We take the protection of your information seriously. This Security Policy explains the technical and organisational measures we use to help keep personal and business information safe when you use our website or share details with us during a finance enquiry.

While no system is completely immune to risk, we use industry-standard safeguards and continuously improve our controls.

Our Security Approach (at a glance)

• Encryption in transit (TLS) for our website and contact forms

• Encrypted storage for personal data where applicable

• Access controls and least-privilege permissions for staff tools

• Multi-factor authentication (MFA) for administrative accounts where supported

• Logging and review of access to sensitive records

• Regular updates and patching of software we control

• Due diligence on third-party service providers (hosting, email, CRM)

• Backups and tested restore procedures for critical data

• Documented incident response and breach notification process

• Staff confidentiality obligations and security awareness

Technical Measures

Encryption in transit
All traffic to and from our website is protected using HTTPS (TLS). This helps prevent interception or tampering while data is in transit.

Encryption at rest
Where we store personal information in systems that support it, we use encrypted storage or rely on the encryption provided by reputable hosting and software vendors.

Access control & MFA
Access to systems containing personal data is limited to authorised personnel on a need-to-know basis. We use strong authentication, and enable MFA for admin or high-risk accounts where the platform supports it.

Logging & monitoring
We maintain logs for key systems and review access to sensitive records. We monitor for suspicious activity and take action where necessary.

Organisational Measures

Policies & training
Staff and contractors are bound by confidentiality and receive guidance on secure data handling, phishing awareness, and device hygiene (e.g., screen locks, updates).

Data minimisation
We only collect information we need to assess and progress your bridging finance enquiry.

Data retention & deletion
We retain data only for as long as necessary for the purpose collected and to meet legal or business record-keeping needs. When no longer required, data is securely deleted or anonymised (see our Privacy Policy for details).

Infrastructure & Hosting

Our website and business systems are hosted with reputable providers. Physical security, power, and environmental protections are provided by those vendors. We aim to store personal data in the UK. If data is processed outside the UK/EEA, we ensure appropriate safeguards are in place (e.g., approved contractual terms), as described in our Privacy Policy.

Third-Party Service Providers (Processors)

We use third-party services for functions such as website hosting, email, file storage, and customer relationship management. We select providers with appropriate security measures and maintain contracts that include data-protection commitments. Each provider also has its own security and privacy documentation.

Backups & Business Continuity

We maintain backups for critical business data and periodically test restoration procedures to reduce downtime and data loss in the event of an incident.

Vulnerability & Patch Management

We apply security updates to systems we control and review vendor security notices for cloud and SaaS tools we use. We update or mitigate as appropriate.

Incident Response & Breach Notification

We maintain an incident response process to triage, contain, investigate, and remediate security issues. Where a personal-data breach creates a risk to individuals, we will notify affected users and (where legally required) the relevant authority in line with UK data-protection law.

Your Responsibilities

Security is a shared effort. To help protect your information:

• Use trusted devices and keep your browser and operating system up to date

• Be vigilant about phishing: we will not ask you to send passwords or full sensitive documents over unsecured channels

• Contact us directly using the details below if you receive any suspicious communication claiming to be from us

Fraud & Impersonation Warning

If you are ever unsure whether a message is genuinely from BridgingLoansBroker.co.uk, do not click links or open attachments. Instead, contact us using the details below to verify.

Changes to this Security Policy

We may update this policy from time to time to reflect changes in technology, law, or our services. We will post updates on this page.

Version: 1.0
Effective date: 10 October 2025

Contact Us (Security)

If you have a security question or believe you’ve discovered a vulnerability or suspicious activity related to our site, please contact:

Bridging Loans Broker
12 Old Bond Street, Mayfair, London
Mobile: 07445 160345
Office: 0207 177 4141
Email: daniel@bridgingloansbroker.co.uk
Website: bridgingloansbroker.co.uk