Privacy Policy

Star Asset Finance’s Website Privacy Policy 2022


Star Asset Finance Limited (SAFL) is committed to protecting and respecting your privacy.


This privacy policy sets out how Star Asset Finance Limited uses and protects any information that you give Star Asset Finance Limited when you use this website. This policy also explains your rights under DPA (Data Protection Act) and GDPR (General Data Protection Regulation).


Star Asset Finance Limited is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement. 


Please read the following carefully to understand our views and practices regarding your personal data and how we collect, store and process it. By visiting our websites, you are accepting and consenting to the practices described in this policy.


For the purpose of the European Data Protection Regulation (GDPR) and the Data Protection Act 2018 (the Act), the data controller is Star Asset Finance Limited, 15th Floor, 33 Cavendish Square, London, W1G OPW.

What information Star Asset Finance collect:

We may collect the following information:

  • Name, Contact Information including email address and telephone number.
What Star Asset Finance do with the information we gather:

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • We may use the information to improve our services.
  • We may use your information to contact you regarding investment, acquisition or new opportunities, as you have requested via our website contact us facility.
Information you give to Star Asset Finance:
  • Name, Contact Information including email address and telephone number.
Who Star Asset Finance share the information you gave us with:

On your instruction we may look to share the information with part of The Group (The Group includes Credo Asset Finance Limited, Credo Capital Finance Limited, First Capital Finance Limited, Ignition Credit PLC and Kennet Equipment Leasing Limited) or third-parties where you have requested details of acquisitions and investments.

We will not share your personal data before gaining your consent.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.


The cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to our customers needs.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

The use of cookies is an industry standard, and most websites use them to provide useful features for their customers. Cookies in themselves do not personally identify users, although they do in a user’s computers. Most browsers are initially set to accept cookies. If you prefer you can set your system to refuse cookies. However, you may not be able to take full advantage of a website if you do so.

How to disable and enable cookies

Step 1- Launch Internet Explorer, click the little cog in the right-hand corner.

Step 2- Select options

Step 3- Choose the Privacy tab and click the advanced button

Step 4- On the next screen, select block for both first party and third-party cookies.

Step 5- Click ok, then close the windows.

Where we store your personal data

All information you provide to us is stored on our secure servers.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.


We retain your data inline with regulatory requirements. In certain circumstances this period may vary if we consider it necessary for good operational or commercial reasons, or in order to meet other legal obligations. If you would like details of our retention policy please contact us on [email protected].  

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise this right at any time by emailing [email protected]

Our site may, from time to time, contain links to and from the websites of our group network, marketing and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites.

Your rights under Data Protection Law

We operate under the Data Protection Act 2018 (‘DPA’) and the European General Data Protection Regulation (‘GDPR’).

DPA and GDPR applies to ‘personal data’ we process, and the data protection principles set out the main responsibilities we are responsible for.

We must ensure that personal data shall be:

a) processed lawfully, fairly and in a transparent manner;

b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;

c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

d) accurate and where necessary kept up to date.

Your rights under Data Protection Law

We must ensure that personal data shall be:

a) processed lawfully, fairly and in a transparent manner;

b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;

c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

d) accurate and where necessary kept up to date;

e) kept for no longer than is necessary for the purposes for which the personal data are processed. We operate a data retention policy that ensures we meet this obligation. The Data Retention Policy can be requested via email [email protected].

f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

To meet our Data Protection obligations, we have established comprehensive and proportionate governance measures.

We ensure data protection compliance across the organisation through:

a) implementing appropriate technical and organisational measures including internal data protection policies, staff training, internal audits of processing activities, and reviews of internal HR policies.

b) maintaining relevant documentation on processing activities.

c) implementing measures that meet the principles of data protection by design and data protection by default including data minimisation, pseudonymisation, transparency, deploying the most up-to-date data security protocols and using data protection impact assessments across our organisation and in any third-party arrangements.

Under GDPR You have the following specific rights in respect of the personal data we process:

  1. The right to be informed about how we use personal data. This Privacy Policy explains who we are; the purposes for which we process personal data and our legitimate interests in so doing; the categories of data we process; third party disclosures; and details of any transfers of personal data outside the UK.
  2. The right of access to the personal data we hold. This will be free of charge and must be provided within 30 days of receipt.
  3. The right to rectification, where data is inaccurate or incomplete.  In such cases we shall make any amendments or additions within 30 days of the request.
  4. The right to erasure of personal data, but only in very specific circumstances, typically where the personal data is no longer necessary in relation to the purpose for which it was originally collected or processed; or, in certain cases where we have relied on consent to process the data, when that consent is withdrawn and there is no other legitimate reason for continuing to process that data; or when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing. 
  5. The right to restrict processing, for example while we are reviewing the accuracy or completeness of data or deciding on whether any request for erasure is valid. In such cases we shall continue to store the data, but not further process it until such time as we have resolved the issue. 
  6. The right to data portability which, subject to a number of qualifying conditions, allows individuals to obtain and reuse their personal data for their own purposes across different services. 
  7. The right to object in cases where processing is based on legitimate interests, where our requirement to process the data is overridden by the rights of the individual concerned; or for the purposes of direct marketing (including profiling); or for processing for purposes of scientific / historical research and statistics, unless this is for necessary for the performance of a public interest task.
  8. Rights in relation to automated decision making and profiling.

Please contact us via email [email protected]  for more information about the GDPR and your rights under Data Protection law.

If you have a complaint about data protection, please email [email protected]

Alternatively, you can contact our supervisory authority for data protection, The Information Commissioners Office (

Address: Wycliffe House, Water Lane,  Wilmslow,  Cheshire, SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)

Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on our website and where appropriate notified to you by e-mail.


Questions, comments and requests regarding this privacy policy are welcomed and should be addressed via email [email protected]

Scroll to Top