Warning: Late repayment can cause you serious money problems. For help, go to moneyadviceservice.org.uk

GDPR And Data Protection

GDPR and Data Protection are of crucial importance for both the lender and the customer. These regulations ensure that there is complete transparency over how your personal data is handled, so that your rights as a customer are always wholly respected.

In order for you to use our services, we ask you to provide your personal data upon application. All of the data that you provide us with will be treated and handled in accordance with the Data Protection Act 1998, as revised or substituted by the Data Protection Act of 2018 – (Incorporating General Data Protect Regulation EU 216/679 GDPR). Please note, all of the personal and business data which is obtained by us is used strictly for legal reasons only.

GDPR – General Data Protection Act 2018

The General Data Protection Regulation outlines seven crucial guidelines of which we, as a company, must legally comply:

  • Lawfulness, Fairness and Transparency – personal data should be managed lawfully and fairly in a clear and transparent method.
  • Accuracy – personal data should always be accurate, precise and kept up to date – as ‘every reasonable step must be taken’ to ensure that inaccurate or false personal data is erased and rectified without any delay.
  • Data Minimisation – personal data should be relevant and limited to what is essential and compulsory concerning the purpose for which it was administered.
  • Integrity and Confidentiality – personal data must be ‘processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.’
  • Storage Limitation – this clearly states that personal data should not be kept longer than necessary, once the intended purpose has been carried out.
  • Accountability – which states that we as an organisation are responsible for complying with GDPR and therefore must be able to demonstrate our compliance clearly.
  • Purpose Limitation – organisation should ensure that they gather and process personal data for a specific purpose which is explicitly stated to the customer. They must also make sure to only collect data for as long as necessary to complete the intended purpose.

 

What Information Do We Collect From You?

As mentioned previously, in order to provide you with our service we do have to collect some personal, as well as business data from you. The data will be collected through our secure online application process and will involve the collection of the following information –

  • Name
  • Home address
  • Date of Birth
  • Telephone number
  • Email address
  • Marital status
  • Home status
  • Number of dependents
  • Employment details
  • Income details
  • Outgoings details
  • Bank details

 

What Are Your Rights?

You, as our customer, have the following rights regarding the handling and processing of your personal data –

  • You have the right to automated decision making and profiling to object to any automated decision making, to express your point of view, ask for human intervention, and to be provided with an explanation of the decision with your option to challenge it. The right is not absolute and is not applicable for the entering into a consumer credit agreement.
  • You have the right to access to obtain confirmation as to whether your personal data is being processed and being able to have access to that data.
  • You have the right to be informed about the collection and handling of your personal data. This must be presented in a clear, concise, and easily accessible manner, written in clear and understandable language, and should be provided entirely free of charge.
  • You have the right to data portability to obtain and reuse your personal data for your own purposes across as many different services as you wish. This allows you to move, copy or transfer personal data safely and securely, without affecting its usability.
  • You have the right to erasure also known as the ‘right to be forgotten’, you have the right to contact us and have any personal data we hold about you erased. The right, however, may not be possible in certain circumstances.
  • You have the right to file a complaint with a supervisory authority; you can complain to us both directly and/or with a supervisory authority. In the UK, the relevant authority is the Information Commissioner’s Office.
  • You have the right to object to the processing of your personal data in certain circumstances. You’re not under obligation to provide your personal information to us, but this information is required for us to process your application and help you to find a loan. Unfortunately, we cannot offer our services without it.
  • You have the right to rectification if your personal data is inaccurate or incomplete. We also must inform any third parties that have been shared your data to do the same.
  • You have the right to restrict processing to request the restriction or suppression of your personal data in certain circumstances. This is not an absolute right and only applies in certain circumstances.
  • You have the right to withdraw consent to process your personal data at any time, including but not limited to the removal of consent to be contacted by third-party marketers.

 

Any Questions We Haven’t Answered?

At Flexy Finance we have a responsibility to our customers, to uphold this practice and actively demonstrate compliance. However, if you still have questions on anything regarding your personal data, please do not hesitate to contact us or visit our FAQs page for more information.

Alternatively, should you decide to express any concerns that you have about our information rights practice, then you are within your rights to make a complaint directly to the Information Commissioners Office.