Kabbage is registered under the Act with registration number Z3189306 and will act as a Data Controller.
Kabbage collects two types of information: 1. personal information that users knowingly disclose to Kabbage when filling in online credit applications and registration forms on our website or which we obtain about our users from third parties (e.g. Credit reference agencies) and 2. website-use information automatically generated by users as they interact with the site.
We may receive information from another lead provider/broker, namely any third party entity which provides services or information to customers regarding the availability and terms for short term loans and which provides us with information and customer lead generation.
When users sign up to apply for Kabbage credit services, they are asked to provide profile information such as name, address, phone number, email address, preferences and other similar information. Kabbage may also collect certain financial information, including bank account numbers and routing numbers for funding and repayment purposes. We also collect tokens from online marketplaces and payment systems such as eBay and PayPal.
Kabbage may also require users to provide additional information to help verify identity or address, assess creditworthiness or manage risk, such as date of birth, National Insurance number or other information. Kabbage may also obtain information about users from third parties such as Credit reference agencies ("CRAs"), fraud prevention agencies or other identity verification services.
Website - Use Information
Kabbage collects certain information from user's browsers using small data files called “cookies.” Kabbage uses session ID cookies to confirm that users are logged in. This type of cookie helps Kabbage recognise a user if he or she visits multiple pages on our site during the same session, so that we do not need to require a password to access each page. These cookies terminate once the user closes the browser. By default, we use a persistent cookie that stores your login ID (but not your password) to make it easier for you to login when you come back to Kabbage. We encode our cookies so that only we can interpret the information stored in them. Users can remove or block this cookie using the settings in your browser if you want to disable the feature.
The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 requires that cookies can only be placed on a computer where the user has given their express consent. You can choose to accept or decline cookies when you first access our website. We require you to indicate your choice via an automated "pop-up" box, which explains the cookies we use and what we use them for.
Kabbage also stores transaction history and user relationships/interactions. Users can request working capital and send money using Kabbage. We collect this information so that we can provide users with a meaningful service.
Kabbage may collect additional information in other ways not specifically described here. For example, we may collect information related to interactions with customer service or responses from surveys or other feedback tools.
Use of Information Obtained by Kabbage
Kabbage's primary purpose in collecting personal information is to provide users with a safe, smooth, efficient and customised experience and allow them to take full advantage of our products and services. Kabbage uses this information to: 1. provide services and support; 2. process transactions and send notifications regarding general operation of the service, such as messages or reminders, resolve disputes, collect fees and troubleshoot problems; 3. prevent potentially prohibited or illegal activities and enforce our User Agreement; 4.customise, measure and improve our services and the content and layout of our website; 5. compare information for accuracy and verify it with third parties.
We use your data to provide you with data about goods and services which may be of interest to you, and we may contact you about these by post, e-mail, telephone and SMS. We will pass your personal data to carefully selected third parties who may market directly to you by post. If you wish us to pass on your data to such third parties for marketing by electronic means (email, telephone and/or SMS) you will need to opt-in when providing your data.
Data Transfer Outside EEA
As a business based in the United States, it is necessary for Kabbage to transfer information held about you to the United States for processing. The Eighth Data Protection Principle of the Act restricts the transfer of personal data to a country outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects. In order to comply with this principle Kabbage certifies that it is a member of the Safe Harbor scheme and adheres to the principles of this scheme including notice, choice, onward transfer, security, data integrity, access and enforcement. Further information about Kabbage's Safe Harbor membership can be found [here].
Storage of Personal Information
Kabbage stores and processes user information using third party servers located in secure data centres in the US. This information is protected by physical, electronic and procedural safeguards . Kabbage uses computer safeguards such as firewalls and data encryption using secure socket layer technology ("SSL") and authorises access to personal information only for those employees who require it to fulfil their job responsibilities.
Kabbage never stores payment or related personal data at its office. Instead of storing payment information on company systems, Kabbage stores this information in PCI-compliant and PA-DSS certified data centers residing within the banking and processing network. Kabbage encrypts and securely transmits user payment information to the banking network at the time of initial payment acceptance. Kabbage receives the response along with a “payment token” that it uses to reference that transaction for any future billing action. Kabbage stores only this secure token.
Sharing of Personal Information with Third Parties
Kabbage may share personal information with third-party service providers under contract who help with certain parts of our business operations including decisioning, customer services, payment, fraud prevention, secure data storage and other similar services. Kabbage ensures that these parties are properly licensed and regulated and only use personal information in connection with the services they perform for Kabbage.
Kabbage may be compelled, in accordance with the Act, to share personal information to law enforcement, government officials or other third parties in the event of a court order or similar legal procedure or when Kabbage believes in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our User Agreement.
Kabbage will not sell or rent any of your personal information to third parties in the normal course of doing business and only shares your personal information with third parties as described in this policy.
Kabbage will never share a user's financial information with other customers
Credit Reference and Fraud Prevention Agencies
When you submit an application form or registration request you confirm that all the information you have given is true and complete. When you submit an application form you authorise us to check our records and those at CRAs about you and others.
When CRAs receive a search form from us they will place a search footprint on your credit file that may be seen by other lenders. They supply to us both public (including the electoral register) and shared credit and fraud prevention information and those at fraud prevention agencies (FPAs).
We will make checks such as are deemed necessary to assess your application for credit and verify identities to prevent and detect crime and money laundering. We may also make periodic searches at CRAs and FPAs to manage your account with us.
Information on application forms that you submit to us will be sent to CRAs and recorded by them. Where you borrow form us, we will give details of your accounts and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks and to trace your whereabouts and recover debts that you owe. Records remain on file for 6 years after they are closed, whether settled by you or defaulted.
If you tell us that you have a spouse or financial associate, we will link your records together so you must be sure that you have their agreement to disclose information about them. CRAs also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies.
Section 7 of the Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act by writing to us at email@example.com or Kabbage, Inc., 10 Orange Street, Haymarket, London, WC2H 7DQ, United Kingdom. Any access request may be subject to a small statutory fee to meet our costs in providing you with details of the information we hold about you.
If you have questions or concerns regarding this policy, please contact us at the addresses provided above or on 0808 120 3641.