PRIVACY POLICY

Last Updated: Shawwal 1447 H | April 2026 CE

1. Introduction

Credit Amanah Limited (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or engage with our services.

We process all personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Where we collect or process personal data of individuals located in the European Union, we are equally committed to compliance with the EU General Data Protection Regulation (EU GDPR) 2016/679.

Our approach to data protection is guided not only by applicable law but also by our commitment to the Islamic principles of trust (Amanah), transparency (Wuduh), and ethical conduct (Akhlaq) that are fundamental to everything we do at Credit Amanah Limited.

Please read this policy carefully. By using our website or engaging with our services, you confirm that you have read and understood how we handle your personal data.

2. Who We Are

Credit Amanah Limited is a company registered in England and Wales and is the data controller responsible for your personal data collected through this website and in the course of providing our services.

Company Registration Number: 13612807

Registered Address: 14/2E, Docklands Business Centre, 10-16 Tiller Road, London, E14 8PX, United Kingdom

Website: www.creditamanah.com Contact Email: [email protected]

Upon completion of our ICO registration, our data protection registration number will be published here. If you have any questions regarding this Privacy Policy or how we handle your personal data in the meantime, please contact us directly at the above email address.

3. What Personal Data We Collect

We may collect and process the following categories of personal data:

a) Identity Data

  • Full name
  • Passport copy and National Identity document
  • Nationality
  • Shareholder and directorship information
  • Politically Exposed Person (PEP) status where applicable

b) Contact Data

  • Email address
  • Telephone number
  • Business address and registered office address

c) Business and Enquiry Data

  • Company name and country of operation
  • Nature of business and industry sector
  • Trade finance or Islamic finance product interest and requirements
  • Messages and enquiries submitted through our contact or application form

d) Financial and Transaction Data

  • Bank statements and tax details where applicable
  • Certificate of Incorporation and company registration documents
  • Shareholding structure and principal shareholder details
  • Proforma Invoices, Sales Contracts, and project documentation
  • Payment records and wire transfer details
  • SWIFT message records where applicable
  • Shariah compliance documentation where required

e) Technical Data

  • IP address
  • Browser type and version
  • Internet Service Provider (ISP)
  • Date and time stamp of website visits
  • Referring and exit pages
  • Website usage and browsing data collected via cookies where applicable

f) Communications Data

  • Emails, enquiries, and correspondence sent to or received from us

4. How We Collect Your Personal Data

We collect personal data through the following means:

  • Direct interactions — when you complete our application or enquiry form, submit documentation, sign agreements, or contact us by email or telephone
  • Automated technologies — when you browse our website, we may automatically collect technical data via cookies and similar technologies. Please refer to our Cookie Policy for further details
  • Third parties — in certain circumstances, we may receive information about you from third parties such as introducers, brokers, Islamic finance institutions, or business partners who refer clients to us

5. How We Use Your Personal Data

We will only use your personal data where we have a lawful basis to do so under UK GDPR. The lawful bases we rely on are:

  • Performance of a contract — to process your enquiry or application, prepare documentation, execute the Service Agreement, and deliver the requested trade finance or Islamic finance advisory service
  • Legal obligation — to comply with applicable laws and regulatory requirements including anti-money laundering (AML) and Know Your Customer (KYC) obligations under the Money Laundering Regulations 2017
  • Legitimate interests — to manage and improve our services, prevent fraud, and protect our business and clients, where your interests and rights do not override ours
  • Consent — where you have explicitly provided consent, such as for marketing communications

Specifically, we use your personal data to:

  • Respond to your enquiries and assess your application for trade finance or Islamic finance advisory services
  • Conduct due diligence, KYC, and AML checks as required by law
  • Assess Shariah compliance requirements where applicable to your transaction
  • Prepare and execute Service Agreements and related documentation
  • Communicate with you throughout your application and transaction
  • Issue or arrange financial instruments on your behalf where applicable
  • Comply with our legal and regulatory obligations including FCA requirements
  • Detect, investigate, and prevent fraudulent activity
  • Maintain and improve our website and services

We will not use your personal data for any purpose not described in this policy without your prior consent.

6. Marketing Communications

We will only contact you with marketing communications where you have given us your explicit consent to do so. You may withdraw your consent at any time by contacting us at the email address provided in Section 2. We will never sell, rent, or share your personal data with third parties for marketing purposes.

7. Disclosure of Your Personal Data

We may share your personal data with the following categories of recipients where necessary:

  • Issuing banks and financial institutions — for the purpose of facilitating the requested financial instrument or advisory service on your behalf
  • Shariah advisory boards and scholars — where Shariah compliance assessment is required in connection with your transaction, subject to strict confidentiality obligations
  • SWIFT network — for the transmission of financial instrument messages where applicable
  • Legal and compliance advisers — where required for regulatory compliance or legal proceedings
  • FCA and regulatory authorities — where we are required to disclose information as part of our regulatory obligations or licence application process
  • Regulatory and law enforcement authorities — where we are legally obliged to disclose information, including under AML and KYC regulations
  • Third-party service providers — such as IT service providers, website hosting providers, and communication platforms, who process data on our behalf under strict confidentiality obligations

We do not sell, rent, or trade your personal data to any third party for commercial purposes under any circumstances.

8. International Transfers of Personal Data

In the course of facilitating international trade finance and Islamic finance transactions, your personal data may be transferred to, or accessed by, parties located outside the United Kingdom, including in jurisdictions where Islamic finance is regulated such as the UAE, Malaysia, Bahrain, and Saudi Arabia. Where such transfers occur, we will ensure that appropriate safeguards are in place in accordance with UK GDPR requirements, including reliance on adequacy decisions or the use of the International Data Transfer Agreement (IDTA) as approved by the UK Information Commissioner’s Office (ICO).

Where we collect or process personal data of individuals located in the European Union, we will ensure that such transfers comply with EU GDPR requirements, including the use of Standard Contractual Clauses (SCCs) where applicable.

9. Data Retention

We will retain your personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. In general:

  • Enquiry and contact form data is retained for up to twelve months from the date of submission, or longer if the enquiry progresses to a transaction
  • Client application and transaction records are retained for a minimum of six years following the completion of the transaction, in line with UK financial record-keeping requirements
  • KYC and AML documentation is retained for a minimum of five years following the end of the business relationship, in accordance with the Money Laundering Regulations 2017
  • FCA related records are retained in accordance with FCA record-keeping requirements as applicable
  • General correspondence is retained for up to three years unless there is an ongoing legal or regulatory obligation to retain it for longer

Upon expiry of the applicable retention period, personal data will be securely deleted or anonymised.

10. Data Security

Credit Amanah Limited takes the security of your personal data seriously and has implemented appropriate technical and organisational measures to protect it against unauthorised access, loss, destruction, or alteration. These measures include secure email communications, restricted access to client files, and confidentiality obligations imposed on all staff and third-party processors.

Whilst we take every reasonable precaution, no method of electronic transmission or storage is entirely secure. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours of becoming aware of the breach and will inform affected individuals without undue delay where required.

11. Your Rights Under UK GDPR

Under the UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — you have the right to request a copy of the personal data we hold about you, free of charge in most circumstances
  • Right to rectification — you have the right to request that we correct any inaccurate or incomplete personal data
  • Right to erasure — you have the right to request that we delete your personal data, subject to any legal obligations requiring us to retain it
  • Right to restriction of processing — you have the right to request that we restrict the processing of your personal data in certain circumstances
  • Right to data portability — you have the right to request that we transfer your personal data to you or a third party in a structured, commonly used, and machine-readable format
  • Right to object — you have the right to object to the processing of your personal data where we rely on legitimate interests as our lawful basis
  • Right to withdraw consent — where we process your data on the basis of consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal

EU data subjects retain the same rights as outlined above and may exercise those rights by contacting us at the email address provided in Section 2.

To exercise any of the above rights, please contact us at the email address provided in Section 2. We will respond to all legitimate requests free of charge within one calendar month. In complex or multiple requests, we may extend this period by a further two months, in which case we will notify you in writing.

12. Cookies

Our website may use cookies to improve your browsing experience and to collect technical data about how visitors use our site. Cookies are small text files placed on your device when you visit our website. We use the following types of cookies:

  • Strictly necessary cookies — essential for the website to function correctly and cannot be disabled
  • Analytical cookies — used to understand how visitors interact with our website, helping us to improve its performance and content
  • Preference cookies — used to remember your settings and preferences for future visits

You can manage or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of our website. For full details of the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

13. Children’s Information

Our website and services are directed exclusively at businesses and sophisticated commercial clients engaged in international trade and Islamic finance. We do not knowingly collect personal data from individuals under the age of 13. If you believe that a child has provided personal data through our website, please contact us immediately and we will promptly take steps to remove that information from our records.

14. Regulatory Status

Credit Amanah Limited is a company registered in England and Wales under Company Number 13612807. Credit Amanah Limited has submitted an application for authorisation under Annex 1 of the Financial Services and Markets Act 2000 (FSMA) to the Financial Conduct Authority (FCA). Until such authorisation is granted, Credit Amanah Limited operates on a non-regulated basis and its services are directed exclusively at businesses and sophisticated commercial clients engaged in international trade and Islamic finance.

If you are unsure whether our services are appropriate for your specific needs and circumstances, we strongly recommend that you seek independent legal and financial advice before engaging with us.

15. Shariah Compliance and Data Handling

Credit Amanah Limited is committed to conducting all its activities in accordance with Islamic principles and applicable AAOIFI (Accounting and Auditing Organisation for Islamic Financial Institutions) standards. In connection with Shariah-compliant transactions, certain client data and transaction details may be shared with our Shariah advisory board or independent Shariah scholars for the purpose of assessing and confirming the Shariah compliance of a proposed transaction. All such disclosures are made under strict confidentiality obligations and solely for the purpose of facilitating Shariah compliance review.

16. Third-Party Links

Our website may contain links to third-party websites. This Privacy Policy applies solely to the Credit Amanah Limited website and our services. We are not responsible for the privacy practices of any third-party websites and encourage you to review their respective privacy policies before submitting any personal data.

17. Changes to This Privacy Policy

Credit Amanah Limited reserves the right to update or amend this Privacy Policy at any time to reflect changes in our practices or applicable law. Any changes will be published on this page with an updated revision date at the top of the policy. Where changes are significant, we will endeavour to notify you directly where we hold your contact details. We encourage you to review this policy periodically to remain informed of how we protect your personal data.

18. Complaints

If you are dissatisfied with how we have handled your personal data, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Information Commissioner’s Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Website: www.ico.org.uk Helpline: 0303 123 1113

We would, however, welcome the opportunity to address your concerns directly before you approach the ICO. Please contact us in the first instance at the email address provided in Section 2 and we will endeavour to resolve your concerns promptly.

19. Contact Us

If you have any questions or concerns regarding this Privacy Policy or how we handle your personal data, please contact us at:

Credit Amanah Limited 14/2E, Docklands Business Centre, 10-16 Tiller Road, London, E14 8PX, United Kingdom

Company Registration Number: 13612807 Website: www.creditamanah.com Email: [email protected]

Ways to connect

+44 20 45773237

+44 20 45773237

[email protected]

Quick Links

About us

Overview

Trade Finance

Guarantee Issuance

News & Insights

Disadvantage of debt (Riba)

Ethics in finance

Guarantee for constructors

Benefits for importers