Toot Loans Privacy Policy

This policy explains how your information may be held and used by companies within the Brighter lending Group.

Last Updated: 21 February 2022

Toot Loans is a trading style of Brighter Lending Limited. We are committed to protecting and respecting your privacy. We know that you care about how your information is used and shared and we appreciate your trust in us to do that carefully and sensibly. This notice describes our privacy policy and forms part of our website terms and conditions (“Website Terms”).

Brighter Lending believes it is important to protect your Personal Data (as defined in the UK GDPR and the Data Protection Act 2018) and we are committed to giving you a personalised service that meets your needs in a way that also protects your privacy. This policy explains how we may collect Personal Data about you. It also explains some of the security measures we take to protect your Personal Data and tells you certain things we will do and not do. You should read this policy in conjunction with the Website Terms.

Who we are

Company Name: Brighter Lending Limited t/as Toot Loans of 17 Duke Street, Formby, Liverpool, L37 4AN

Registered under the Data Protection Act 2018 with the Information Commissioner’s Office:

Registration Number: ZA551095

FCA Registration Number: 928634

How do we collect information from you?

We collect Personal Data from you:

  1. When you take a service or product from us.
  2. When you contact us, or if you have replied to a communication from us.
  3. A third party who sells your data.

What type of information is collected from you?

This includes:

  1. contact details;
  2. date of birth;
  3. address details;
  4. employment details;
  5. email details;
  6. IP addresses;
  7. bank details;
  8. Any sensitive information you share with us.

What is our lawful basis for collecting this data and why do we need this?

In order for us to process your data we have to have a lawful basis to do so. We are relying on the following basis to do so:

  1. Consent: you have given clear consent for us to process your personal data for a specific purpose.
  2. Contract: the processing is necessary to enter into the loan agreement with you, or because you have asked us to take specific steps before entering into a contract.
  3. Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).
  4. Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.

We have identified these on a lawful basis to assess whether we can, pass your details on to a third party who may assist you with obtaining a loan if we cannot help you or if we wish to continue to market to you with other specific products set out below after our contractual relationship has ended.

How is your information used?

We use your information so that:

  1. We can identify you when you contact us.
  2. We can identify accounts, services and products you may have from us.
  3. We can offer you other products.
  4. We can ensure we do not pass your details to the same third-party twice in a short period and so third parties can avoid unnecessary credit searches.
  5. We can improve your account administration.
  6. We undertake marketing analysis, credit strategy and customer profiling.
  7. We can continue to market to you with relevant offers;
  8. To prevent and detect consumer vulnerability;
  9. To manage your account as and when needed; and
  10. To help us prevent and detect fraud and loss.

Do you record calls or emails?

Yes we do record calls. Calls and Emails are retained for a period of time and then destroyed in accordance with our Data Retention Policy.

Who has access to your information?

  1. all our staff;
  2. third parties including police. government or regulatory agencies should they request it;
  3. if any officials request it for legal proceedings;
  4. if our company and all of its assets are bought by a third party your personal data will also be transferred to this third party;
  5. credit information service providers
  6. open banking information service providers
  7. if we need to pass on personal data to others who offer administration services, marketing information and customer services; and
  8. Debt collectors or law firms if you fall behind with payments to us.

What type of third parties do you pass my data to?

As a lender we will pass data to:

  1. Credit report information service providers
  2. Open banking information service providers
  3. Debt Collectors
  4. Law Firms
  5. Fraud Prevention Agencies

For a detailed list of these third parties you can write to us at Brighter Lending Limited t/as Toot Loans of Suite 3.1, 12 Tithebarn Street, Liverpool, L2 2DT

How is your information used?

We use your inforamtion so that:

  1. We can identify you when you contact us.
  2. We can identify accounts, services and products you may have from us.
  3. We can offer you other products.
  4. We can ensure we do not pass your details to the same third-party twice in a short period and so third parties can avoid unnecessary credit searches.
  5. We can improve your account administration.
  6. We undertake marketing analysis, credit strategy and customer profiling.
  7. We can continue to market to you with relevant offers;
  8. To prevent and detect consumer vulnerability;
  9. To manage your account as and when needed; and To help us prevent and detect fraud and loss.

Automated Decision Making and Profiling

Prior to any loan being agreed with you we will use your personal data to make automated decisions. This is done in order to determine whether we wish to enter into a contract with you and to determine your creditworthiness in the quickest, fairest and most legally compliant way using credit scoring and past payment history to predict future performance. We will also monitor your account using automated means for fraud detection and crime prevention purposes. The automated decision may result in us declining your loan application.

We regularly test our credit scoring model to ensure it is working appropriately and accurately. If you are dissatisfied with the result of this automated processing you have the right to seek an explanation and request a person review the decision.

Sharing your data with Credit Reference and Fraud Prevention Agencies

In order to process your application, we will perform credit and identity checks on you with one or more credit reference and fraud prevention agencies (“CR/FPAs”). To do this, we will supply your personal information to CR/FPAs and they will give us information about you. This will include information from your application and about your financial situation and financial history. CR/FPAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

We will use this information to:

  • Assess your creditworthiness and whether you can afford to take the product
  • Verify the accuracy of the data you have provided to us
  • Prevent criminal activity, fraud and money laundering
  • Manage your account(s)
  • Trace and recover debts
  • Ensure any offers provided to you are appropriate to your circumstances

We will continue to exchange information about you with CR/FPAs while you have a relationship with us. We will also inform the CR/FPAs about your settled accounts. If you borrow and do not repay in full and on time, CRA/FPs will record the outstanding debt.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. If we notify them of criminal activity on your account they will keep a record of this which may result in other organisations refusing to provide you with services or employment.

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at

Do you sell data?


How safe is my data?

We carry out comprehensive due-diligence on each party that we work with to ensure your personal data is secure and that the communication you receive is relevant to your needs. Communication from the third party may be by email, SMS or telephone.

We will not disclose your Personal Data to any third party except in accordance with this Privacy Policy.

We invest heavily in data security so you should be assured that your data is safe.

Can I change my mind about marketing?

If you consented to receiving marketing communication from us, there will be an opt-out on every correspondence you received. You can also change your mind at any time by emailing us at

How can I update and access my information?

Please email us at

What security do you have to protect my data?

We have a very strict policy on protecting your Personal Data:

  1. We make sure we do thorough checks on everyone we work with.
  2. We use encrypted software.
  3. We continually test our systems to see whether it can be penetrated by malicious software and outside third parties looking to steal data. Our regulators expect us to do this to ensure our systems are secure.
  4. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information.

Do you use Cookies?


Why do you use Cookies?

Cookies cannot be used to identify you personally and are used to improve services for you, for example through:

  1. letting you navigate between pages efficiently;
  2. enabling a service to recognise your computer so you don’t have to give the same information during one task;
  3. recognising that you have already given a username and password so you don’t need to enter it for every web page requested;
  4. measuring how many people are using services, so they can be made easier to use and that there is enough capacity to ensure that they are fast.

See or to learn more about cookies.

We use Google Analytics cookies to collect information about how visitors use our website and to help us ensure it is tailored to our customers’ needs and interests. These cookies only collect information in an anonymous form, including the number of website visitors and the pages visited. No personal information is collected or stored by Nouveau Finance. To opt out of being tracked by Google Analytics across all websites visit:

Do you buy data?

Yes, we purchase data in a number of ways but always perform full due diligence on our partners to ensure that they Treat Consumers Fairly before we purchase.

Do we profile your information?

We do limited profiling so that we can match your specific needs to the loan product you require. Our panel of lenders may carry out their own profiling. To find out what information we hold on you, you can write to us at

What age must I be?


Do we review our Privacy Policy?

Yes, we can update our privacy policy without letting you know. We will review this at a minimum annually.

How long do we store your data?

We store your data for up to six years after the last interaction.

What are my rights?

You have the following rights for your data:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

For further information in relation your rights visit

Will you transfer my personal data to a country outside the European Economic Area?


Who can I write to get more information about this Privacy Policy?

Is Toot right for you?

Toot Loans is a new, innovative loan provider with a real focus on providing affordable loans to customers who have experienced financial difficulties in the past.