Privacy Policy

Information Commissioner's Office

Our Contact Information:

  • Name: Payfor Limited
  • Address: Number One, Vicarage Ln, London E15 4HF, UK
  • Phone: (+44) 20 3553 3664
  • E-mail:

Types of Information We Collect

At Payfor Limited, we uphold the requirements of the General Data Protection Regulation (GDPR) and prioritise the privacy and security of your personal data. The specific personal data we gather depends on your association with Payfor LTD. 

If you complete our contact form, we may collect:

Identity Data: Full name or organisation name

Contact Data: Email address and telephone numbers.

Debt Information: Debt age, debt currency, and debt amount. Any other data about the debt that you are willing to share.

To comply with GDPR, we ensure accuracy, conduct periodic updates, and only retain data for the necessary duration. Legal obligations may require data retention beyond this period.

How We Handle Your Data

We are committed to handling your personal data responsibly and in compliance with GDPR regulations. Our utilisation of your information is governed by the following principles, employing various communication channels such as direct mail, email, SMS, and/or telephone:

  • Providing requested information, products, or services to you.
  • Informing you about products and services that align with your interests.
  • Identifying you as a potential client and recovering outstanding balances.
  • Safeguarding our interests may involve sharing information with third parties providing services on our behalf.
  • Entering into or negotiating contracts and fulfilling legal and regulatory obligations.

When obtaining or storing your information, we may:

  • Process and store your information on our computers or through any other appropriate means.
  • Monitor and/or record telephone conversations for training, security, and legal compliance under GDPR.
  • Conduct market research and analysis to understand better the needs of our customers, debtors, clients, and business contacts, tailoring our services and communications accordingly.
  • Gather additional information from various sources for the stated purposes.
  • Transfer information to other entities within our company or to potential funders.

If you prefer not to have your data used by us or selected third parties for marketing purposes, please indicate your preference on our online forms. You can also notify us at at any time if you do not wish your data to be used in this manner.

How We Source the Personal Data

While navigating the site, we automatically capture statistical data solely for website analytics, including your IP address. This data assists in analysing the website’s traffic and page popularity. Importantly, this information remains anonymous, and its primary purpose is to evaluate the site's effectiveness.

Online capture of personal data occurs only when provided by you, for instance, when filling out a quotation or contact form, subscribing to our email service, participating in Live Chat, or downloading resources.

Offline methods are another avenue for obtaining personal data, via telephone or instruction forms.

Who Has Access to Your Personal Data?

We ensure the safeguarding of your Personal Data by sharing it only with the entities outlined below, aligning with the purposes specified in the aforementioned table and adhering to GDPR requirements:

  • Members of our company: Internal sharing within our organisational structure.
  • Our external IT service provider.
  • Professional advisers: External consultants, lawyers, finance companies, auditors, insurers, and accountants within the EEA and beyond, acting as processors or joint controllers.
  • Governments and Public Authorities: Sharing with relevant entities in countries where we or our Group members conduct activities.
  • Third parties listed below: Refer to the table for specific third parties, the nature of data shared, and the purpose.
  • WordPress: Anonymous data collection for site improvement.
  • LinkedIn: Visitor insights and targeted advertising.
  • Google: Analytics for website improvement and remarketing.
  • Bing: Visitor information analysis for website and marketing enhancement.

GDPR Compliance and Data Security:

  • We enforce stringent data handling policies within the EU, utilisng Azure's cloud-based network infrastructure for O365 hosting.
  • Exceptions are outlined for GDPR-compliant data processors we engage with.
  • Your email and personal information won't be shared for marketing without explicit consent.
  • We respect your rights under Article 6(1)(f) of GDPR but reserve the right to contact you for legitimate reasons or share information when necessary for contractual performance.
  • We maintain control over confidentiality, disclosing information to authorised parties only when legally required.

Rest assured, your privacy and data security are paramount to us.

Your Legal Rights

The following encapsulates a succinct overview of your rights, excluding any intention to confer additional rights. Your entitlements encompass:

  • Per the DPA and GDPR, you possess the right to access information about you within our records. To request access, kindly contact us at
  • We commit to addressing any requests for rectification of inaccurate or incomplete data within one month or three months if the request is intricate. If such data has been disclosed to third parties, we will communicate the rectification to them.
  • You retain the right to object to any processing activities grounded in our legitimate interests (or those of a third party) as the legal basis for your data's utilisation, on grounds linked to your personal circumstances. Moreover, you can instruct us at any time not to process your personal data for direct marketing purposes through
  • The entitlement exists for the erasure of your personal data in scenarios such as when it is no longer necessary for processed purposes or if used solely based on your withdrawn consent. Erasure is also applicable in cases of unlawful data usage or compliance with legal obligations.
  • You possess the right to request the restriction of processing your Personal Data in situations such as verifying data accuracy, opposing unlawful usage, retaining data for legal claims, or pending verification of overriding legitimate grounds for data usage.
  • The right allows you to request the transfer of your Personal Data to yourself or a nominated third party in a structured, commonly used, machine-readable format. This right applies to data provided directly by you, based on your consent or contractual obligations, and processed through automated means.

Data Protection and Security Measures

We implement robust technical and organisational security protocols to safeguard the confidentiality and secure storage of the information you entrust to us. Our commitment to data protection adheres strictly to the GDPR and the DPA, ensuring that your data is processed only per these regulations.

However, it is important to note that the security of information shared online cannot be guaranteed entirely. There is a potential risk that external entities may monitor, intercept, or access your information without our knowledge. By utilising our website, you acknowledge and accept the inherent security implications of transmitting information over the internet.

We explicitly disclaim responsibility for any potential harm resulting from these inherent risks unless we are proven to be negligent in our duty. Your continued use of our services implies your agreement with these terms and conditions.

GDPR Requirements

In compliance with GDPR requirements, when a data controller maintains an online presence, the WP29 recommends that the controller offer a layered privacy notice. This ensures that data subjects are presented with a clear overview of the available information, allowing them to access detailed information within the layers of the notice. The first layer, as per the Guidelines, should consistently include information on processing that has the most significant impact on the data subject and processing that may come as a surprise.

Regarding third-party processors, our meticulously chosen partners and service providers may handle personal information on our behalf. Specifically, in the realm of digital marketing services, we occasionally engage digital marketing agents to execute marketing activities on our behalf. This entails the compliant processing of personal information. 

Among our appointed data processors is Prospect Global Ltd, trading as Sopro (Reg. UK Co. 09648733). For further details, you can refer to Sopro's privacy policy at Sopro is registered with the ICO (Reg: ZA346877), and their Data Protection Officer can be contacted via email at

Payfor Commercial Debt Recovery Agency Logo

Your global 
recovery specialists.

Payfor's Google Ratings Image


Facebook white logoTwitter bird logoInstagram logo

Global Address

Number One, Vicarage Ln, London E15 4HF  

Copyright. Payfor 2024. London.