Privacy Policy

Last Updated: July 16, 2026

This Privacy Policy describes how Lendisys ("we," "us," or "our") collects, uses, and discloses your information in connection with your use of our website (lendisys.com) and our loan origination system services (collectively, the "Services").

In short: we do not set analytics or marketing cookies until you agree to them. If you want to know exactly which cookies we use and change your choice, see our Cookie Policy or open Cookie Settings.

1. Who We Are and How to Contact Us

For personal data collected through this website, the data controller is „PLANTON SOLUTIONS” S.R.L., trading as Lendisys — a company registered in the Republic of Moldova under IDNO 1010600041937, at strada Moara Roșie 5/E, ap. 34, MD-2005, Chișinău, Republica Moldova.

You can reach us about any privacy matter at contact@lendisys.com.

We have not appointed a Data Protection Officer. You can raise any data protection question with us at the address above.

Controller and processor

The distinction matters for who you contact about your data:

  • For data you give us directly through this website — a contact form, a demo request, a newsletter sign-up — we are the controller. This policy applies, and you should contact us.
  • For borrower or applicant data processed inside our loan origination system on behalf of a financial institution, that institution is the controller and we are its processor. We handle that data only on their documented instructions, under a written agreement that meets Article 28 of the UK GDPR and EU GDPR. If you are a customer of a lender that uses Lendisys, please direct your request to that lender — they are required to answer it, and we will support them in doing so.

2. Information We Collect

Information You Provide to Us

  • Contact Information: When you request a demo, contact us, or subscribe to our newsletter, you may provide us with your name, email address, phone number, company name, and job title, along with anything you choose to write in a message to us.
  • Demo and Service Data: When your financial institution uses our Services, it may upload data necessary for the loan origination process. This is client-controlled data for which we act as processor, as explained above.

Information We Collect Automatically

  • Log and Usage Data: We collect standard log information, including your IP address, browser type, operating system, pages viewed, and the dates and times of your visits.
  • Cookies and Similar Technologies: If you consent, we use cookies and similar technologies to analyse trends and measure our advertising. Our Cookie Policy describes the cookies we use and what each one is for.
  • Anti-spam: Our contact page uses Google reCAPTCHA to tell real visitors from bots. reCAPTCHA collects device and behaviour signals and is subject to Google's Privacy Policy.

3. How We Use Your Information and Our Legal Bases

Under the UK GDPR and EU GDPR we must have a lawful basis for each purpose. Ours are:

Where we rely on legitimate interests, we have weighed our interest against your rights and freedoms, and you have the right to object at any time — see section 8.

4. Cookies and Tracking Technologies

We do not set any cookie beyond those strictly necessary to run the site until you tell us we may. When you first arrive you can accept all, reject all, or choose category by category. You can change or withdraw that choice at any time through Cookie Settings, linked from the footer of every page — withdrawing is as easy as consenting. Our Cookie Policy describes the cookies we use, their purpose and their lifetime.

5. How We Share Your Information

We do not sell your personal information. We share it in these circumstances:

  • With Service Providers: vendors who process data on our behalf under contract, including our website analytics providers, our CRM and marketing platform (HubSpot), our advertising platform (Google Ads), and our hosting provider Hetzner Online GmbH (Germany).
  • As Required by Law: where disclosure is required by applicable law, regulation, or legal process, or to establish or defend legal claims.
  • Business Transfers: in connection with a merger, sale of assets, financing, or acquisition of all or part of our business.
  • With Your Consent: for any other purpose you agree to.

6. International Data Transfers

Some of our providers are outside the UK and the European Economic Area, which means your data may be transferred to and processed in those countries.

United States providers

Google (Analytics, Ads and reCAPTCHA) and HubSpot are United States providers. Transfers to them are governed by the data protection terms of our agreements with each provider. Note that our contact form submission includes your IP address in the record we send to HubSpot, so that transfer occurs whenever you submit the form.

You may request details of the safeguards that apply to any transfer by emailing contact@lendisys.com.

7. How Long We Keep Your Information

We keep personal data only as long as we need it for the purpose we collected it for:

Where we must keep records for legal, tax or accounting reasons, we retain them for the period required by law even if the periods above have passed.

8. Data Security

We implement technical and organizational measures designed to protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. As our clients are financial institutions, we adhere to standards of data security appropriate for the financial technology industry.

9. Your Data Protection Rights

If you are in the UK or the EEA, you have the following rights over your personal data. They are free to exercise, and we will respond within one month.

  • Access — obtain a copy of the personal data we hold about you (Art. 15).
  • Rectification — have inaccurate or incomplete data corrected (Art. 16).
  • Erasure — have your data deleted where we no longer have grounds to keep it (Art. 17).
  • Restriction — ask us to pause our use of your data while a dispute about it is resolved (Art. 18).
  • Portability — receive data you gave us in a structured, commonly used, machine-readable format, and have it sent to another controller (Art. 20).
  • Object — object to processing based on our legitimate interests (Art. 21). Where you object to direct marketing, we will stop, with no exceptions and no need to give a reason.
  • Withdraw consent — withdraw consent at any time where we rely on it, without affecting processing already carried out (Art. 7(3)). For cookies, use Cookie Settings; for marketing email, use the unsubscribe link in any message.
  • Complain to a supervisory authority — if you think we have handled your data unlawfully (Art. 77). In the UK this is the Information Commissioner's Office (ico.org.uk); in the EEA it is the authority in your country of residence, work, or where the issue occurred. We would appreciate the chance to address your concern first, but you can go to them directly.

To exercise any of these rights, email contact@lendisys.com. We may need to verify your identity before we act. If you are a customer of a financial institution that uses Lendisys, please direct your request to that institution, which is the controller of that data.

10. Automated Decision-Making

We do not make decisions about visitors to this website by automated means that produce legal effects or similarly significant effects on them.

Our loan origination software does support automated decisioning for our client institutions. Where a lender uses that capability, the lender — not Lendisys — is the controller responsible for those decisions and for meeting the requirements of Article 22, including telling applicants about the logic involved and offering human review. Applicants should contact their lender.

11. Children's Privacy

Our Services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected such information, we will take steps to delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make changes, we will revise the "Last Updated" date at the top of this policy, and where a change materially affects how we use your data we will give you additional notice and, where required, ask for your consent again.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: contact@lendisys.com
Postal address: „PLANTON SOLUTIONS” S.R.L., strada Moara Roșie 5/E, ap. 34, MD-2005, Chișinău, Republica Moldova