Privacy Policy

Last updated: April 2025

Who we are

Equiscore Ltd operates the Equiscore platform at equiscore.app. We are the data controller for the personal data you provide when using our service. For any privacy-related questions, contact us at privacy@equiscore.app.

What data we collect

We collect the following categories of personal data:

  • Identity data: your name, email address, and date of birth, provided when you create an account.
  • Profile data: your employment status, address history, and rental situation, provided during onboarding.
  • Open Banking data: transaction history, account balances, and income patterns accessed via TrueLayer with your explicit consent. We do not store your bank login credentials.
  • Usage data: pages visited, features used, and time spent on the platform. Collected via analytics cookies with your consent.
  • Technical data: IP address, browser type, and device information, collected automatically when you access the platform.

Why we collect it

We process your data for the following purposes and on the following legal bases under UK GDPR:

  • To provide the service (contract): calculating your trust score, generating your shareable profile, and maintaining your account.
  • To process Open Banking data (explicit consent): accessing your bank account information through TrueLayer. You can withdraw this consent at any time.
  • To improve the platform (legitimate interests): understanding how users interact with Equiscore to fix issues and improve features.
  • To comply with legal obligations (legal obligation): retaining records as required by applicable law.

Who we share data with

We share your data with the following third-party processors, all of whom are bound by data processing agreements:

  • TrueLayer (Open Banking connection): FCA authorised Account Information Service Provider. Processes your bank data to retrieve transactions and balances.
  • Clerk (authentication): manages secure sign-in, sign-up, and session handling.
  • Railway (hosting): our application and database servers are hosted on Railway infrastructure.
  • Supabase (file storage): used for secure document storage.

We do not sell your personal data to any third party, and we do not share it with landlords, lenders, or employers without your explicit action (generating a share link from your dashboard).

How long we keep it

We retain your account data for as long as your account is active. If you request deletion, we will remove your personal data within 30 days, except where we are required to retain records by law. Open Banking transaction data is retained only as long as needed to calculate and display your trust score.

Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Erasure of your data (right to be forgotten).
  • Portability of your data in a machine-readable format.
  • Object to processing based on legitimate interests.
  • Withdraw consent for Open Banking data access or analytics at any time.

To exercise any of these rights, email us at privacy@equiscore.app. You can also delete your account and data directly from your settings page. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Cookies

We use cookies for essential site functionality and, with your consent, for analytics. See our cookie policy for full details.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will notify you by email or by displaying a notice on the platform. Continued use of Equiscore after changes take effect means you accept the updated policy.