We are Blue Motor Finance Limited (BLUE), and we have prepared this Fair Processing Notice (FPN) to explain how we use any personal data we collect about you. Our contact details are:
BLUE has dedicated FPNs for Customers and Staff & Applicants. This FPN applies to all individuals who do not fall within the scope of either the Staff or Customer FPNs. If you are unsure whether you fall within the categories of Staff or Customers, please contact our Data Protection Officer and we will help you identify which FPN applies to you.
This is a non-exhaustive list of parties who we consider 3rd Parties and who fall within the scope of this FPN:
We collect your information for a variety of reasons, primarily regarding our proposed or actual business relationships with you. The information that you provide to us will depend on the nature of the relationship and therefore may include your:
Dependent on the nature of your relationship with us, we may also collect information about you from third parties, including Credit Reference Agencies (CRAs) and Fraud Prevention Agencies (FPAs). Please refer to the With whom will we share your information? section below for clarification as to whether this applies to you. The information that we receive from CRAs and FPAs includes:
If you refuse to provide us with this information, we may be unable to enter a business relationship with you.
As the data controller, we are legally responsible for ensuring that we have a legal basis for processing your information. The UK GDPR sets out several legal bases for processing personal data, and we rely on the following of those bases:
We may use your information to:
We may process your information in various ways, using automated and manual systems.
We do not use automated decision making or profiling to process your data.
We also process your information for security purposes through the operation of CCTV within our premises.
We may share your information with Credit Reference Agencies (CRAs) for the purpose of gathering information about you to inform our decision to enter a contract or business relationship with you or the organisation you represent. If we search your record at a CRA, the CRA will add to your record the details of our search. We may also share your information with CRAs on an ongoing basis. This information will be available to other organisations that search your CRA record. Other organisations may use this information and other information about you to make contractual or other decisions about you.
For more information on CRAs, including their relationship with Fraud Prevention Agencies, please refer to the Credit Reference Agency Information Notices below
We may share your information with Fraud Prevention Agencies (FPAs) to detect and prevent fraud. This may include details of fraud, unlawful or dishonest conduct, malpractice, or other seriously improper conduct (“Relevant Conduct”). We may use the information we receive from FPAs (including details of any Relevant Conduct) to:
FPAs will share their records with other organisations. Those organisations may use this information to make decisions about you and other persons connected to you, including in relation to employment, credit, or insurance.
For more information on FPAs, please refer to the CIFAS Fair Processing Notices:
We may share your information with legal, governmental, and regulatory bodies to meet our legal and regulatory obligations. These may include the Financial Conduct Authority, the Financial Ombudsman Service, the Information Commissioner’s Office, Her Majesty’s Revenue & Customs, or any other legal, governmental, or regulatory body.
We may share your information with professional advisers (including legal advisers), outsourcing providers (such as IT service providers), financial institutions (such as banks), or with any other type of organisation or person that we use to help us conduct our business and internal administration.
We may share your information with any person that you have authorised to engage with us on your behalf or that otherwise has a legal authorisation to do so. We may share your information with any organisation you have appointed to act on your behalf or authorised to receive your information, such as law firms.
We may share your information with any person to whom we sell or transfer (or enter negotiations to sell or transfer) our business, or any potential or actual transfer of our rights or obligations under any contract we may have with you or the organisation you represent. If the transfer or sale goes ahead, the transferee or purchaser may use your information as set out in this FPN.
We may transfer your information outside the United Kingdom. If we transfer your information outside the United Kingdom to a country that is not subject to an adequacy decision in respect of its data protection laws, we will conduct a transfer risk assessment and put in place the necessary safeguards to ensure that your information receives an equivalent level of protection. For more information on international data transfers, including details of safeguards, please contact our Data Protection Officer.
If we have a contract with you, we will keep your information for 6 years from the end of the contract. However, we may retain your information for longer than 6 years where the need arises, such as in connection with ongoing legal matters. Please contact the Data Protection Officer if you have any questions or concerns about our retention of your information.
If we do not have a contract with you, we will keep your information for 1 year from the end of the contract. However, we may retain your information for longer than 1 year where the need arises, such as in connection with ongoing legal matters. Please contact the Data Protection Officer if you have any questions or concerns about our retention of your information.
You may have the following rights in regard to your information:
If you have questions regarding your rights or wish to exercise a right, please contact our Data Protection Officer.
If you are dissatisfied with our processing of your information, please first contact our Data Protection Officer. Our Data Protection Officer may be able to resolve your complaint or address your concerns. Our Data Protection Officer can be contacted at: firstname.lastname@example.org.
You have the right to complain to the Information Commissioner’s Office about our processing of your information. You can contact the Information Commissioner’s Office using the following details.
Telephone: 0303 123 1113