TRUST CENTER

Write and ask whatever you want

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

ALL ABOUT TECH

How it works

Credolab transforms device and behavioural metadata into powerful predictive insights and scores for credit risk, fraud prevention, and marketing optimisation.

Learn more

How to integrate

Integration is seamless and flexible. Our lightweight SDKs for Android, iOS, and Web can be deployed with minimal impact on app or website performance.

We support modular integration and provide detailed technical documentation, sample code, and dedicated onboarding support.

Learn more

How we handle data

We never collect personal or sensitive data. All data processed is anonymised, non-PII device and behavioural metadata.

Data stays fully under client control, processed with user consent, and stored securely in cloud environments that comply with leading global standards.

Learn more

ALL ABOUT PRIVACY & SECURITY

Data Sources & Collection

Credolab uses privacy-protected and permissioned metadata sourced directly from mobile devices and web interactions.

No personal content, messages, contacts, or location data is accessed. Data collection only begins after explicit user consent.

Learn more

Consent & Transparency

We enable full transparency at every step. Our SDKs are designed to activate only after users opt in via client-controlled consent flows.

Clients can customise the messaging and consent screens, and we provide best-practice templates to ensure clarity and compliance.

Learn more

Complicance & Regulations

Credolab operates globally with strict adherence to data protection regulations including GDPR (EU), CCPA (USA), PDPA (Singapore), LGPD (Brazil) and other local laws.

Our legal and infosec teams continuously monitor regulatory developments to ensure compliance.

Learn more

Data Protection Practices

Data security is embedded into everything we do. We apply strong encryption in transit and at rest, enforce strict access controls, and isolate data by client to ensure confidentiality.

Regular audits, logging, and monitoring systems are in place to prevent unauthorised access or misuse.

Learn more

ISO Certifications

Credolab is ISO/IEC 27001 certified, demonstrating our commitment to managing data security in line with internationally recognised standards.

This certification covers our infrastructure, development processes, and data handling practices, and is reviewed annually by independent auditors.

Learn more

Privacy Policy

Our privacy policy outlines how we collect, use, and protect data – both on behalf of our clients and through our own corporate operations.

It clearly explains our role as a data processor, our consent-based approach, and our compliance with major privacy laws.

Learn more

FAQ

Topic

What kind of data does Credolab collect from users?

Credolab collects anonymised, non-personal device and behavioural metadata such as device settings, interaction patterns, or app usage categories. We do not access personal content, messages, photos, contacts, or precise location data. All data collection is consent-based and fully transparent.

more →

Topic

Is Credolab’s SDK compliant with privacy regulations like GDPR and CCPA?

Yes. Our SDK and data handling practices are fully compliant with GDPR, CCPA, PDPA, LGPD and other local regulations. We collect data only after explicit user consent, and we operate strictly as a data processor, meaning our clients retain full control over the data collected.Credolab collects users' anonymised data to assess their financial health and status so that financial institutions are able to decide whether or not to grant a loan, a credit card or any other financial services. Credolab assesses the users' solvency, their probability of default and interest in receiving financial services only in the context of their application for the provision of financial services.

more →

Topic

How does Credolab ensure data security?

Credolab applies enterprise-grade data protection practices, including encryption at rest and in transit, strict role-based access controls, and regular third-party audits. We are ISO/IEC 27001 certified, and our infrastructure and processes are continuously monitored to ensure data integrity and confidentiality.

Refer to the table below to see how each of Credolab's products handles data.

more →

Topic

Can users opt out of data collection?

Only authorised and trained employees of Research and Development department have read only access to the data. In addition to this, the customer success team working with you will also have access to the data, after your explicit authorisation.

more →

Topic

How long does it take to integrate Credolab’s SDK?

Our SDK is lightweight and modular, allowing most clients to complete integration in under a week. We provide detailed technical documentation, sample code, and dedicated onboarding support to help your development team every step of the way.

more →

Topic

What happens to the data when a client contract ends?

When a client contract ends, all associated datasets are permanently deleted from our systems, including backups and cross-region replicas. The process is verified using AWS tools, logged for audit purposes, and a certificate of data destruction is issued to the client.

more →