TillFlow – Privacy Policy

1. Who We Are

TillFlow is a UK‑based commercial finance platform operated by Neptune Credit Brokers, L.P. We are committed to protecting your privacy and complying with the UK GDPR and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, share, and protect your personal and business information.

2. What Data We Collect

We may collect and process the following categories of information:

- Business Information: Company name, registration number, trading details, turnover, industry sector, and related data.

- Contact Information: Name, email address, phone number, job title, and communication records.

- Usage & Technical Data: IP address, browser type, device details, operating system, and interaction data on TillFlow.com.

- Third‑Party Data: Information shared by lenders, brokers, or finance partners following introductions made through TillFlow.

3. How We Use Your Data

We use your information to:

- Match your business with suitable lenders and finance partners.

- Process and respond to your enquiries.

- Improve our platform, services, and user experience.

- Conduct fraud prevention, due diligence, and verification.

- Comply with legal and regulatory obligations.

4. Lawful Basis for Processing

We process your data under the following lawful bases:

- Contractual Necessity: To provide requested finance introductions.

- Legitimate Interest: To enhance security, improve services, and ensure efficient business matching.

- Consent: For optional marketing or where explicitly required.

- Legal Obligation: To comply with UK law or regulatory authorities.

5. Sharing Your Data

We may share your data with:

- Commercial lenders and finance providers (with your consent or request).

- Commercial brokers involved in your finance enquiry.

- IT, analytics, hosting, and technology service providers.

- Professional advisers where legally appropriate.

- Regulatory, enforcement, or legal authorities if required.

6. Data Retention

We retain your data only as long as necessary for the purposes outlined in this Policy or as required by law. Typical periods include up to 6 years for compliance and audit purposes. Technical data may be retained temporarily for operational and security reasons.

7. Your Rights

Under UK GDPR, you have the right to:

- Access your personal data.

- Request correction or deletion of inaccurate data.

- Object to processing based on legitimate interest.

- Request restriction of processing.

- Withdraw consent at any time.

- Request a portable copy of your data.

To exercise your rights, contact us through the designated form on TillFlow.com.

8. Data Security

We implement industry‑standard technical and organisational security measures, including encryption, access controls, secure servers, and ongoing monitoring to protect your data from loss, misuse, or unauthorised access.

9. International Data Transfers

Where data is transferred outside the UK, we ensure protection through Standard Contractual Clauses, adequacy decisions, and additional safeguards required under UK GDPR.

10. Cookies & Tracking Technologies

TillFlow uses cookies and tracking tools to improve functionality, performance, and analytics. Further details are provided in our Cookie Policy.

11. Updates to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on TillFlow.com. Continued use of our platform indicates acceptance of any changes.

12. Contact Us

For questions about this Privacy Policy or to exercise your data rights, please contact us via the appropriate form on TillFlow.com.