KD Group Limited, KD Finance Limited & KD Bridging Privacy Notice
Your trust is important to us. So we have compiled this Privacy Notice to explain how we collect, store and handle your personal data.
We know that there is a lot of information here, but we want you to be fully informed about your rights, and how KD Group Limited, KD Finance Limited & KD Bridging uses your data.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
KD GROUP LIMITED, KD FINANCE LIMITED & KD BRIDGING
For the purpose of the General Data Protection Regulation (GDPR) and its predecessor legislation The Data Protection Act 1998 (the Act), KD Group Limited, KD Finance Limited & KD Bridging is categorised as a data controller.
Registered office: 112 St. Augustine Street, C/O Portt & Co, Suite 1.02, Collar Factory, Taunton, Somerset, England, TA1 1QN.
What is personal data?
Personal data, or personal information, means any information about an individual from which that person can be identified and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.
It does not include data where the identity has been removed (anonymous data).
What personal data do we collect?
We may collect and process the following data about you:
- Your contact details, such as your name, address, telephone number and email address;
- Your date of birth, nationality, country of birth, country of residence, employment status and tax identification number (i.e., National Insurance Number);
- Passport details, driving licence and utility bills;
Details of the services you request from us;
Any records held by financial crime prevention agencies, on the Electoral Register and by providers of utility services; and
Details of your employment status, income and source of wealth.
In some cases, you are not obliged to provide any personal data to us, but if you have requested information or a service from us, we will not be able to provide it without certain information, such as your contact details. Before we can begin providing you with our services, we need to obtain certain information about you, so that we can verify your identity to meet our obligations under the Money Laundering Regulation 2017, Terrorist Financing and Transfer of Funds Regulations and any other applicable legislation and for the purposes of crime prevention and fraud prevention.
You are obliged to provide this information to us and if you do not provide it, we will be unable to provide you with our services.
When do we collect your personal data?
- When you sign up to our terms of business
- When you contact us by any means with queries, complaints etc.
- When you’ve given a third-party permission to share with us the information they hold about you.
- If you contact us, we may keep a record of that correspondence.
How do we use your personal data
We use information held about you in the following ways:
- To undertake checks such as identification verification checks with fraud prevention agencies to enable us to comply with our anti-money laundering obligations and for the purposes of crime prevention and fraud prevention.
- To carry out our obligations arising from any contracts entered into between you and us.
- To notify you about changes to our service.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. You may opt out of receiving information at any time by notifying us.
If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.
Explaining the legal basis, we rely on
Data collected will be processed fairly and lawfully and will only be processed where we comply with Article 6(1) of the GDPR. The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
Where you have given consent, we can collect and process your data for one or more specific purposes.
In certain circumstances, we may need to process your personal data to provide the services under our contract with you.
If the law requires us to, we may need to collect and process your data.
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights, freedom or interests.
Who do we share your personal data with?
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- Our appointed auditors, accountants, lawyers and other professional advisers (e.g., advise us;
- Fraud prevention agencies and other organisations to allow us to undertake the checks set out below. We will supply details of such agencies on request;
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and other agreements; or to protect the rights, property, or safety of KD Group Limited, KD Finance Limited and KD Bridging, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
- For the provision of services to you.
Where is your personal data stored and processed?
All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected; including in order to:
- provide you with the services you have requested;
- comply with other laws, including for the period demanded by our tax authorities;
- in support of a claim or defence in court.
What are your rights over your personal data?
The Act gives you rights about the information held about you. Your right of access can be exercised in accordance with the Act and is known as a Subject Access Request.
Right of Access
You will have the right to obtain, on request, confirmation as to whether your personal data is being processed, together with the following information:
- The purpose of processing your data
- Information about the recipients of your data
- Recipients or categories of recipient to whom the personal data will be disclosed (in particular third countries or international organisations)
- The right to lodge a complaint with a data protection authority.
- In cases of automated processing, details of profiling
- Information about the sources of data
Information must be provided to you within one month at no cost to you. However, we have the right to refuse or charge a reasonable fee when a request is manifestly unfounded or excessive, particularly if it is repetitive.
Under the GDPR, you also have the following rights:
- Right to be informed
- Right to rectification
- Right to be forgotten (erasure)
- Right to restrict processing
- Right to data portability
- Right to object
- the right not be subject to automated decision-making, including profiling.
You have the right to withdraw consent at any time, this must be provided in writing.
Cookies are text files that are stored in a computer system via an internet browser.
You may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.
If you have any questions that haven’t been covered, please contact our Data Champion who will be pleased to help you: firstname.lastname@example.org.