Join Credit U

Find your local Credit Unions and access better financial services through Credit U membership.

Privacy policy

This Privacy Policy explains how we use any personal information we collect about you when you use this website. Please note that we may update this policy from time to time.

1. Our Privacy Policy Principles

  • We will never spam you with irrelevant emails
  • You may opt out or in of our email communications at any time
  • You have the right to remove any information we may hold on you
  • We will never sell, rent, make public or distribute your personal information
  • Data is a liability and therefore should only be collected and processed when absolutely necessary

2. Who We Are

Exasoft Group is the parent company for Exasoft, 10 Digital, F2Uni, and Credit U.

Exasoft Group is the data controller for all the organisations within the group. This means that Exasoft Group determines what data is collected by each organisation within the group, how this data is going to be used and how this data is protected. 

Our registered office address is:

Exasoft Group
1 Innovation Village
Cheetah Road
Coventry CV1 2TL
United Kingdom

Registered in England No. 11304240

Email [email protected]

Data Protection Officer: Available on request

3. Relevant Privacy Legislation

In line with The Exasoft Group’s internal processes and systems, this website is designed to comply with the following regulations and standards:

  • UK Data Protection Act:2018
  • EU General Data Protection Regulation 2018 (GDPR)
  • ISO/IEC 27001:2015
  • EU ePrivacy Directive (2002/58/EC)
  • The Companies (Trading Disclosures) Regulations 2008

The compliance of this website with the above policies will likely mean this website is compliant with data protection and privacy legislation around the world.

If you are unsure about our compliance in your country, please contact our Data Protection Officer. Contact details can be found in section 2 above.

4. What information do we collect about you?

Contact Forms

We collect the following information about you when you complete a form on any of Exasoft Group’s websites:

  • Full name
  • Email address
  • Telephone number
  • Other information you supply relevant to your enquiry

This information is stored in our local database and a copy is sent to us via email.

Website Visitor Tracking

Like most websites, our website uses third party trackers.  These tools collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. We use this information to better understand how visitors find us and how they interact with our website. We can use this to make adjustments to our website, to deliver a better user experience.

IP addresses

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. Explicit consent will be sought when collecting this data.

Email Newsletter

If you choose to join our mailing list, your email address will be stored in our local database.  You can unsubscribe from our newsletters at any time, either from within the e-newsletter or by emailing us (Please see section 13 below).

5. Where is your information stored?

  • The Exasoft Group’s and its component companies are UK-domiciled organisations whose primary offices are in the UK.
  • Our websites and web applications are hosted in the EU and are accessed only by our EU-based staff
  • Our customer relationship management, marketing and accounting systems for all our businesses are EU-based.
  • Where we use any Cloud Service Providers (CSPs) as part of our processing environment, we are, in respect of the CSPs, the data controller.
  • Unless we specifically state otherwise all of the CSPs that we use utilise EU-located processing facilities.
  • Our payment processors and banking arrangements are based in the EU.
  • We operate a data retention policy in respect of all data, whether paper-based or digital and those aspects of it which relate to personal data are managed in compliance with the requirements of the EU General Data Protection Regulation (GDPR)

6. How long will we keep your data?

We will retain your data according to our Data Retention Policy.  Your data will be deleted or anonymised, in accordance with our Data Retention Policy when we no longer need to process it. If we anonymise your data, we may continue to use it (in an anonymised form) beyond periods specified in our Data Retention Policy. You have the right to request us to delete your data sooner, if for example, it was unlawfully processed.  You may make a request by sending your contact details and message to us using the contact details in section 13 below.

7. How will we use the information about you?

We collect information about you to understand your needs and provide you with a better service. Specifically, we use your information for:

  • Transferred to third party where you have given explicit consent
  • Internal record keeping
  • Improving our services
  • Possibly contacting you with marketing material relevant to your enquiry. You may opt-out at any stage from within an email received or by contacting us directly using the contact details in section 13 below
  • A member of our team may contact you to respond to your enquiry

The Exasoft Group will not share your information with 3rd parties outside of the group without your explicit consent. We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

8. Cookies

A cookie is a piece of code that allows the web server to identify and track activity of the web browser. They are widely used in order to make websites work more efficiently, as well as to provide information to the owners of the website. 

To see which specific cookies are used on this website, please review our full cookie policy for more information. Rejecting our use of cookies does not preclude you from gaining access to our websites.

9. Access to your information and correction

If you provide us with your personal information, you have the following rights:

  • To review the user information that you have supplied to us under the UK Data Protection Act 2018 and EU GDPR:2018
  • To request that we correct any errors, outdated information, or omissions in user information that you have supplied to us
  • To request that your user information not be used to contact you
  • To request that your user information be deleted from our records (see section 13 below). We will review your request and respond within 30 days
  • To exercise any of these rights, please email us (Please see section 13 below).

We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken. 

10. Your Right to Complain

If you wish to discuss any matter regarding your personal data and the EU General Data Protection Regulation, please contact us using the details provided below.  All enquiries and complaints will be treated in a confidential manner. Should you feel dissatisfied with our handling of your data, or about any complaint that you have made to us about our handling of your data, you are entitled to escalate your complaint to a supervisory authority within the European Union. For the United Kingdom, this is the Information Commissioner’s Office (ICO), who is also our lead supervisory authority. Its contact information can be found at https://ico.org.uk/make-a-complaint.

11. Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

12. Child Data

As a group we do not collect personal or process personal data from children under the age of 18.  Where we provide storage and processing platforms for clients who process children’s data, our systems and storage facilities are compliant to EUGDPR:2018, UK DPA:2018 and ISO/IEC 27001 regulations and standards.

13. Contact

Please contact us via email [email protected], if you have any questions about our Privacy Policy or information we hold about you.

Alternatively you can reach us by telephone on +44 (0) 845 130 2100

Our telephone switchboard is open 9:00 am – 5:00 pm GMT, Monday to Friday. Our team will take a message and ensure the appropriate person responds as soon as possible.

Would you like to know more?

Then get in touch today!