Privacy Policy

Who we are?

We’re Valerian Capital (UK) Ltd (Valerian, we, our, us). We are serious about protecting and respecting your privacy. We have registered with the Information Commissioner’s Office (ICO) under number ZA839159.

This policy explains how we use your personal information when you use our website, make a funding application, or access services for businesses that have received funding from us. Please also read our Cookie Policy for more information on what cookies are and how we use them.

Want more information about how we handle personal information or want to contact our Data Protection Officer? Email us at [email protected] or write to us at Valerian Capital (UK) Ltd, 80-83 Long Lane, London, EC1A 9ET, London UK.

You and your data

The business and people authorised by the business are referred to as ‘you’ in this policy. If multiple people have authority to give instructions, ‘you’ or ‘your’ can refer to any or all of those people.

Where you share personal data which is not about yourself, for example, about an employee, business partner, director, owner, you must have the permission of the other person and confirm that they understand how we will use their data.

The information we hold about you

Information from direct Interactions

Information we hold about you and people connected to your business will often come from you directly (for example, when you apply for funding). That information will include:

• Our own records of your shareholders including beneficial owners, suppliers and companies you use or may have agreements with
• Other directors, partners, beneficial owners, signatories or employees in your business
• People appointed to act on your behalf

Information shared through our website

• Details you give when you see if you qualify for funding or make an application such as your name, address, date of birth, email, phone number, geographical location, ID, photograph.
• Details about your business including industry, business size, financial information to determine eligibility for funding.
• The login details and settings you choose for the website and your card, so that you can use these securely.
• Your IP address for security reasons.
• When you use mobile versions of our site, we may collect your device ID, so we can share it with companies that help us with advertising online.

Information we collect if you get in touch

We collect the following information so we can answer your questions or take any action:

• The phone number you’re calling from and information you give us during the call (we record all calls).
• The email address you use and the contents of your email (and any attachments).

Information we collect when you use our services

We collect this information to give you services in a safe and lawful way, and to keep improving them. This includes:

• Details about payments to and from your Valerian account
• Details about services from us and our partners that you express interest in
• Details about how you use our website.

Information we get from external sources

When you apply for funding:

• We’ll need to verify your identity and search your record with fraud prevention agencies, Anti Money Laundering (AML), and Know Your Customer (KYC) service providers
• We may request access to the platforms you use to run your business (such as banking, sales, advertising, and accounting) and use the data shared to determine eligibility and monitor performance.

Our reasons for using your information

European Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent. In this section, we explain which one we rely on to use your data in a certain way.

We need to use your data for a contract we have with you, or to enter into a contract with you. We use details about you to:

• Consider your Advance application
• Give you the services we agreed to in line with our Terms of Use
• Send you messages about your account and other services you use if you get in touch, or we need to tell you about something
• Exercise our rights under contracts we’ve entered into with you, like managing, collecting and recovering money you owe us
• Investigate and resolve complaints and other issues

We need to use your data to comply with the law. We:

• Confirm your identity when you sign up or get in touch
• Check your record at fraud prevention agencies
• Prevent illegal activities like money laundering, tax evasion and fraud
• Keep records of information we hold about you in line with legal requirements
• Adhere to banking laws and regulations (these mean we sometimes need to share customer details with regulators, law enforcement or other third parties)

When it’s in our ‘legitimate interest’.

We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third party’s) interest and which doesn’t involve overriding your privacy rights. We:

• Tell you about products and services through our website or other channels, like social media, based on how you use our products and services and other information we hold about you. We do this so that we can make sure our marketing is useful.
• Track, analyse and improve the services we give you and other clients and how you respond to ads we show. We may ask for feedback if you’ve shown interest in a service. We do this so that we can make our products better and understand how to market them.
• Protect the rights, property or safety of us, our clients or others
• Carry out security and maintenance checks to make sure our website and other services run smoothly for you.
• Manage Valerian’s business and financial affairs and protect our clients and staff
• Share information with credit bureaus so we can benefit from up-to-date information when we make investment decisions, and other companies so they can help us provide our services.

Consent

We’ll ask for your consent to:

• Tell you about our products and services, and those of our partners if we think they are of interest to you. You can unsubscribe from our emails by email.
• Share information about you with companies we work with when we need your permission (see ‘Who we share your data with’ below)

You don’t have to share information about yourself if you don’t want to. But if you don’t, you may not be able to use some (or any) of our services.

Who we share your data with

Companies that give services to us. Here we mean companies that help us provide services you use, and need to process details about you for this reason. We share as little information as we can and encrypt and/or make it impossible for you to be identified by the recipient where possible (for instance by using a User ID rather than your name).

• Companies that make our Valerian virtual credit cards
• Card producers and networks, like Visa
• Know Your Customer (KYC) and Anti-Money Laundering (AML) service providers that help us with identity verification or fraud checks such as Trustid (www.trustid.co.uk)
• Cloud computing power and storage providers like Amazon Web Services (AWS), Google Cloud and Digital Ocean
• Our business intelligence and analytics platform provider
• Companies that help us with marketing (but we won’t share identifiable personal data with third parties for their own direct marketing unless you give us permission, and you can opt-out any time)
• Software companies that we use for emailing you
• Companies that help us with customer support
• Companies that offer benefits or rewards through special programmes you sign up to via the website
• Companies that print written statements and notices

Anyone you give us permission to share it with.

• Companies that introduce their own services via the Valerian website
• Tools to transmit information relating to payment accounts such as GoCardLess or Stripe
• Your own banking, sales, advertising, accounting or other business platforms to determine eligibility and monitor performance such as Shopify, Google, or Xero
• People you’ve asked to represent you, such as solicitors

Law enforcement and other external parties.

We may share your details with:

• Authorities that spot and stop financial crime, money laundering, terrorism, and tax evasion if the law says we have to, or if it’s necessary for other reasons
• The police, courts or dispute resolution bodies if we have to
• Other banks to help trace money if you’re a victim of fraud or other crimes or if there’s a dispute about a payment
• Any other third parties where necessary to meet our legal obligations

We may also share your details with people or companies if there’s a corporate restructure, merger, acquisition or takeover.

When we make automated decisions

We sometimes use computers to make decisions. We do this for things like deciding if we can make you a funding offer based on information we hold about you. This includes details on whether you’ve kept up to date with payments on any credit accounts, and if you’ve been to court. You can ask for a member of the team to review a decision by emailing [email protected].

How long we keep your information

We keep most of your data as long as you’re using Valerian, and for 5 years after that to comply with the law and if we face a legal challenge. In some circumstances, like cases of anti-money laundering or fraud, we may keep data longer if we need to (that’s in our legitimate interest) and/or the law says we have to.

To work out how long we keep different categories of data, we consider why we hold it, how sensitive it is, how long the law says we need to keep it for, and what the risks are.

Your rights

You have a right to:

• Access the personal data we hold about you, or to get a copy of it
• Ask for a copy of your personal data in a portable (machine-readable) format or make us send it to someone else
• Ask us to correct inaccurate data
• Ask us to delete, ‘block’ or suppress your data, though for legal reasons we might not always be able to do it
• Say no to us using your data for direct marketing and in certain other ‘legitimate interest’ circumstances
• Companies that help us with marketing (but we won’t share identifiable personal data with third parties for their own direct marketing unless you give us permission, and you can opt-out any time)
• Withdraw any consent you’ve given us
• Ask a member of staff to review a computer-made (automated) decision

To do any of these things, please contact us through the website or by emailing [email protected]. EU data protection laws, like the GDPR, give us one month to respond.

Where we store or send your data

We may transfer and store the data we collect from you to organisations outside the European Economic Area (‘EEA’). When we do this, we make sure that your data is protected and that:

• The European Commission says the country or organisation has adequate data protection, or
• We’ve agreed to standard data protection clauses approved by the European Commission with the organisation.
• If you’d like a copy of the relevant data protection clauses, please send an email to [email protected].

How to make a complaint

If you have a complaint about how we use your personal information, please send an email to [email protected] and we’ll do our best to fix the problem. You can also reach our Data Protection Officer in a similar way.

If you’re still not happy, you can refer your complaint with a data protection supervisory authority in the EU country you live or work, or where you think a breach has happened. The UK’s supervisory authority is the Information Commissioner’s Office (ICO). For more details, you can visit their website at ico.org.uk.

Changes to this policy

We’ll post any changes we make to our privacy notice on this page and if they’re significant changes we’ll let you know by email.