (Art. 6(1)(b))

• Explanation To fulfil your finance enquiry effectively

• Purpose To meet legal and regulatory obligations

• Legal Basis Legal obligation (Art. 6(1)(c))

• Explanation To comply with UK financial and data protection laws

• Purpose To monitor service quality and handle complaints

• Legal Basis Legitimate interests (Art. 6(1)(f))

• Explanation To improve service and resolve disputes

• Purpose Marketing communications

• Legal Basis Consent (Art. 6(1)(a))

• Explanation We will only send marketing communications with your explicit opt-in

• Purpose Processing special category data (e.g., health)

• Legal Basis Explicit Consent (Art. 9(2)(a))

• Explanation Only processed if freely given by you for specific support needs

• Purpose To monitor compliance via the BIPS platform

• Legal Basis Legal obligation (Art. 6(1)(c)) & Legitimate interests (Art. 6(1)(f))

• Explanation To ensure ARs meet FCA regulatory standards and prevent misuse of the platform or financial crime exposure

Credit Checks:

To facilitate the performance of the contract with you, Synergy Commercial Finance Limited may need to conduct credit checks, either on our behalf or directly through a lender.

By continuing your application for credit, you acknowledge and consent that credit checks may be carried out, which could impact your credit file.

By continuing your application for credit, you are processed under Legitimate Interests and/or Legal Obligation, and in line with DUAA this does not rely on consent. Credit checks may impact your credit file.

Where we rely on Legitimate Interests, we have completed a Legitimate Interests Assessment (LIA). A summary of these assessments is available upon request.

Who We Share Your Data With

We may share your data with the following third parties, where appropriate:

• Lenders and Financial Product Providers (a full list is available by contacting gdpr@afsuk.com or by clicking here).

• AFS Compliance Ltd (our regulatory compliance body)

• Franchisee firms within our broker network

• Credit Reference Agencies (e.g. Experian, Equifax, TransUnion)

• Fraud prevention agencies (e.g. CIFAS)

• Regulators, such as the Financial Conduct Authority (FCA) or Information Commissioner’s Office (ICO)

• IT service providers, hosting and document management systems

All sharing with lenders, ARs and product providers is governed by the DUAA, which sets out controller responsibilities and safeguards. Under DUAA joint controller provisions, we and relevant lenders/ARs must ensure you are told which party to contact for exercising your data rights, who is primarily responsible for complaints, and how liability is apportioned.

Automated Decision-Making and Profiling

Some lenders may use automated decision-making (e.g., credit scoring) to assess your eligibility. You will be informed directly if this occurs and can request human intervention or express your point of view.

We may use limited profiling to help match you with finance providers that best suit your circumstances or business needs. This involves evaluating financial information and preferences to support product suitability decisions.

We do not make decisions solely based on automated profiling that produce legal or similarly significant effects. Profiling activities are carried out under Legitimate Interests in compliance with the DUAA. You have the right to object and request human review.

International Transfers

Your data is primarily stored in the UK. If it must be transferred outside the UK/EEA, we ensure:

• Appropriate standard contractual clauses (SCCs) are in place

• Or the transfer is to a country with adequate data protection laws

• DUAA Transfer Codes or equivalent DUAA-compliant safeguards are in place (replacing reliance solely on EU SCCs)

How We Protect Your Data

We take the protection of your personal data seriously. We use a combination of technical and organisational measures to safeguard it. These include:

• Encryption and secure cloud storage

• Role-based access controls

• Firewalls, antivirus protection, and intrusion detection

• Two-factor authentication where appropriate

• Regular training for staff and Appointed Representatives (ARs)

• Logging and audit trails through our BIPS platform

Data Retention

We retain personal data for up to 6 years after your case is closed, in line with FCA requirements and to support legal claims or audits. Specific retention periods may vary depending on the data type:

• Finance application data: 6 years after case closure

• AML/KYC documentation: 6 years from end of relationship

• Call/email records and case correspondence: 3–6 years

• Marketing preferences: Until you withdraw consent

In some cases, we may retain data longer if legally required (e.g., under HMRC rules).
Retention periods are reviewed for DUAA compliance, particularly in relation to credit check data.

Your Rights

You have the following rights under the UK GDPR:

• Right to access – get a copy of your personal data

• Right to rectification – correct inaccurate or incomplete data

• Right to erasure – request deletion in certain cases

• Right to restrict processing – in limited situations

• Right to data portability – receive your data in a structured format

• Right to object – to processing based on legitimate interests or direct marketing

• Right to withdraw consent – at any time for processing based on consent

To exercise any of these rights, contact: gdpr@afsuk.com

If you’re unsatisfied with our response, you can complain to the Information Commissioner’s Office (ICO): www.ico.org.uk | Tel: 0303 123 1113

For questions related to your specific finance application, please contact your broker directly. For questions about how your data is processed on the BIPS platform or about AFS Compliance’s role, contact gdpr@afsuk.com.

Cookies and Online Tracking

We use cookies and similar tracking tools to:

• Enhance website functionality

• Measure traffic and performance

• Improve your user experience

We use cookies and tracking tools in compliance with the UK Privacy and Electronic Communications Regulations (PECR) and UK GDPR. Where required, we request your consent before placing non-essential cookies.

You can manage cookie preferences through our Cookie Policy or browser settings.

Children’s Data

We do not knowingly provide services directly to children (under 18s). Our services are intended for business and commercial finance applicants. If we become aware that we hold personal data relating to a child without proper legal basis, we will delete it in accordance with DUAA and UK GDPR.