Creditsafe acts as data controller in connection with its services, not a data processor. This determination has been made following detailed data protection impact assessments on all data flows in and out of our organisation, including via the services we provide, and independent legal advice from data protection specialists. Creditsafe either owns or licences much of the business data it provides via its services. 


Creditsafe determines how that data is stored, used, and displayed via its services. For example, company information licensed by Creditsafe from publicly available sources, together with financial and trade payment data (where applicable), is used within Creditsafe’s credit risk decisions and incorporated into Creditsafe’s business reports, as well as being used in other Creditsafe services. Therefore, data processing clauses are not required and we will not be amending our terms to include them. There will be a change to our terms to reflect the introduction of GDPR but as this is not legally required, it will be introduced on a phased basis for new/renewing customers.