Privacy Policy & GDPR Statement
Last updated: 5 May 2026
1. Who We Are
KS Credit Control Limited ("we", "us", "our") is a company registered in England and Wales. We provide outsourced credit control, debt recovery, credit consultancy, and training services to businesses across the UK.
We are the data controller for personal data collected through this website and in the course of providing our services.
We are registered with the Information Commissioner's Office (ICO) under registration reference ZB607397, in accordance with our obligations under UK GDPR and the Data Protection Act 2018.
2. What Personal Data We Collect
We may collect and process the following categories of personal data:
Website visitors
- Name and contact details submitted via enquiry or contact forms
- Email address if you subscribe to communications
- Technical data including IP address, browser type, and pages visited (via analytics tools)
Clients
- Business contact details (name, email, phone number, job title)
- Financial information relevant to the provision of our services (aged debtor reports, invoice data, payment records)
- Communication records
Debtors (third parties referred to us by clients)
- Name, business name, contact details, and financial information provided to us by our clients in connection with outstanding invoices
- Communication records relating to debt recovery activity
3. How We Use Your Personal Data
We use personal data for the following purposes, with the corresponding legal basis under UK GDPR:
To provide our credit control and debt recovery services
Contract performance — processing is necessary to fulfil our contractual obligations to clients.
To contact you in response to an enquiry or consultation request
Legitimate interests — we have a legitimate interest in responding to business enquiries.
To process debtor data on behalf of our clients
Legitimate interests — the recovery of lawfully owed debts constitutes a legitimate interest, balanced against the rights of the individual.
To comply with legal and regulatory obligations
Legal obligation — including GDPR, ICO requirements, and applicable financial regulations.
To send marketing communications (where consent has been given)
Consent — you may withdraw consent at any time by contacting us.
4. Data Security
We take data security seriously. We are compliant with Cyber Essentials, the ICO's requirements, and UK GDPR. We hold professional indemnity insurance, errors and omissions cover, and cyber liability insurance.
All client sales ledgers and debtor information are password protected. Access to personal data is restricted to authorised team members only. All staff complete annual data protection and GDPR training.
In the event of a data breach that is likely to result in a risk to individuals, we will notify the ICO within 72 hours and affected individuals without undue delay where required.
5. How Long We Keep Your Data
We retain personal data only for as long as necessary for the purposes it was collected, or as required by law. Our standard retention periods are:
- Client records: 6 years from the end of the contract (in line with the Limitation Act 1980)
- Debtor records: Up to 6 years from the date of last contact or resolution
- Enquiry and contact form data: Up to 12 months if no service engagement follows
- Website analytics data: As per the retention settings of the analytics platform used
When data is no longer required, it is securely deleted or anonymised.
6. Who We Share Your Data With
We do not sell or rent personal data to third parties. We may share data in the following limited circumstances:
- Service providers: Third-party tools used to deliver our services (e.g. CRM platforms, email services), who are bound by data processing agreements
- Legal and regulatory requirements: Where we are required to disclose data by law, court order, or regulatory authority
- Professional advisers: Solicitors, accountants, or insurers, where necessary and under appropriate confidentiality obligations
All third parties with whom we share data are required to comply with UK GDPR and process data only in accordance with our instructions.
7. Your Rights Under UK GDPR
You have the following rights in relation to your personal data:
Right of access
You can request a copy of the personal data we hold about you.
Right to rectification
You can ask us to correct inaccurate or incomplete data.
Right to erasure
You can ask us to delete your data where there is no longer a lawful reason to hold it.
Right to restrict processing
You can ask us to limit how we use your data in certain circumstances.
Right to data portability
You can request your data in a structured, commonly used format where processing is based on consent or contract.
Right to object
You can object to processing based on legitimate interests, including direct marketing.
Right to withdraw consent
Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected]. We will respond within one calendar month.
If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
8. Cookies
Our website uses cookies to improve your experience and to help us understand how the site is used. Cookies are small text files stored on your device.
We use the following types of cookies:
- Essential cookies: Necessary for the website to function. These cannot be disabled.
- Analytics cookies: Help us understand how visitors interact with our site (e.g. pages visited, time on site). This data is aggregated and anonymised where possible.
- Marketing cookies: Used to track visits from marketing campaigns. These are only set where you have given consent.
You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the site.
9. Links to Third-Party Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies independently.
10. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The date at the top of this page indicates when it was last updated. We encourage you to review this policy periodically.
11. Contact Us
If you have any questions about this privacy policy or how we handle your personal data, please contact us:
Email: [email protected]
Phone: 0113 487 0765
