We use cookies on our website to give you the best experience by remembering your preferences and repeat visits. By clicking “Accept all cookies”, you accept our use of cookies in accordance with our Cookie Policy, or for more option choose "Manage Preferences."

Privacy Policy

1. SUMMARY

We value your privacy.

This Policy provides you with details about the personal information we collect from you, how we use your personal information and your rights to control personal information we hold about you. Please read it carefully.

By accessing or browsing this website or applying for a loan, a deposit or one of our products, you confirm that you have read and agree to our Privacy Policy.

Individuals under the age of 18 are not permitted to use the services provided through our website and we will not knowingly collect any personal information in respect of anyone under 18. If we become aware that such information has been collected inadvertently, we will take steps to delete it.

We take our privacy obligations seriously. If you have any questions or concerns, please do not hesitate to contact us.

2. WHO WE ARE

We are Amplifi Capital (U.K.) Limited (‘weʼ, ‘ourʼ, ‘usʼ) and operate as a lender under the brand name Reevo Money and as a credit broker and introducer under the name My Community Finance. This Policy covers how we collect, use and share your personal information in our capacity as both a lender and credit broker.

This means that, depending on the product you apply for or use:

  • we are the lender and we process your personal information to assess, provide and administer your loan; or
  • we are the broker/introducer and we introduce you to credit union(s) or other third party firms which provide the relevant loan and/or savings product. In those cases the credit union(s) we work with or third party firm is the lender and/or deposit taker and product provider, and your agreement is with them.

We also support the application journey (and where applicable) the ongoing administration/servicing of your product, including through our websites, portals and apps.

Our role as data controller or data processor

We perform different roles under UK data protection law depending on the services we provide and the stage of your relationship with us.

We explain these roles below so you can clearly understand how and why we use your personal data.

When we act as a credit broker for loan applications

When you apply for a loan through our website, platform or app as a prospective borrower, we act as a data controller for the personal data collected and used as part of the application and credit broking process. We carry out this activity as part of our arrangements with the credit union(s) and lenders we work with. In this role, we process your personal data to:

  • receive and manage your loan application;
  • verify your identity and prevent fraud;
  • carry out credit and affordability assessments;
  • comply with our legal and regulatory obligations as a credit broker;
  • determine how applications are routed or introduced to lenders; and
  • communicate with you about your application.

At this stage, we determine the purposes and essential means of processing (including what data is collected, how checks are carried out, and which systems and third parties are used) and are therefore responsible as a data controller.

If your application proceeds, we will share relevant personal data with one or more lenders so that they can decide whether to offer you credit.

Where we introduce your application to the credit union(s) we work with or another lender:

  • they act as an independent data controller for their own processing of your personal data in connection with assessing and providing credit, and their use of your personal data will be governed by their own privacy policy; and
  • following introduction, we may then process your personal data on their behalf as a data processor, in accordance with a data processing agreement.

Where a loan is provided by a credit union(s) that we work with or a third party lender and we provide platform, operational, or servicing support:

  • they act as the data controller for borrower personal data; and
  • we act as a data processor, processing personal data only on their documented instructions and solely for the purpose of providing contracted services.

In this role, we do not use borrower personal data for our own independent purposes without their consent and are contractually and legally required to protect it and process it securely.

When we are the lender

In some cases, Amplifi itself acts as the lender and enters into a credit agreement with you.

Where we are the lender, we act as a data controller for all personal data processed in connection with:

  • assessing creditworthiness;
  • entering into and administering your loan;
  • servicing, collecting and managing repayments; and
  • meeting legal, regulatory and accounting obligations.

In this scenario, we determine both the purposes and means of processing and are fully responsible for how your personal data is used.

When we act as an introducer for savings products

Where Amplifi introduces customers who are interested in savings or deposit products offered by a credit union(s) with whom we work with or other third party savings provider, Amplifi acts as a data controller for the personal data processed as part of the introduction process.

In this role, we process personal data to:

  • receive and manage your enquiry or application for a savings product;
  • collect and validate the information required to make an introduction;
  • pass relevant information to the savings provider you have selected;
  • comply with our legal and regulatory obligations; and
  • communicate with you about the introduction and next steps.

At this stage, Amplifi determines the purposes and means of processing (including what information is collected and how it is shared) and is therefore responsible for that processing under UK data protection law.

Where a savings product is provided by a credit union(s) we work with or third party provider and we provide platform, operational or servicing support:

  • they act as the data controller for customer personal data relating to the operation and administration of the savings account; and
  • we act as a data processor, processing personal data only on their documented instructions and solely for the purpose of providing contracted platform or operational services.

In this role, we do not use customer personal data for our own independent purposes without their consent and are contractually and legally required to protect it and process it securely.

We are authorised and regulated by the Financial Conduct Authority with permission to enter into regulated credit agreements as lender, and to act as a credit broker, with firm reference number 718749.

We are registered with the UK data protection authority (the Information Commissionerʼs Office or ICO) under number ZA040320.

3. DATA PROTECTION OFFICER

Our data protection officer (DPO) is responsible for overseeing questions about our Privacy Policy. If you have any questions, including any requests to exercise your legal rights, please use the details below:

Data Protection Officer

Amplifi Capital (U.K.) Limited

Email address: dpo@amplificapital.com

Postal address: Amplifi Capital, 30 Churchill Place, Canary Wharf, London E14 5EU, UK.

4. THE PERSONAL INFORMATION WE COLLECT ABOUT YOU

We will only use your personal information when Data Protection Regulation allows us to do so. In this section, we explain our legal basis for using your information and how we use it.

We will use your personal information where:

  • we need to perform the contract we have with you or to enter into a contract with you it is necessary;
  • for our legitimate interests (or those of a third party), such as for fraud prevention, credit referencing and credit checking, offering our products and services to you, carrying out checks to make sure our products and services run smoothly for you, communicating and managing our relationship with you, administration and protecting our business; and where your interests and fundamental rights do not override those legitimate interests. We assess these interests carefully and balance them against your rights and freedoms;
  • we need to comply with laws, regulations or court orders; and
  • you give us your consent to use your information. You donʼt have to give us consent. But if you donʼt, we may not be able to process your application or provide our services or products to you.

When you access the Amplifi, Reevo Money or My Community Finance websites, online portals or mobile applications (apps), provide any information to us using the online forms provided, over the telephone, or by electronic transfer, we may collect some or all of the following types of information:

  • Name and contact information;
  • Date of birth;
  • Employment details;
  • Financial details;
  • Location and device information; and
  • Other details to assess suitability for our products.

We process your personal information using the lawful bases of consent, contract performance, legal obligation and legitimate interests, depending on the context.

When you make payments through our app or other online services, we process your personal information as necessary for the performance of your contract with us. We may also rely on our legitimate interests, and in some cases, our legal obligations, to ensure the security of payment processing, prevent fraud, and maintain accurate financial records.

We may also receive the above types of information about you from your lender, potential lender, aggregators such as a price comparison site or credit reference and fraud prevention agencies.

Where we receive your information from an aggregator or comparison site, we use it to process your application and provide our services. We may share this information with the credit union or lenders we work with, or with our service providers who support our operations.

Open Banking Services (Account Information and Payment Initiation)

If you choose to use Open Banking features within our app or online services, we will share certain personal information with our trusted Open Banking provider(s) so they can provide account information services (AIS) and/or payment initiation services (PIS) to you.

If you opt in to Open Banking account information services, our provider will, with your explicit permission, access and share with us certain transaction data from your nominated bank account(s). This helps us to assess your application, verify your income and expenditure, and support our ongoing relationship with you. You can withdraw your consent at any time through your bank or by contacting us.

If you choose to make a payment to us via the app or other online services using Open Banking, we will share the necessary payment details – such as the amount, payment reference and your selected bank with our Open Banking provider, so they can securely initiate the payment on your behalf. You will always authorise these payments directly with your bank, and we do not receive or store your online banking login details or passwords.

Our Open Banking provider(s) act in accordance with data protection laws and are authorised by the Financial Conduct Authority to provide open banking services. Further information about how they process your personal information is available in their privacy notice. We will only use the data obtained via Open Banking in accordance with this Privacy Policy and for the purposes you have agreed to.

5. HOW WE MAY USE YOUR INFORMATION

We may use your information to provide you with access to our website and app and enable you to register for an online account and also to:

  • assess and provide lending where we act as the lender and/or to introduce you to a credit union or other third party for loan and savings products and to share your application and relevant information with that credit union or other third party so it can assess and provide those products to you;
  • consider and process your applications;
  • enable you to make applications for loans, savings or other products;
  • consider and process your applications;
  • let you know about our fees and charges;
  • enable you to view details of credit, savings or other products available through our platforms;
  • make credit, fraud prevention and other similar enquiries into your financial standing in order to make lending decisions about you where relevant (see the Credit Reference and Fraud Prevention Agencies below for more details);
  • process, administer and support credit agreements and lending activities including where we are the lender;
  • exercise our rights under contracts we have with you, such as collecting money you owe us;
  • support the management of savings and deposit accounts provided by the credit union(s) we work with or other third party providers where we act as introducer and/or administrator;
  • carry out any service or product development analysis, statistical or other purposes. This includes analysing how our products are used, improving our credit and affordability models and developing new features for our products and services. We only use the minimum data necessary for those purposes;
  • enable you to make payments via Open Banking or debit card. We will share the necessary payment details with our third party payment providers. We do not receive or store your online banking credentials or card details;
  • provide you with information, products and services which we provide which either you request, or which we feel will be of interest to you, which may include information about products or services provided by third parties we work with, unless you tell us you do not want to receive this information as to which, see “Direct Marketing – Your Right to Opt Out” section below;
  • contact you for market research purposes;
  • track, analyse and improve our products and services

Some of our websites and apps use cookies and similar technologies. For more information about how these technologies are used and how you can manage your preferences, please see our Cookie Policy.

6. WHO WE SHARE YOUR PERSONAL INFORMATION WITH

We will never sell your personal information and will always keep it safe and private. We may share your information with the following parties described below.

Group companies and relevant parties

We may share your personal information with:

  • companies within our corporate group; Some of our group companies help us to provide our services. Depending on the activity, they may act as our data processors (following our instructions) or as independent controllers for their own regulatory or operational purposes. We ensure appropriate agreements are in place in each case.
  • any third party which is interested in buying the entire or substantial part of our business and assets, as part of a negotiation or sale process; and
  • any third party who provides finance to us or has entered into negotiations with us to provide financing to us.
Companies that we work with

We may share your personal information, which includes pseudonymised data with:

  • our contractors or third parties that carry out work on our behalf and help us to provide services and products you use;
  • credit unions or potential lenders or underwriters in relation to your application to become a borrower. This includes the following credit union;

Provider

Brand

North Edinburgh and Castle Credit Union Limited

Castle Community Bank
  • credit reference and fraud prevention agencies. More information about this is set out below;
  • third parties including other credit brokers, with your consent, who may be able to offer alternative lending or other services to you where we have declined your application;
  • service providers who provide IT and system administration and other services to us;
  • UK higher education providers such as Universities in connection with formal research projects. This processing is carried out under our legitimate interests to support academic research into credit risk modelling under formal agreements with them. The data remains under our control at all times and is only made accessible within a secure environment;
  • professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services to us;
  • debt purchasing companies, if you default on any borrowing with us. Any debt purchasers we work with are regulated by the Financial Conduct Authority;

And also specifically with:

  • Gojoko Marketing Limited, to help us with IT, system administration and other services, so that we can provide you with our services;
  • AccountScore Limited, to help us with categorisation of your transaction data, so that we can provide you with our services;
  • PayPoint Payment Services Limited, to provide us with bank account verification services. Their privacy policy can be found at: paypoint.com/privacy-statement; and
  • Paylink Solutions Limited and Paylink Outsource Services Limited trading as Paylink (ReFi), for the purpose of arranging and disbursing funds in connection with a consolidation loan granted to you by one of the credit unions we work with;
  • iovation, Inc. to support our fraud protection measures and you can view their privacy policy at Iovation, Inc. Privacy Notice.
  • Cashflows Europe Limited, who process debit card payments made through our app or online services. Their privacy policy can be found at Privacy Policy | Cashflows.

These partners include IT and cloud hosting providers, payment processors, identity verification partners, credit reference agencies, fraud prevention agencies, and professional advisers such as lawyers and auditors. We may share your information with them so they can help us provide our services or products to you. We make sure that anyone we work with keeps your personal information safe. We donʼt let our third-party service providers who process your personal information on our behalf use your personal information for their own purposes. We only allow them to process your personal information for specified purposes and in accordance with our instructions.

Sharing updates of your personal data

Where you interact with and/or become a customer of more than one of our brands and/or the credit union(s) listed in this section, we may share relevant updates to your personal data between these entities. This is done to maintain accurate and consistent records, to support responsible lending and to ensure we can meet our regulatory obligations. This sharing may include basic identification and contact details, account information and any verified updates that you provide.

7. HOW DO WE MAKE AUTOMATED DECISIONS ABOUT YOU

We may use computers to make lending decisions. In other words, we may use technology that can evaluate your personal circumstances and other factors to predict risks and outcomes. This may also be known as profiling. The automatic decision-making process considers various factors, such as your income, residency, financial position, fraud and other risk and relevant factors. We do this to speed up the loan application process for suitable borrowers.

This is necessary for our ‘legitimate interestʼ and meeting with our legal responsibilities. If you meet with certain pre-determined criteria, our computer systems will automatically approve and process your application. If we determine that you pose a fraud or money laundering risk based solely on automated decision-making, we may refuse to provide the requested services or financing to you or we may stop providing existing services to you.

If you want to know more about the rights you have about automated decision making, please contact us using the details above.

8. BOT DETECTION AND PROTECTION

We use automated tools to help protect our website and users from malicious or unwanted automatic traffic (“bots”). These tools analyse incoming web traffic to distinguish between human users and bots. To do this, we may collect and process certain technical information about your visit, including (a) browser and device characteristics (b) network information (such as IP address and request headers), (c) behavioural patterns (such as mouse movements and click behaviour) and (d) javascript execution results which help us to gather information about the environment and behaviour of a website visitorʼs browser.

This data is used solely for the purpose of identifying and mitigating harmful bot activity and is not used to personally identify you. We do not sell or share this data for marketing purposes.

In some cases, automated systems may restrict access to our website if bot-like behaviour is detected. You can contact us if you believe this decision was made in error.

We use Amazon Web Services (AWS) as a third party service provider to process this data. You can learn more about how AWS handles data by visiting their Privacy Policy.

9. CREDIT REFERENCE AND FRAUD PREVENTION AGENCIES

Credit Reference Agencies

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (CRAs). We may also make periodic searches at CRAs to manage your account with us.

To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit or loan application and about your financial situation and financial history and data for collections and recoveries management. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information, and data for collections and recoveries management and fraud prevention information.

We will use this information to:

  • Assess your creditworthiness and whether you can afford to take the product;
  • Assess your eligibility to products or services provided by us or our partners;
  • Verify the accuracy of the data you have provided to us;
  • Prevent criminal activity, fraud and money laundering;
  • Manage your account(s);
  • Trace and recover debts; and
  • Ensure any offers provided to you are appropriate to your circumstances.

If you sign a credit agreement with us, we will give details of your account(s) and how you manage it/them to the CRAs. We will continue to exchange information about you with CRAs while you are our customer. This includes:

  • Your name, address and date of birth;
  • Accounts you have, including when you opened them and money going into them (if you owe us money, we will also share your balance);
  • Credit applications you have made;
  • If you have borrowed, details of your loan and repayments; and
  • Fraud prevention information.

We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. Please be aware this information may be supplied to other organisations by CRAs.

Credit Search Types – Soft and Hard Searches

When we carry out a credit search with one or more Credit Reference Agencies, these may be either soft searches or hard searches, depending on the stage and nature of your application:

  • Soft searches are used to assess your eligibility for our products and do not affect your credit score. These searches are not visible to other lenders.
  • Hard searches are used when you proceed with a full application and may affect your credit score. These searches are visible to other lenders and may influence their lending decisions. We will tell you if we are going to carry out a hard search before you submit your application.

If you have any questions about the type of search we perform or its impact, please contact our Data Protection Officer.

Contacting the Credit Reference Agencies

You can contact the CRAs currently operating in the UK. The information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.

Their contact details are:

Fraud Prevention Agencies (FPAs), Law Enforcement and Regulators

When you make an application with us, we check your record with Fraud Prevention Agencies (FPAs) like Cifas. During the application process and after you become a customer, we may share information about you with FPAs to help prevent fraud and money laundering when it is in our legitimate interest.

If we detect fraud, we may stop activity on your account and prevent you from using it. Other organisations may use information we share with FPAs about fraud to refuse their services, finance or employment.

For more information about the details we collect from and share with Cifas, and how they use your personal information, see Cifasʼ Fair Processing Notices.

We may also share your information if we are required to do so by any applicable law. For example, if we are instructed to, we may share your personal information with any governmental body or law enforcement agency.

When you make payments using Open Banking or debit card, our payment providers may carry out additional fraud checks, including device, behavioural, or transactional analysis, to protect you and us from fraud. These checks are carried out in accordance with data protection law and are required to ensure secure payment processing.

10. USING THIRD PARTIES AND TRANSFERRING YOUR INFORMATION INTERNATIONALLY

We may transfer your personal information or make it accessible to companies who are outside the UK or the European Economic Area (“EEA”) for operational reasons.

We may transfer your personal information or make it accessible if it is necessary for:

  • the performance of an agreement between you and us;
  • the completion of certain steps before providing the service you requested; or
  • the fulfilment or performance of an agreement that benefits you between us and our partners.

For example, your personal information may be transferred to or made accessible to staff of Gojoko Technologies (India) Private Limited, who are outside the EEA, namely in India, and who work for us.

Where this occurs, we will put adequate safeguards in place to ensure that your personal information remains protected in a manner that is consistent with how it would be protected under UK and EU data protection laws.

If you would like further details in relation to the countries to which your personal information is currently transferred, and the safeguards that are in place in relation to the transfer, please contact us using the details above.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers who process your personal information on our behalf to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

11. HOW LONG WE WILL STORE YOUR PERSONAL INFORMATION

We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we have collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

Most account records, including records relating to payments you make, are usually retained for 6 years after your account has been closed.

We may retain your personal information for a longer period if we need to (and it is in our legitimate interest) and/or the law says we have to.

12. YOUR LEGAL RIGHTS AND MAKING A COMPLAINT

Under certain circumstances, you have rights under data protection laws in relation to your personal information, including:

  • the right to request access to your personal information;
  • the right to request correction of your personal information;
  • the right to request erasure of your personal information;
  • the right to object to processing of your personal information;
  • the right to request restriction of processing your personal information;
  • the right to request transfer of your personal information; and
  • rights related to automated decision-making including profiling.

Your rights under data protection law depend on which role we are performing:

  • where we act as a data controller, you may exercise your rights directly with us;
  • where we act as a data processor, we will support the relevant lender or deposit taker in responding to your request in accordance with our legal and contractual obligations.

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

If you wish to exercise any of the rights set out above, please contact us or our DPO using the details above.

13. DIRECT MARKETING - YOUR RIGHT TO OPT OUT

When you apply for a product with or through us, we ask you if you would like to receive direct marketing from us.  If you do not want to receive direct marketing from us, we offer simple options to opt-out anytime. You can update your preferences in your online portal or click the unsubscribe link on any marketing emails we send to you.

If you unsubscribe from marketing, we will still send you statements and important information, such as notices that the law says we have to provide to you, as well as tell you about changes to your existing products and services to meet our legal obligations to you.

14. HOW WE WILL KEEP YOU UPDATED

We will post any changes to our Policy on this page. If we make significant changes, we will contact you to let you know.

This Policy was last updated in May 2026.

V5 2026

My Community Finance

Giving savers and borrowers access to ethical lenders such as credit unions through the Community Finance Network. For you. For everyone.

Links

Legal

Help

My Community Finance is the registered trading name of Amplifi Capital (UK) Limited - in Administration (“Amplifi” ).
Gareth Slater and Rob Spence have been appointed as Joint Administrators over the Amplifi in managing the affairs, business and property of Amplifi. The Joint Administrators act as agents of Amplifi, without personal liability.
Gareth Slater and Rob Spence are authorised to act as insolvency practitioners by the Institute of Chartered Accountants in England & Wales. We are bound by the Insolvency Code of Ethics.
Amplifi is authorised and regulated by the Financial Conduct Authority. FCA reference numbers are 718749 and 902841. Registered office number 08641995. Amplifi is registered with the Information Commissioner’s Office with registration number ZA040320. CCTA Membership Number CCTA1265.
Registered Office: c/o Interpath Limited, 10 Fleet Place, London, EC4M 7RB.