Privacy Policy

Learn how we use and protect your personal data

By registering with Afford.Mortgage, you are entrusting us with your personal data. Your privacy is protected by law, and it is also protected by our privacy policies. This page gives you an idea of how we use your data and the safeguards we put in place to protect it.

Contact our Data Protection Officer: [email protected] or write to us at LABS Atrium, Chalk Farm Road, London, United Kingdom, NW1 8AH.

Our Promise

When you sign up to Afford.Mortgage, you will learn about your mortgage readiness and find out ways to improve your chances of getting approved for a mortgage. We will also make sure you are getting the excellent advice from our Partners.

Your Rights

• Right to object to processing at any time
• Right to opt out of marketing at any time
• Right to have inaccurate data corrected
• Right to erasure of personal data
• Right to export of personal data

Read more about your rights here.

Collecting Data

We collect information about you in two key ways:

• From you – such as signing up, sharing banking data, or engaging with us on social media
• From others – such as credit agencies, brokers, and marketing partners

We aim to minimise the personal data we collect, which may include:

• Identity, Contact, and Account Data
• Financial and Technical Data
• Application, Usage, Marketing, and Research Data

Special Categories of Data

In some cases, we may need to process “special categories” of your personal data. This data requires a higher level of governance.

We will not usually ask for this type of data, however, if you belong to a union for example and link your accounts and spending through the app or you provide us with other special category data, for example, to let us know that you’re vulnerable we will be processing this data. This data will not be used for any other purpose whilst identified to you and by using the app you acknowledge and agree that this processing is done with your consent. We will only ask about special categories of data if we think it is causing a difficulty with your account. We will always explain why we are asking for it and how we might use it.

Cookies Use

Our Website uses cookies. Cookies allow us to enhance your user experience while helping us with analytics, fraud detection and advertising. For more information see: www.allaboutcookies.org

Cookies used include: Google Analytics, Mouseflow, Firebase, MailChimp and Hotjar.

Securing your Data

All our processes are subject to policies and procedures to ensure that your data privacy and security is upheld at all times. Data is processed/stored locally and on encrypted third party hosted cloud services. We use several different platforms to deliver our services including Microsoft, Box, Monday, Heroku, Google, Segment, Firebase, Mouseflow and Hotjar.

These services all have strong data security at the heart of their systems including ISO27001 and SOC2 certification. We ensure that access to these services is strictly controlled and include strong authentication processes like Multi Factor Authentication.

Due to the service providers locations, some data will either be in UK, EEA/EU data centres or on US based servers that have demonstrated strong Data Security. We may also process your data in countries outside the UK or European Union from time to time in other aspects of our business.

Further to Section 119A of the Data Protection Act 2018 and noting Case C-311/18 in the European Court of Justice, if your data is transferred or processed outside of the UK or EEA we ensure the safeguards of International Data Transfer Agreements (IDTAs) or Addendums are enforced. Where this is not possible, we ensure that European Standard Contractual Clauses are entered.

We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held. We will never ask you for your username or password for the App or ask you for any credentials for other applications or websites.

What we use your Data for

• To manage financial milestones and goals
• To analyse spending and offer insights
• To assess mortgage suitability
• To prevent fraud and for analytics
• To align services that may benefit you with our partners
• Link to your various financial accounts with an Open Banking provider
• Provide marketing information about us and our services (you can unsubscribe any time)
• Let you know about any changes to the website and service

Legal Basis for Processing your Data

Your data is only processed based on a defined legal basis. These are:

• Consent – For most of the data you provide us directly we ask for your consent to process it for the purposes of fulfilling our service to you. This consent is asked for when you sign up for our app and includes your identity and financial information. We also use it for our marketing communication with you.
• Legitimate Interest – We may require to use some of your data for our Legitimate Interests, for example, data analytics, aligning your missions with our partners and making recommendations to you.
• Legal Obligation – We may need to process some of your data for legal obligations such as transactions with us.

Credit Reference Checks

As part of our Services, we may be required to carry out credit reference checks from Credit Reference Agencies (CRAs). If we need this information, we will also inform you and gain your consent should a “hard search” be required.

We use TrueLayer Open Banking APIs to connect your financial accounts when you add them to the App. TrueLayer is a secure financial technology provider that connects your bank account to our service for seamless and safe transactions. To find out more information, you can view the TrueLayer Terms of Service and TrueLayer Privacy Policy.

Joint Goals

If your mission is to purchase a home and this will be based on a joint application we will not share individual spending information with the other applicant. Both applicants on a joint application will receive an aggregate household mortgage score.

Sharing your Data

So that we can give you the best service, we may need to share your personal information including affordability and mortgage readiness data with other trusted third parties. For example, we may share your information with other entities that have partnerships with us including:

• Mortgage Providers and brokers where you would like to receive mortgage offers. This includes mortgage professionals and others that may have referred you to us.
• Insurance Partners where we may refer you to for products and services for which you would like to have competitive quotes.
• Retailers that provide cashback, prizes or other benefits that require us to share your data for validation, engagement and analysis purposes. This may include grocery, leisure and other retailers.
• Where we are legally obligated to share your data.
• Between Klink App Ltd (trading as Afford.Mortgage) and its associated companies including Kollitom Ltd.

All those we share data with are separate controllers to us and they may market services to you separately from Afford.Mortgage. When this occurs, you should uphold your rights directly with them.

Automated Decisions

When you sign up for our service, you agree that we may use automated decision-making processes to provide you with relevant products and services, or to let you know if an application is likely to be successful or not. This may involve using complex algorithms to profile your circumstances and data, and making decisions based on this profiling. For example, we may use automated decision-making to determine whether you would be eligible for a credit card or other financial product. You have the right to request human intervention or to challenge any automated decision, as permitted under Article 22 of the UK GDPR.

We will only use appropriate mathematical or statistical procedures for the profiling, implement technical and organisational measures appropriate to ensure, in particular, that factors which result in inaccuracies in personal data are corrected and the risk of errors is minimised, secure personal data in a manner that takes account of the potential risks involved for the interests and rights of the data subject, and prevent, inter alia, discriminatory effects on you.

If you disagree with our conclusion you may appeal to us at any time for us to review by non-automated means. Typically, this will involve an analysis of your spend and ensure the transaction descriptions are aligned with the correct category.

Retaining your Data

Dependant on the data you provide us and for what purpose it is provided we may need to retain your data for up to 6 years after you are no longer a customer of us. If you wish to find out more about your specific data retention, please contact us.

Data Permissions

Every marketing email sent from us allows you to opt out of receiving further emails from us, except for the purposes of fulfilling any contractual arrangements.

You can also contact us at the email address above and request to opt out, view, export or delete your data.

We allow you to delete all your data through the App should you so wish. We will only retain data if we are legally obliged to.

Legal Compliance

We seek to uphold our legal obligations as covered by the Data Protection Act 2018 and the General Data Protection Regulation 2016. Our Data Protection Authority is designated as the Information Commissioners Office (ICO).

No one under the age of 18 is permitted to use our application and we do not knowingly obtain data of anyone under the age of 18. If this has inadvertently happened please contact our DPO immediately at [email protected].

This Privacy Policy is reviewed on a regular basis and was last reviewed on the 25/05/2025.