Privacy Policy

Updated: December 30, 2025 | Version 2.0

Financer.com ("Financer", "we", "us", "our") is the data controller for personal data processed through our platform. Financer is operated by Financer Ltd., with registered office details available in our Imprint/Legal Notice.

We commit to protecting your privacy in compliance with the EU General Data Protection Regulation (GDPR), UK GDPR, and applicable national laws. This policy explains how we collect, use, share, retain, and secure your personal data when you use financer.com, our comparison tools, partner integrations, and related services. [1][2][3]

Our Data Protection Officer (DPO) can be contacted at dpo@financer.com. [3][4]

1. Personal Data We Collect

We collect only the personal data necessary for our services (data minimisation principle). [1][5]

1.1 Data You Provide Directly

Contact details (name, email, phone number) via forms, reviews, inquiries, newsletter sign-ups, or Financer Partners lead forms. Financial preferences (e.g., desired loan amount, term length, income range) entered during comparisons. Account details if you create a profile.

1.2 Data Collected Automatically

Where consent is obtained or strictly necessary: Device and usage data including IP address, browser type/OS, device ID, pages visited, session duration, referral sources, and Financer Partners tracking parameters. Approximate location from IP (for market-specific content; consent-based). Cookies and tracking technologies (see section 5.1). [2]

1.3 Data from Third Parties

Aggregated analytics from providers like Google Analytics (pseudonymised). Limited referral data from partners or affiliates (e.g., campaign parameters). No direct personal data purchases.

We do not process special categories of data (e.g., health, racial origin) unless explicitly required and consented. [1]

2. Purposes and Legal Bases for Processing

All processing is lawful, fair, and transparent. We specify purposes and legal bases as follows: [6][7]

To provide comparisons and recommendations (matching products to preferences; lead routing via Financer Partners), we rely on contract performance (Art. 6(1)(b) GDPR) and legitimate interests (Art. 6(1)(f)) for platform operation.

For platform operation and improvement (analytics, A/B testing, fraud detection, partner performance tracking), we use legitimate interests (Art. 6(1)(f)), balanced via Legitimate Interests Assessments (LIA).

Communications (newsletter responses, support, partner lead notifications) are based on consent (Art. 6(1)(a)) or contract performance.

Security and compliance (fraud prevention, legal obligations) use legitimate interests (Art. 6(1)(f)) and legal obligation (Art. 6(1)(c)).

For the Financer Partners Program (clicks/conversions tracking, lead attribution, performance reporting), we rely on legitimate interests (Art. 6(1)(f)) for program efficacy.

Legitimate Interests Assessments (LIA) conducted for Art. 6(1)(f) uses; contact DPO for details. You can object anytime (section 5). [6][3]

3. Sharing Your Personal Data

No sales of data. Sharing is limited and purpose-specific. [8]

3.1 Financial Partners (Financer Partners Program)

When you click through to lenders/providers via comparisons, we share tracking parameters (UTM tags, session IDs) or lead data collected via our forms. Financer Partners act as independent controllers for data processing once users land on their sites. They must comply with their own privacy notices and our Financer Partners GDPR Guidelines. No full personal data shared unless explicitly collected via Financer forms and consented. [1]

3.2 Processors and Service Providers

Analytics (Google), hosting, email (e.g., Mailchimp), security vendors, and Financer Partners tracking processors operate under DPAs (Art. 28 GDPR). Full list available from DPO. [8][9]

3.3 Legal Disclosures

Authorities, courts, or to protect rights/safety (Art. 6(1)(c)/(f)).

3.4 Business Transfers

With notice in mergers (Art. 6(1)(f)).

4. Data Retention

Data retained only as necessary: Inquiries/reviews/partner leads: 24 months post-resolution. Analytics and tracking: 26 months (or shorter per provider policy). Financial logs: Up to 10 years (legal requirement, e.g., AML). Profiles: Until deletion request or inactivity (24 months). [5]

Automated deletion/anonymisation applies. Conflicts with erasure resolved per law. [6]

5. Your Rights and Choices

Under GDPR/UK GDPR Chapters III & V: Access (Art. 15): Confirmation/copies. Rectification (Art. 16): Correct inaccuracies. Erasure (Art. 17): Delete where no overriding grounds. Restriction (Art. 18): Limit processing pending review. Portability (Art. 20): Structured format (direct collections). Objection (Art. 21): To legitimate interests/direct marketing/partner tracking. Withdraw consent (Art. 7): Anytime, no effect on prior processing. Automated decisions (Art. 22): No solely-automated decisions with legal effect. [2][8]

Exercise rights: Email team@financer.com or dpo@financer.com. Response within 1 month (extendable). No fees unless manifestly unfounded. [10]

Complaints: To your local DPA (e.g., Datatilsynet in DK) or our DPO. [3]

5.1 Cookies & Consent

Essential cookies always active. Others require consent, managed via banner/preferences. See Cookie Policy.

6. Security of Processing (Art. 32 GDPR)

Appropriate measures include encryption (TLS 1.3, data at rest), access controls (RBAC, MFA), regular audits, vulnerability scanning, DPIAs for high-risk processing (including partner data flows), and breach response: Notify authorities within 72h if required; affected users where high risk. Partners notified without undue delay. [1][11]

Processors and partners audited via DPAs and program guidelines. [9]

7. International Transfers (Chapter V GDPR)

Transfers outside EEA/UK use adequacy decisions, EU SCCs (2021) + Transfer Impact Assessments (TIA), or BCRs for intra-group. Applies to partner data flows. No Schrems II issues; supplementary measures applied. [6][8]

8. Children's Privacy

Not directed at children under 16 (or local age). No knowing collection; parents contacted if discovered.

9. Third-Party Links

Links to partners (Facebook: https://www.facebook.com/policy.php; Google: https://policies.google.com/privacy; X/Twitter: https://twitter.com/en/privacy) or external sites. We bear no responsibility for their practices.

10. Financer Partners Program – Specific Data Handling

Roles: Financer is controller for platform data; partners are independent controllers post-click-through. [1]

Data Flows: Tracking parameters enable performance attribution (clicks, conversions). Lead data (if collected via Financer forms) transferred only with consent. Partners must maintain their own GDPR compliance per our Partners GDPR Guidelines.

Your Rights Across Ecosystem: Contact Financer for platform data; contact partners directly for their processing. We coordinate where needed.

11. Changes to Policy

Posted here with date. Material changes notified via email/banner. Continued use = acceptance. [2]

12. Contact Information

Controller: Financer Ltd. General inquiries: team@financer.com. DPO/Privacy requests: dpo@financer.com. Phone: +1 415 317 3557. Address: See Imprint. [10][3]