BuildFund
Get startedBook a demoLogin

Legal

Data Protection and UK GDPR Notice

Last updated: 23 April 2026

Data Protection and UK GDPR Notice

This Notice provides additional information about how Bare Capital Ltd complies with the UK General Data Protection Regulation and the Data Protection Act 2018.

1. Controller details

Bare Capital Ltd is the data controller for personal data processed through Buildfund, except where we clearly state otherwise.

Contact email: info@buildfund.co.uk

Registered address: Black Bull House 353-355 Station Road, Bamber Bridge, Preston, Lancashire, United Kingdom, PR5 6EE

2. Principles we follow

We process personal data in accordance with the principles of UK GDPR. Personal data must be:

  • processed lawfully, fairly and transparently,
  • collected for specified, explicit and legitimate purposes,
  • adequate, relevant and limited to what is necessary,
  • accurate and kept up to date where necessary,
  • retained only as long as necessary,
  • kept secure with appropriate protection,
  • handled in a way that demonstrates accountability.

3. Lawful processing

We only process personal data where there is a lawful basis, including:

  • contractual necessity,
  • legitimate interests,
  • compliance with legal obligations,
  • consent where required,
  • legal claims.

4. Data subject rights

Individuals may have the following rights:

  • right to be informed,
  • right of access,
  • right to rectification,
  • right to erasure,
  • right to restrict processing,
  • right to data portability,
  • right to object,
  • rights relating to automated decision-making, where applicable.
  • Requests can be sent to info@buildfund.co.uk.

5. Data processors and sub-processors

We may use processors and sub-processors for hosting, communications, email, analytics, customer support, compliance, storage and software infrastructure. We use contracts and due diligence to ensure they handle personal data appropriately.

6. Security measures

We maintain technical and organisational measures appropriate to the nature of the data and risks involved. These may include access controls, encryption, monitoring, backups, role-based permissions and incident management procedures.

7. Data breaches

Where required by law, we will notify the ICO and affected individuals of personal data breaches in accordance with our legal obligations.

8. International transfers

Where international transfers occur, we use lawful safeguards and assess transfer risks where required.

9. Complaints

You may contact us first at info@buildfund.co.uk. You also have the right to complain to the ICO.

ICO website: www.ico.org.uk