KC FINANCE – Privacy Notice
What is the purpose of this document?
Kingston Capital Finance Ltd is the controller and responsible for your personal data (collectively referred to as “ KC Finance”, “we”, “us” or “our” in this privacy notice). This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice. It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity data: includes first name, maiden name, last name, marital status, title, date of birth, gender, passport (copy), driving licence (copy) and utility bills (copy).
- Contact Data: includes residential address, billing address, email address and telephone numbers.
- Financial Data: includes bank details, details of your income and outgoings, net worth statements.
- Transaction Data: includes [details about payments to and from you and other details of products and services you have purchased from us].
- Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel service you have with us but we will notify you if this is the case at the time.
How is your personal data collected?
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise.
- Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below: Contact, Financial and Transaction Data from providers of Business information such as Credit Safe,Experian or Companies House, based inside or outside the EU;
- Introducers and other businesses where we have a trading relationship.
How we use your personal data
We will process your personal information for the following reasons:
- To find the best source of finance based on your circumstances;
- To undertake credit checks for the purposes of finding the most suitable finance product;
- To confirm your affordability for the financial requirement we are seeking finance for;
- to comply with our anti-money laundering and know your client requirements and to meet our regulatory responsibilities.
Credit Reference Agencies
In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (CRAs). We may also make periodic searches at CRAs to manage your account with us.
To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We will use this information to:
- Assess your creditworthiness and whether you, your financial associate(s), or your business can afford to take the product
- Verify the accuracy of the data you have provided to us
- Prevent criminal activity, fraud and money laundering
- Manage your account(s)
- Trace and recover debts
- Ensure any offers provided to you are appropriate to your circumstances
We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. If you are making a joint application, or tell us that you have a financial associate or business partner, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application.
CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link. The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at any of these three links.
Each link will take you to the same CRAIN document:
- Equifax www.equifax.co.uk/crain
- Experian www.experian.co.uk/crain
- TransUnion www.transunion.co.uk/crain
Identity Verification And Fraud Prevention Checks
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by visiting www.cifas.org.uk.
For further information on how your information is used, how we maintain the security of your information and your rights to access/alter and change information we hold on you, please contact firstname.lastname@example.org.
Automated Decision Making
KC Finance will pass your data captured to funders whom may use automated decision-making in respect of your application for finance. We will only collect the minimum amount of data needed and have a clear retention policy for the profiles we create.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or any significant affects. You can request human intervention and challenge a decision made this way by contacting email@example.com.
Why might we share your information with third parties?
We will share your personal information with third parties where required by law, where it is necessary to administer the contractual relationship with you or where we have another legitimate interest in doing so. “Third parties” includes third-party service providers (including contractors and designated agents) and other entities within our group. The following third-party service providers process personal information about you for the following purposes:
- The most suitable funders on our panel (a full list of which is available by contacting firstname.lastname@example.org).
- Our IT hosting and maintenance, this information is located on servers within the European Union.
- Credit reference agencies for the purposes of ascertaining your financial status.
- Regulatory bodies such as The Financial Conduct Authority for the purposes of meeting our regulatory obligations.
- Other members of our group where needed to process your application.
- Fraud prevention agencies where we are required to do so.
- Third party product providers where you have given us your prior consent to do so.
How long we keep your information
We are required under FCA regulations to keep your basic personal data, such as name, address, contact details, date of birth for a minimum of 6 years, after which time it will be destroyed. The information used for marketing will be kept with us until you notify us that you no longer wish to receive this information.
We do not transfer your personal data outside the European Economic Area (EEA).
What are your rights?
If at any point you believe retained information is incorrect you can request to see this information and even have it corrected and possibly deleted. Providing you with this information is free of charge, but charges may apply for excessive requests.
If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter. Where relevant, you have the right to withdraw consent and object at any time and this means that we cannot process your data provided without your consent. More information about your rights can be found on the Information Commissioners website https://ico.org.uk. If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
Our Data Protection Officer is Robert Partridge and you can contact him at email@example.com.