For publicly accessible solutions at bridging.app domains intended for UK audiences.
Websites/Apps based on domains ending in bridging.app are projects of F-I.dev, an informal partnership based in the UK.
This privacy policy is intended for UK citizens visiting the web properties / apps in appendix 1 as data subjects. The intended audience of the web properties / apps in appendix 1 are borrowers and finance professionals in the UK.
Non UK data subjects from any jurisdiction will be extended the same rights as UK citizens except the right to make any claim to be heard in a court outside the UK
Appendix 2 lists related websites, apps, and resources operated by F-I.dev targeted at global finance professionals which are linked to from websites in appendix 1 and might be visited independently of any other website. Non UK data subjects wishing to exercise any rights related to these websites, apps and resources are encouraged to contact us with any queries or requests related to their rights in English.
Our systems have been designed from the ground up to protect your data at every point. As part of our compliance regime we continuously ensure that all of our systems inform users where their data will be stored, how it will be used and when any encrypted copies of any data stored on our systems will be destroyed. We want your data protection concerns to take the minimum of your time.
Our approach to data protection is to allow users to access our public solutions without any data about them being used or stored by us longer than necessary. This reduces our compliance burden to the absolute minimum for our free offerings. If a user wishes to use more advanced features or more in depth datasets they are required to login to a premium solution or give consent for the application to use their data differently than this document states, we call this interactive consent.
This document is intentionally as brief as possible as when a typical user visits our solutions no information about them is harvested and stored unnecessarily and all data from normal usage is deleted automatically.
Our code and methodologies for delivering our publicly available solutions is ‘Open Source’ and available for inspection at https://documentation.bridging.app/. Our full compliance documentation is also available at https://documentation.bridging.app/compliance, this documentation provides complete technical details of how we manage your data.
So as to allow this ‘Privacy Policy’ to be minimal in depth should you have any concerns or queries please do not hesitate to contact us.
We are registered with the Information Commissioner's Office in the UK with the registration reference: ZB556814
You are invited to email us regarding your rights as a data subject, our working dev team have each professionally studied the UK’s legislation & laws related to data rights of UK data subjects, if any communication to them appears to contain a Subject Access Request related to your rights as a Data Subject it will be directed to our Data Protection Officer or a senior partner able to perform as required by your request.
You may email any Subject Access request directly to our DPO at:
dpo@f-i.dev
Non UK Data Subjects are welcome to contact our DPO and expect to make Subject Access Requests as would a UK Data Subject, however we can only accept Subject Access Requests in English, Welsh and French (for requests from appendix 2 Data Subjects based in Canada). Responses to non English Subject Access Requests will be in English with a translation made in the preferred language of the initial communication, we apologise in advance for any poor translations and must insist where meanings differ the English responses we produce are agreed to be authoritative and overriding.
Our full DPO details are available at https://ico.org.uk/ESDWebPages/Entry/ZB556814 where you are able to download our registration certificate.
All of our web properties visitors have rights to access, rectification, erasure, restriction, objection, and data portability. For the web property upon which this policy resides you may contact our DPO as noted above, however as we automatically delete all PII on a daily basis (further details to follow) making a request related to your rights is likely to generate more information than we might have.
Per our lawful basis for processing your information if you object to our systems processing your information you should cease to use all of our services, which can be identified with ‘/| BA |\’ and similar markers in search engine listings which is how our services would most commonly be found.
UK citizens are able to make a complaint to the ICO if they believe their information/data has been misused: www.ico.org.uk.
Non UK citizens should identify their own data protection regulator who may be able to assist them if they believe they have a valid complaint.
We use the lawful basis of ‘contract’ for processing your information. Without agreeing to our terms of service we offer our datasets publicly (with the code/service to deliver them) without liability as far as legally possible on an as-is basis. By requesting to view the datasets using our services we are joined in a contract to deliver the datasets and service to you.
The purpose of processing your information is to deliver the datasets and services you have requested from this web property. Upon the delivery of the datasets and code to your device we have no purpose to keep your information and will delete it automatically (usually within an hour or a day)
Our business model is to encourage visitors to either register to use further service or develop working relationships with finance professionals for systems separate to the subject of this document. We intend to encourage visitors to use other services provided by us as a legitimate interest.
We do not set any first of third party cookies on Appendix 1 web properties without interactive informed consent.
The data you provide to this web service is not used for profiling, automated decision making or AI modelling.
We deliver our services over the internet. Our websites & servers sit behind infrastructure provided by our network providers. When you request to view a page / document or access a service your request and the related data is sent to our network partners and onto our servers or websites, the information or service you requested is sent back by our network service providers.
The request service cycle involves your IP address and some information about your computing device being sent to our network providers.
Our network providers:Our network providers maintain logs of your requests and usage of their systems to initially serve your request, to monitor for misuse of their network(s), and to bill us for your usage. We do not have access to these logs for web properties in appendix 1 or 2. If malicious activity is suspected or identified we may be delivered a security report which may identify your IP address, this is entirely unlikely for normal usage.
After your request transits the internet it is delivered to a solution we have deployed on our infrastructure providers’ systems.
A request to one of our services involves your IP address and some information about your computing device being sent to our solutions on our infrastructure providers systems.
Our infrastructure providers:Our infrastructure providers may log your interactions with our solutions to initially serve your request, to monitor for misuse of the infrastructure, and to bill us for your usage. We do not have access to these logs for web properties in appendix 1 or 2. If malicious activity is suspected or identified we may be delivered a security report which may identify your IP address, this is entirely unlikely for normal usage.
In general our deployed solutions in appendix 1 & 2 are ‘web apps’ or more simple websites/pages. We configure our servers without logging enabled, logs are deleted immediately (sent to /dev/null/) or scheduled to be deleted hourly/daily (by chron). Data regarding intended usage of our deployed solutions is at worst deleted after two days.
If your requests to our deployed solutions are malformed they may produce an exceptional logging event (for example an API request crashing a server). An exceptional logging event may cause a copy of your IP address, some details of your computing device and the request to be left on the server. Data from exceptional logging events may be used by our dev team and administrators to fix any issues and will be deleted shortly after.
Our dev team may be supported by technical experts in the case of an exceptional logging event. Our technical experts may receive data regarding any error in raw or complete formats.
Our apps allow you to request datasets from multiple sources, our workflow produces our most up to datasets using Google Workspace and Google Sheets. When a request for a dataset is made to Google it is made directly from your device. This requires your network information to be sent to Google as well as information about your request, the device/software that will receive it, network security and information about the data exchange.
Google may collect information regarding your request and store and process your information, it may also combine this information with other sources of information it has available to it. We inform you of this before any request to Google except when visiting status.bridging.app to ensure you are aware that you understand your data is being sent to a third party. We do not maintain any records of data requests made to Google.
uk.bridging.app
London.bridging.app
South-east.bridging.app
England.bridging.app
Scotland.bridging.app
Wales.bridging.app
on-github-uk.bridging.app
on-github-london.bridging.app
on-github-south-east.bridging.app
on-github-england.bridging.app
on-github-scotland.bridging.app
on-github-wales.bridging.app
on-netlify-uk.bridging.app
on-netlify-london.bridging.app
on-netlify-south-east.bridging.app
on-netlify-england.bridging.app
on-netlify-scotland.bridging.app
on-netlify-wales.bridging.app
www.bridging.app
Status.bridging.app
Get.bridging.app
Documentation.bridging.app
Help.bridging.app
Note: Appendix 2 websites are hosted on Google Sites, Google will notify you of cookies they set on these sites as a third party, we deploy analytics on these sites to help us understand what information users are attempting to find about our services and for general usage statistics, all PII is anonymised further information is available on each site respectively.