Last updated: 29 October 2025
Welcome to Boshhh Group Limited. We are committed to protecting your privacy and handling your personal information responsibly, transparently, and in compliance with applicable UK data protection laws.
This Privacy Policy explains how we collect, use, store, and share your personal data when you engage with our website, services, and tools.
By accessing our website or submitting your information to us, you acknowledge that you have read and understood this Privacy Policy and agree to the practices described within it.
We, us, our
Boshhh Group Limited
Personal data
Any information relating to an identified or identifiable individual
Special category personal data
Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership
Genetic and biometric data
Data concerning health, sex life or sexual orientation
Boshhh Group Limited is a UK-based provider of fintech intelligence tools. Our platform offers a suite of products designed to improve decision-making, compliance, onboarding, risk analysis, and operational efficiency. These tools include solutions for open banking insights, credit reporting, identity verification, affordability assessment, claims data analysis, and more. We work with regulated firms, legal service providers, and financial institutions to help them deliver faster, more accurate, and more secure services.
We collect personal data directly from you when you fill out a form on our website, download a brochure, contact our sales team, or use one of our services. Information collected may include your name, email and address. In some cases, we also collect data indirectly through analytics tools, cookies, or third-party platforms that refer traffic to us.
When you interact with our tools or services that involve data processing—such as ID verification, credit assessments, or open banking checks—we may also collect sensitive financial and identification information with your explicit consent. This includes bank transaction history, credit file information, ID documents, and biometric data when required for service functionality.
We do not intentionally collect any special categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).
Our services are not intended for individuals under the age of 18, and we do not knowingly collect data from them.
We use your personal data to respond to your enquiries, deliver requested materials or services, provide access to our tools, manage client relationships, and maintain the functionality of our platform. If you have requested a brochure or booked a demo, we process your data to fulfil that request. When you interact with our verification or financial tools, we process data to return insights, generate reports, and help your organisation make informed decisions. Some of our tools may use automated decision-making to assess risk or eligibility. You have the right to request human review of such decisions or to contest them.
In some cases, we may also use your data to send service-related updates or marketing communications, provided you have given us permission to do so.
You can withdraw your consent to marketing communications at any time by clicking the “unsubscribe” link in our emails or by contacting us at optout@boshhh.com. Withdrawing consent does not affect the lawfulness of any processing carried out before withdrawal.
We process personal data on a lawful basis established under the UK General Data Protection Regulation (UK GDPR). These include consent (where you have actively agreed to data use), performance of a contract (where data is necessary to provide a service you have requested), legal obligation (where we are required to retain data or comply with regulatory requirements), and legitimate interests (where processing enables us to improve services or support client needs without overriding your fundamental rights).
For clarity, we rely on the following lawful bases under UK GDPR:
Consent: When you opt in to receive marketing or allow access to open banking data.
Contract: When processing is necessary to provide a service, demo, or product you’ve requested.
Legal Obligation: When required to comply with regulatory or financial laws.
Legitimate Interests: When processing is needed to improve, secure, or operate our services, provided your rights do not override those interests.
Your personal data is never sold. However, we may share it with carefully selected third-party providers that support our platform—for example, cloud storage providers, analytics services, CRM systems, and regulated open banking partners. Where applicable, data is also shared with credit reference agencies or legal service platforms to fulfil the service you are engaging with. All third parties are contractually obligated to handle your data securely and in accordance with UK GDPR.
Open banking and sensitive data
Certain tools we offer rely on secure open banking connections or the sharing of sensitive personal data. You may be asked to grant permission to access your financial data through a regulated open banking interface. These connections are secure, encrypted, and time limited. We only access your data with your consent and for the specific purpose made clear to you during the process. Once retrieved, your data is processed to generate insights and then stored securely in accordance with our data retention policy.
Data retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy. Typically, this means enquiry data is held for up to 12 months from your last interaction with us, unless you request it be deleted sooner. Marketing preferences are stored until you choose to opt out or unsubscribe. We may retain necessary data in line with our contractual and regulatory obligations. Any financial or verification data accessed through our tools is retained for as short a period as required, in compliance with data minimisation principles and secure handling protocols, typically no longer than ninety days, unless required for legal compliance.
Your rights
As a data subject under UK GDPR, you have the right to access a copy of your personal data, request that we correct any inaccuracies, ask us to delete your data where appropriate, object to or restrict our processing of your data, withdraw your consent at any time and request the transfer of your personal data to another party (data portability). If you wish to exercise any of your rights, you can contact our Data Protection Officer using the contact information provided below. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data is being processed unlawfully.
You can exercise any of these rights at any time by contacting us at optout@boshhh.com.
Cookies and analytics
Our website uses cookies to provide core functionality, improve user experience, and analyse site performance. These may include session cookies, preference settings, and analytics tracking such as Google Analytics. You have the option to manage or disable cookies via your browser settings or through our on-site cookie management tool. For more information, please refer to our dedicated Cookie Policy.
Data security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption, secure servers, restricted access controls, regular system monitoring, and staff training on data protection practices.
External links
Our services or website may contain links to third-party sites or services not operated by us. We are not responsible for the privacy practices or content of these external companies. We recommend reviewing their privacy policies before submitting any personal data to them.
Policy updates
We may update this Privacy Policy from time to time to reflect changes in law, technology, or our service offering. When updates are made, we will revise the “Effective Date” at the top of this page. We encourage you to review this page periodically to stay informed about how we are protecting your data.
Contact information
If you have any questions about this Privacy Policy or how your data is handled, please contact our Data Protection Officer by;
Email: optout@boshhh.com
Registered Address: 253 Monton Road, Eccles, Manchester, M30 9PS
Our company information is as follows:
Company Name: Boshhh Group Limited
Company Registration Number: 16711710
ICO Registration Reference Number: ZB995126