LeadsUK Ltd t/a iHeat takes the privacy of personal data seriously and the legal and compliant treatment of this data is at the core of our operations.
We therefore ask you to please read the following important information which explains how we collect, store and use your personal data.
Controller: LeadsUK Ltd t/a iHeat (Company No. 10884911), registered office: Building 18, Gateway 1000, Arlington Business Park, Whittle Way, Stevenage, England, SG1 2FP.
LeadsUK Ltd is authorised and regulated by the Financial Conduct Authority (FRN 843673) as a credit broker (not a lender). Credit is provided by a panel of lenders.
Personal data is information that identifies or can identify you, either on its own or when combined with other information.
We collect data when you use our website and forms, contact us, request quotes, place orders, enter finance applications, interact with our ads, or via referrals/partners.
Data we may collect includes: name, contact details (address, email, phone), property details, usage needs, installation photos, order history, payment status, communication preferences; identity/verification data (e.g., ID document details where required); finance-related application data handled with our lenders (they act as separate controllers); technical data (IP, device, log data) for security and analytics.
We process data where one or more of the following apply:
We may use your details to tell you about products, services, promotions, and offers. We may contact you via:
We’ll only send electronic marketing where permitted (e.g., consent, or soft opt-in for similar products to existing customers). You can opt out at any time:
If you withdraw consent or opt out, we’ll keep a minimal suppression record to ensure we don’t contact you again.
Profiling & finance decisions: for credit/affordability checks and fraud prevention, lenders and credit reference agencies may use automated decision-making. They provide separate notices explaining these processes.
We share data when necessary with trusted recipients, including:
Some providers may process data outside the UK. Where this happens, we use safeguards such as UK adequacy regulations or standard contractual clauses.
We apply technical and organisational measures appropriate to the risk (access controls, encryption in transit, secure data centres, staff training, vendor due diligence). We test and review controls regularly.
You have rights to access, rectification, erasure, restriction, portability, and to object (including to direct marketing). You can also withdraw consent where we rely on it. We will respond within one month (extendable by two months for complex requests).
To exercise your rights, contact: Mail: Hampson Street, Bolton, Greater Manchester, BL6 7JH | Tel: 0333 305 6880 | Email: [email protected].
You can complain to the UK Information Commissioner’s Office (ICO): 0303 123 1113 | ico.org.uk/global/contact-us/.
We keep data only as long as needed for the purposes above, including legal, accounting, warranty and regulatory requirements. Typical periods:
We use cookies and similar technologies for site functionality, performance, and marketing/analytics. For details and to manage preferences, see our Cookie Policy.
For privacy queries, contact our Data Protection lead at [email protected] or the postal address above.
We review this notice periodically. Latest update: 20 August 2025.