Privacy Policy

The following privacy policy outlines how we treat your personal data and how you can contact us about it.

Pickle is a trading style of Salad Affinity Limited ("we", "us" or "our"). Registered in England and Wales (No. 16230223). Registered Office: 49 Greek Street, London W1D 4EG.Our ICO registration number is ZB972293.

If you have questions about this policy, please contact help@pickle-app.com .

Introduction

This privacy policy describes how and why we might access, collect, store use and/or share ("process") your personal information when you use our services ("Services"), including when you:

  • Use Pickle or visit any website, app or platform of ours that contains or links to this privacy policy.
  • Engage with us in other related ways, including any sales, marketing or events.

Reading this privacy policy will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services.

Information we collect

We collect personal information that you provide directly to us, information collected when you use our Services, and information provided by third party services such as Yapily Connect Ltd.

Personal information you provide may include:

  • Contact details (name, address, email, telephone number).
  • Identification and demographic details (date of birth, nationality, gender — only where necessary).
  • Financial information (bank account details, income, credit history, transaction data).
  • Account credentials and communication preferences.

Information collected automatically may include:

  • Technical data (IP address, device type, browser, operating system).
  • Usage and behavioural data (pages viewed, clicks, app interactions).
  • Analytics data from service providers and advertising platforms.

Where we collect special category data (for example, ethnicity or gender identity) we will do so only with your explicit consent or where otherwise lawfully permitted.

Open banking data

When you choose to connect your bank or financial account to Pickle, we use secure Open Banking technology provided by Yapily Connect Ltd, which is authorised and regulated by the Financial Conduct Authority (FRN 827001) to provide Account Information Services under the Payment Services Regulations 2017.

With your explicit consent, we receive information from your chosen account provider such as:

  • account holder details (name, sort code, account number, type);
  • account balances; and
  • transaction data (amount, date, description, merchant and category).

We never see or store your bank login credentials.

We process this information under Article 6(1)(a) UK GDPR – Consent to:

  • assess affordability and financial eligibility for Pickle products and services;
  • provide personalised financial insights and recommendations;
  • verify identity and prevent fraud; and
  • comply with legal and regulatory obligations.

We do not use your Open Banking data for marketing unless you give separate consent.

Your consent is valid for up to 90 days from the date you connect your account. After that, we will ask you to renew it if you wish to continue sharing data.

You can withdraw consent at any time by:

  • removing the account connection in your Pickle app;
  • revoking access directly through your bank; or
  • contacting us at help@pickle-app.com

Withdrawal stops all future data access but does not affect information already lawfully processed.

All Open Banking data is transmitted using encrypted connections and handled securely in accordance with this Privacy Notice. We only share it with trusted partners who help deliver our Services and are bound by strict data-protection obligations.

Procesing your information

We process your information for the following purposes:

  1. To provide and improve our services
    • Deliver, operate and personalise the Pickle app
    • Facilitate credit broking and related financial services under our FCA permissions
    • Provide updates, support, troubleshooting and trend analysis
    • Carry out research, analytics and monitoring to improve performance and user experience
  2. To assess eligibility and manage risk
    • Verify your identity
    • Prevent, detect and investigate fraud, financial crime or misuse of our Services
    • Assess affordability, financial eligibility and creditworthiness (including through automated analysis or profiling where relevant — see below)
  3. To communicate with you
    • Respond to your enquiries and manage your account
    • Send service updates, notifications and product information
    • Send marketing communications where you have consented or where otherwise permitted by law
  4. To meet our legal and regulatory obligations
    • Comply with FCA requirements, anti–money laundering rules and other applicable laws
    • Investigate potential breaches of our Terms
    • Protect our rights and the rights or safety of others

We may use automated tools or profiling to assess your financial information (for example, when evaluating affordability or creditworthiness). Where this has a legal or significant effect on you, we will inform you about the logic involved, the potential consequences, and the rights you have to request human review, express your viewpoint or contest the decision.

Legal bases to process your information

We may rely on the following legal bases to process your information:

  • Consent. We may process your information when you have given us permission to use your personal information for a specific purpose.
  • Contract. We may process your information when we believe it is necessary to fulfil our contractual obligations to you or at your request prior to entering into a contract with you.
  • Legitimate interests. We may process your information to achieve a business interest and those interests do not outweight your own rights and interests.
  • Legal obligations. We may process your information to comply with the law.
  • Vital interests. We may process your information when we believe it is necessary to protect your vital interests or those of a third party.

For any special category data, processing is based on your explicit consent or another condition under Article 9 UK GDPR.

We are generally the "data controller" under the General Data Protection Regulation (GDPR) and UK GDPR of the personal information described in this privacy policy. This privacy policy does not apply to information we process as a "data processor" on behalf of our clients.

Sharing your information

We may share your information with third party vendors, service providers, contractors or agents ("Third Parties") who perform services for us or on our behalf and require access to such information to do that work.

We may share personal information with the following categories of third parties:

  • Cloud-hosting and IT-infrastructure providers
  • Data-storage and analytics providers
  • Credit reference agencies, lenders, and other authorised credit brokers
  • Payment processors and identity-verification partners

We also may need to share personal information in the following situations:

  • Business transfers. If we are involved in a merger, acquisition or sale of assets, your information may be transferred to the successor entity.
  • Affiliates. We may share information with our affiliates, in which case we will require those affiliates to honour this privacy policy. Affiliates include any parent company, subsiduaries, joint venture partners or other companies that we control or that are under common control with us.

We do not sell your personal information.

Stance on third parties

Our Services may contain links to third party websites, apps, platforms and/or advertisements from third parties that are not affiliated with us. We do not make any guarantee regarding any such third parties and we will not be liable for any loss or damage from their use.

International transfers

Your data may be transferred and processed outside the United Kingdom. Where this occurs, we use approved safeguards, such as the UK International Data Transfer Addendum or the EU Standard Contractual Clauses, to ensure adequate protection.

Data retention

We retain personal information only for as long as necessary to fulfil the purposes described in this policy, including satisfying legal, accounting, or reporting requirements.

When no longer required, data will be securely deleted or anonymised.

Data security

We have implemented appropriate technical and organisational measures designed to protect the security of any personal information we process.

Your rights

You may exercise your statutory rights in respect of the information we hold about you:

  • Access - you may request copies of any records we hold of you.
  • Rectify - you may ask us to correct any information that we hold of you.
  • Erase - you may ask us to delete any information where there is no reason for us to process it, where you have successfully objected to us processing it, where we have processed it unlawfully or where we must delete it to comply with local law.
  • Objection - You may object to us processing your information where we (or our service providers) rely on a legitimate interest and in cases of direct marketing.
  • Restriction - you may ask us suspend processing your information where you want to establish your information's accuracy, where our use is unlawful, where you require us to hold the data in order to establish, exercise or defend legal claims, or where you have objected to our use and we need to establish whether we have overriding legitimate grounds.
  • Data portability/transfer - you may ask us to transfer information provided to us under your consent or used in connection with performance of our contract with you to you or a third party.
  • Withdraw - where we rely on consent to process your information, you may withdraw consent.
  • Complaint - you have the right to make a complaint to the relevant regulator.

To exercise these rights, navigate to Settings within your Pickle account or contact our Data Protection Officer at help@pickle-app.com. You will not have to pay a fee to access your personal information. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may also refuse to comply with your request in these circumstances.

We may request specific information from you to help us confirm your identity and ensure your right to access your personal information. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

We will try to respond to all legitimate requests within one month, but it may take longer if your request is complex or if you have made several requests. We will keep you notified.

Cookies

We use cookies and similar technologies to operate and improve our Services. Essential cookies are necessary for the website or app to function and are set automatically.

Non-essential cookies (such as analytics or marketing cookies) are only used with your consent.

You can manage or withdraw your consent at any time through your browser settings or our cookie banner. Disabling cookies may affect some features of the Services.

We set the following cookies:

  • Login cookies: Remember your session while you are signed in.
  • Consent cookies: Record your cookie preferences.
  • Preference cookies: Remember information you have provided to improve usability.

For more details about the cookies we use and their purposes, please see our Cookie Notice.

Changes

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date at the bottom of this privacy policy.

Contacting us

You may contact our Data Protection Officer at help@pickle-app.com or by post to the following address:

Pickle

Salad Affinity Limited

49 Greek Street

London

W1D 4EG

England

Last updated on 21/11/2025