Data Privacy Notice for Borrowers

Maslow Capital Partners Limited, Maslow Capital Advisers Limited and Maslow Capital Advisers II Limited, which delegate all of their obligations to Maslow Capital LLP (‘Maslow’), respect your privacy and are committed to protecting it. This Privacy Notice gives you information about what personal data we collect, why we collect it, how you can access this and your rights in relation to it.

Maslow Capital LLP has the registered number OC345252 and has its registered office at Maslow Capital LLP, 6 Duke Street, St James’s, London, SW1Y 6BN. Each of Maslow Capital Partners Limited, Maslow Capital Advisers Limited and Maslow Capital Advisers II Limited has its registered office at Third Floor, 1 Le Truchot, St Peter Port, Guernsey GY1 1WD.

Maslow Capital LLP is responsible for the collection and use of your personal information for the purposes described in this Privacy Notice and its contact details can be found in the “How to Contact Us” section below.

Data Protection law says that we are allowed to use your personal information only if we have a legal basis to do so. This includes sharing it outside of our Maslow group. The law says we must have one or more legal bases to process your personal information, and these include:

  • to fulfil a contract we have with you, or
  • when it is our legal duty, or
  • when it is in our legitimate interest, or
  • when you consent to it.

When we have a business or commercial reason of our own to use your information, this is called a ‘legitimate interest’. We will tell you what that is, if we are going to rely on it as the reason for using your data. Details of our legitimate interests are set out in this Privacy Notice.

Below is further detail around the information we collect, why, how you can access this and requests you can make about it.

1. Funding your project with Maslow

What information do we collect?

Before we fund any development, Maslow undertakes an underwriting process, which requires potential borrowers to send us personal information in order that we can make sufficient background checks, including Know Your Customer (‘KYC’) and Anti-Money Laundering (‘AML’) checks.

This includes but is not exclusive to:-

  • Copies of your ID e.g. passport, driver’s license;
  • World check name match – search result;
  • Credit scores;
  • On electoral roll;
  • Detail on your assets and liabilities; and
  • CVs.

These checks are carried out on:

  • all directors;
  • all ultimate beneficial owners within each corporate structure who own over 20% of company’s shares or voting rights; and
  • any individual(s) who otherwise exercise control over the management of the company.

For partnerships, this will include:-

  • partners/principals who exercise control over the management of the partnership; and
  • individuals who own or control over 20% of its capital or profit, or of its voting rights.

For Sovereign Wealth Funds, this will include:-

  • directors; and
  • trustees

For Trusts, this will include:-

  • any protector or controller;
  • all trustees; and
  • any beneficial owners.

Why do we collect this?

We need this information in order that we can make sufficient background checks, including Know Your Customer (‘KYC’) and Anti-Money Laundering (‘AML’) checks.

2. Credit Reference Agencies (CRAs)

We carry out credit and identity checks when you apply for a product or services for you or your business, and when you are using our services. We may use Credit Reference Agencies to help us with this.

We will share your personal information with CRAs and they will give us information about you. This data includes:

  • name, address and date of birth of you or your officers or members;
  • your credit application;
  • your financial situation and history;
  • fraud prevention information; and
  • public information, from sources such as the Electoral Register and Companies House.

We use this data to assess your application, including the accuracy of the information you have provided, as well as to manage our relationship, trace and recover debts, tell you about relevant offers and to help and detect financial crime.

We will go on sharing your personal information with CRAs for as long as you are a customer.

3. Legal basis for processing

Subject to applicable law, when we start our relationship with you we may collect, use, disclose or otherwise handle your information in pursuit of our legitimate interests in providing services to our clients and other interested individuals that are not overridden by your interests, rights and freedoms to protect personal data about you. These interests include:

  • deciding on your suitability as a customer;
  • verifying your creditworthiness;
  • keeping our records up to date;
  • informing you about products and services that may interest you and telling you about them;
  • defining new types of customers for new products or services; and
  • ensuring efficiency in fulfilling our legal and contractual duties.

Where we have a contract with you, we process your personal information as necessary to perform our contractual relationship with you. This includes to:

  • provide our services and manage our client relationship; and
  • process business transactions and related activities.

We may also use the personal information we collect to protect us against and prevent fraud, financial crimes, claims, and other liabilities and to comply with or enforce applicable legal and regulatory requirements, industry and regulatory standards, and our policies and terms.  We use personal information for these purposes when it is necessary to protect, exercise or defend our legal rights, or when we are required to do so by a law that applies to us.

4. If you choose not to give us your personal data

If you refuse or fail to provide information when requested, which is necessary for us to consider your application (such as information required to conduct AML and KYC checks), we will not be able to process your application successfully. For example, if we require a credit check and you fail to provide us with relevant details, we will not be able to take your application further.

5. Who we share your personal information with

We may share personal information that we collect about you with other Maslow entities or group companies for legitimate business purposes, such as providing our services, administering our databases and sending you information that you have requested about our affiliates’ products, solutions or services.

We may share personal information with service providers that perform services on our behalf such as IT service providers, marketing providers, analytics providers, hosting providers and our advisers. All service providers have entered into legally binding agreements requiring them to use personal information only as necessary to perform services on our behalf and to implement appropriate data security and confidentiality obligations, in accordance with applicable law.

We may share your personal information with external parties that include:

  • HM Revenue & Customs, regulators and other tax authorities;
  • law enforcement and fraud prevention agencies;
  • Outside companies we work with to provide services to you and to run our business; and
  • Agents, suppliers, sub-contractors and advisers.

We may also share your personal information as follows if the make-up of our business structure changes in the future:

  • we may choose to sell, transfer, or merge parts of our business, or our assets. Or we may try to bring other businesses into the Maslow group;
  • during any such process, we may share your data with other parties involved; and
  • if the change to our group happens, then other parties may use your data in the same way as set out in this notice.

We will only share your information with third parties where they agree to keep it safe and private and where such sharing is permitted by applicable law.

6. How long do we KEEP your data for?

We will only retain your personal information  for as long as necessary to fulfil the purposes we collected it for, including for the purpose of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirement.

7. Your Rights

Subject to applicable law, you have the right to request access to and rectification of the personal information we maintain about you, to request the restriction of the processing of your personal information, or to object to that processing on grounds relating to your particular situation.

In addition, you may have the right to request erasure of your personal information in certain circumstances provided by applicable law. Subject to applicable law, where technically feasible, upon written request and verifiable identification, we will provide you with a copy of your personal information in a structured, commonly used, machine-readable format. To exercise these rights, please contact us at

8. How to withdraw your consent

You can withdraw your consent at any time. Please contact us at if you want to do so.  This will only affect the way we use information when our reason for doing so is that we have your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. This will not affect the lawfulness of our use of the data before your consent was withdrawn.

9. Security

Maslow follows strict security procedures in the storage and disclosure of information that you have given us. Maslow has implemented security polices, rules and technical measures to protect the personal information that we have under our control. The security measures are designed to prevent unauthorised access, improper use and disclosure, unauthorised modification and unlawful destruction or accidental loss.

10. Sending data outside the European Economic Area (the ‘EEA’)

We will only send your data outside of the EEA to comply with a legal duty or work with our suppliers in providing products and services to you.  If we do transfer your personal information outside the EEA to our suppliers, we will make sure that it is protected to the same extent as in the EEA. We will use one of these safeguards:

  • Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA.
  • Enter into the European Commission’s EU Standard Contractual Clauses with the relevant data recipients; or
  • Transfer it to organisations that are part of Privacy Shield. This is a framework that sets privacy standards for data sent between the US and EU countries. It makes sure those standards are similar to what is used within the EEA.

For example, MailChimp has its servers and offices in the United States, and it participates in and has certified its compliance with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.

To obtain a copy of the safeguards, please contact us at

11. How to complain

If you are unhappy with how we have used your personal information please let us know by contacting  You also have the right to complain to the regulator.  In the UK this is the Information Commissioner’s Office  Find out on their website how to report a concern

12. How to contact us

If you have questions about how Maslow handles your personal information or would like to exercise your rights, please reach out by emailing or writing to us at:

Maslow Capital LLP,

6 Duke Street,

St James’s,