By ‘We’, Our or ‘Us’, we refer to our firm, Social Money Limited which uses the trading name ‘Payl8r’. We are Registered in England and Wales at the Registered Address: St Johns House, Barrington Road, Altrincham WA14 1JY.

By “You” we mean you, the user of this website and the individual/customer that may seek to access, or has accessed, our services.

We are Authorised and Regulated by the Financial Conduct Authority. Our Firm Reference Number is 675283 and you can check our registration by going to the FCA’s register at

For the purposes of the Data Protection Act (‘DPA’), we are the ‘Data Controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).


We are registered with the Information Commissioner’s Office, Registration Number: ZA026178.


You can contact us via our website, or using the information provided below:

  • Telephone: +44 (0) 161 425 6363
  • Email:
  • In-person or by Post: St Johns House, Barrington Road, Altrincham WA14 1JY.


Our Privacy Policy concerns the website and our internal systems, controls and processes in how your personal data is used. Your privacy is very important, and we have set out below how we process any personal data collected from you or provided by you. If you access any other websites which may be linked to our websites, they are not covered by this Policy. We advise you to check the appropriate privacy policy when accessing linked websites.

We take the privacy of our website users seriously and we are committed to protecting your privacy in compliance with European Union (EU) and United Kingdom (UK) data protection laws and regulations, including from the 25th May 2018, the General Data Protection Regulation (EU 2016/679) ‘Data Protection laws’.

This Privacy Policy explains what personal data is collected about you via the website and what we do with that personal data.

We provide this Privacy Policy to make you aware of our practices in connection with your privacy and of the choices you can make about the way your personal data is collected via the website and used.


‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

We will process your data for the following purposes:

  1. To contact you in relation to an online enquiry;
  2. To process your application for lending including for identity verification, fraud prevention, detection and anti-money laundering purposes;
  3. To assess whether it is appropriate to lend to you;
  4. To provide finance to you;
  5. To recover the monies we may lend to you;
  6. To provide you with requested services, including support, updates and communications regarding requested services;
  7. To record any information required for the tailoring of our services in consideration of any of your needs and requirements;
  8. To improve our services and customise our website and its content to your particular preferences; and
  9. To comply with any laws or regulations to which we are subject.


Data Protection Laws require that we meet certain lawful grounds before we are allowed to use your personal data in the manner described in this Privacy Policy and that we will explain these legal grounds to you. We take our responsibilities under Data Protection Laws seriously, including meeting these conditions.

We rely on the following lawful bases for processing:

  1. Contract (i.e. where we need to process personal data to deliver a contractual service to a customer or because a customer has asked that we do something before entering into a contract).
  2. Consent (i.e. where we have asked whether you wish to permit us to process data in a certain way and you have told us that you allow us to do so).
  3. Legal obligation (i.e. where we need to process the personal data to comply with a common law or statutory obligation).


We will obtain personal data when you contact us for any reason or proceed with our services. In certain circumstances, we may hold special category data (also known as sensitive personal data) we will require this information to tailor our approach to how we can best assist you and your needs. For instance, you may have a medical condition which means that a third-party deal with your affairs or you may have an impairment which would mean we would be best to contact you via a different method.

Any special category data held will be treated with the strictest of confidence and will be held purely based on your explicit consent to aid us in providing the best service to you. If you do not provide your explicit consent relating to any impairment or vulnerability, the information will not be recorded and will also not be disclosed to any third parties.



You may provide us with your Identity, contact and financial data by completing online forms or by corresponding directly with us via post, phone, email or otherwise. This includes the personal data you provide when you:

  • Engage our services;
  • Provide us with feedback; or
  • Request marketing to be sent to you.


We also collect personal data about you from third party sources. The data collected from third party sources are as follows (please note, this is a general accounting and does not necessarily indicate that the below data will be obtained from third party sources, only that it may be obtained and if available and relevant to the service provided):

Data Collected Examples of Data Collected Gathered From When
Personal Identity Information Name, surname, date of birth, country, mobile number, employment status Application form Generated as a result of providing our services to you.
Personal Credit Rating Your Credit Rating. Equifax Obtained as part of the lending application in order to assess your creditworthiness and affordability.
Financial information Income, debt level, credit limit, account numbers, bank statements, adverse financial history including CCJs. Perfect Data Solutions Limited Obtained as part of the lending application in order to assess your creditworthiness and affordability.
Technical Information Internet Protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating systems and platform. Cookies From you when using our websites and in accordance with our Cookie Policy.


We will only use the personal data you provide to us as described in this Privacy Policy, including any supplemental privacy information, as set out above. We will store and process your personal data on our computers.

We will observe the rights granted to you under applicable Data Protection Laws, as set out below, and will ensure that queries relating to privacy issues are dealt with promptly and in a transparent manner.

We will only collect and process your personal data where we have lawful grounds to do so.

We will update our records if you inform us that your details have changed. Please tell us (see contact details above) as soon as possible about this. We will update our records promptly once we are satisfied that the new information (such as your new address or contact details) is accurate.


Throughout the provision of our service, we may need to disclose personal data to third parties. The categories of recipients of personal data are as follows:

  1. Service Providers required for the provision of our service (specific service providers available upon request).
  2. Credit Reference Agencies.
  3. Third party affiliates in accordance with this Privacy Policy.
  4. HM Revenue & Customs, the Financial Conduct Authority (FCA), The Information Commissioner’s Office (ICO), other Regulators and other authorities acting as processors based in the United Kingdom who require reporting of processing activities in certain circumstances.
  5. Accountants, Solicitors, Compliance Consultants and other like services acting as processors based in the United Kingdom who require the reporting of processing activities in certain legal and compliance circumstances.
  6. Third parties to whom we may choose to sell, transfer or merge parts of our business or assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change in these circumstances occurs, your personal data will be used in the same way as set out within this Privacy Policy.


Google Analytics is a service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyse how users use our website and our mobile site. The information generated by these cookies (including your truncated IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your, and other users’, use of our website. Compiling reports for us on website activity and providing other services relating to website activity and internet usage. The Google Analytics advertising features we use, and the insights they provide are:

AdWords Remarketing — uses behaviour, demographic, and interest data to identify users who are likely to convert, and then allows you to target those users with remarketing campaigns through Google Ads.

Demographics and Interests Reporting — provides insight into the age, gender, and purchase interests of users, which you can use to better target your advertisements.

Google Display Network (GDN) Impression Reporting — measures the impact of unclicked GDN Display ad impressions on conversions and site behaviour.

Please note that Google receives your truncated IP address. This is sufficient for Google to identify (approximately) the country from which you are visiting our sites or accessing our website but is not sufficient to identify you, or your computer or mobile device, individually. You can find more information here, including a link to Google’s privacy policy.

To opt-out of analysis by Google Analytics on our website and other websites, please visit


We currently do not transfer data outside of the United Kingdom (UK) or European Economic Area (EEA). Personal Data shared with third-party operational providers, required for the provision and operation of our services (as described within Recipients of Personal Data), may transfer personal data outside of the UK and EEA. Should this be the case, the international transfer will be made in accordance with an adequacy decision or subject to appropriate and documented safeguards.


Right Description
Your right to access The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data as well as other supplementary information. It helps you to understand how and why we are using your data, and to check we are using it lawfully.
Your right to rectification You have the right to have inaccurate personal data rectified. You may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary statement to the incomplete data.
Your right to erasure Under certain circumstances, you have the right to have personal data erased. Also known as ‘The right to be forgotten’. The right is not absolute.
Your right to restrict processing Under certain circumstances, you have the right to request the restriction or suppression of your personal data, and as like the right to erasure, it is not absolute. Restriction of processing means we are permitted to store your personal data; we are unable to use it.
Your right to data portability You have the right to obtain and reuse your personal data for your own purposes across different services. This eases the copying or transferring of personal data easily from one IT environment to another, safely and securely, without affecting the usability of the data.
Your right to object Under certain circumstances you have the right to object to the processing of your personal data, however, you do have the absolute right to object to direct marketing.
Your right to be informed You have the right to be informed about the collection and use of your personal data. Your right to be informed forms part of this policy, and provides the purposes for processing your data, our retention periods and who it will be shared with.


To withdraw consent please see the contact information detailed within this Policy. Should consent be withdrawn for a particular purpose that we are relying on that consent to perform, we may be unable to provide you with our services or may be unable to tailor our services to your needs which may subsequently impact the service we provide.

Should you wish to unsubscribe from any marketing methods, you may do so by selecting the ‘unsubscribe’ link or by contacting us using the contact information described within this Policy.



We will only retain your personal data for as long as is necessary to fulfil our obligations under the provision of our service as well as any purposes necessary to satisfy any legal, accounting or reporting requirements.

We will take seps with a view to permanently deleting, destroying or anonymising your personal data (which means that we are no longer able to identify you from it) when it is no longer necessary for its purpose.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk, harm of unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, including applicable legal requirements.

Details of retention periods for different aspects of your personal data are available upon request. By law, we have to keep certain information about our customers and this data will be held solely and securely for those legal purposes.


You have the right to access your personal information, also known as a Subject Access Request (SAR). This means you are entitled to obtain the following information about yourself:

  • Confirmation that we are processing their personal data;
  • A copy of your personal data; and
  • Other supplementary information.

A third party may make a request on your behalf. We will require evidence from the third party to this entitlement. This may take the form of a written authority or be a more general power of attorney.


We must act on your subject access request without undue delay and at the latest within one month of receipt. This is calculated as beginning from the day following receipt of the request until the corresponding calendar data the following month. We may request your identity to satisfy the SAR, however, this will be proportionate to the request itself and if we have doubts of the authenticity of identification.

As you have the right to be informed, we will always ensure you are notified within one month of receiving the request. Please note, we may extend the time to respond by a further two months if the request is complex or you have made multiple requests and we will provide you with an explanation for this.

If you make a request electronically (via electronic means), we will provide the information in a commonly used electronic format unless you have specified otherwise.


For the vast majority of requests, we cannot charge you a fee. Where the request is manifestly unfounded or excessive, we may charge a reasonable fee to cover the administrative costs of complying with the request. This also applies in the event that you request further additional copies of data following your initial request. This will again be charged as an administrative cost.


A cookie is a small file of letters and numbers that is downloaded on to your computer when you visit a website. Cookies are used by many websites and can do a number of things such as remembering your preferences, recording what you have put in your shopping basket, and counting the volume of people accessing the website. We do use cookies. For more information on our use of cookies, please see our Cookie Policy.


Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and these are not governed by this privacy statement. You should exercise caution and look at the Privacy Policy applicable to the website in question.


We are committed to ensuring the security of your personal data.

In accordance with our obligations under Data Protection Laws, to prevent unauthorised access to our disclosure of your personal data (including card payments), maintain data accuracy, and ensure the appropriate use of your personal data, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect online.

However, you acknowledge that, unfortunately, the transmission of information via the internet, including the online enquiry forms you submit to us and/or any information provided on Webchat, is not completely secure. We cannot guarantee the security of your data transmitted to the website, so any transmission (i.e. your sending of the personal data to us) is at your own risk. Once we have received your personal data, we will use the steps detailed above to protect it.


If you are not happy with the way in which your personal data is held or processed by us, or if you are not satisfied with our handling of any requests by you in relation to your rights to any automated profiling that we carry out, our Data Protection Officer would be happy to help. You can contact our Data Protection Officer at Payl8r, St Johns House, Barrington Road, Altrincham WA14 1JY.

Alternatively, you have the right to lodge a complaint to the supervisory authority, the Information Commissioner’s Office (ICO) by calling 0303 123 1113. The ICO is the UK’s independent body set up to uphold information rights. You can find out more about the ICO on its website ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. If you would like to make a complaint, see our Complaint Policy here.


Any changes to our Privacy Policy in the future will be posted to our sites and, where appropriate, through e-mail notification. This Privacy Policy was last updated Friday 9th June, 2022.

Payl8r Logo - White

Payl8r are pioneers of fair and responsible lending.

For Business

Contact Us

Social Money Ltd t/a Payl8r, a company registered in England under company number 08054296, and is authorised and regulated by the Financial Conduct Authority, and is entered on the Financial Services Register under reference number 675283. Registered with the Information Commissioner’s Office under reference number ZA026178.

© Payl8r | All Rights Reserved