Effective date: March 6th, 2023
Kikin Financial Limited (company no. 14569152) is the data controller of the personal information we hold about you. The registered postal address is Ground Floor, Verse Building, 18 Brunswick Place, London, N1 6DZ
You have the right to make a complaint to a supervisory authority under the Data Protection Laws at any time. We would, however, appreciate the chance to deal with your concerns before you approach a supervisory authority so please contact us in the first instance.
More generally, we: collect personal information that you voluntarily submit to us, such as your name and contact details, when you register with us, use our Website and our services, or otherwise interact with us in the course of our business activities;
collect personal information that you are required to provide us as part of our account creation and client onboarding procedures, such as your name, contact details, date of birth, and shareholding percentage in your Engaging Entity;
collect personal information from publicly accessible sources, e.g., Companies House;
collect personal information about you from third parties, such as sanctions screening providers, Credit Checking Agencies (as defined in section 7 below), portfolio monitoring services providers, open banking service providers and/or customer due diligence providers;
collect personal information about you from a third party with your consent, e.g., your or your Engaging Entity’s bank or building society; and
may also collect certain personal information automatically, including in relation to how you access and use the Website, technical information regarding the device you use to access the Website and the way in which you interact with our newsletters (such as whether you open these). We may also automatically record telephone calls when you contact our customer services team by phone.
We use the information we collect about you to correspond with you, perform our agreements with you, comply with our regulatory responsibilities (such as Know Your Client and anti-money laundering requirements), carry out marketing activities and our day-to-day business activities and operations.
We may link or combine the personal information we collect about you and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.
We will indicate to you where the provision of certain personal information is required in order for us to provide you certain services. If you choose not to provide such personal information, we may not be able to provide the services you have requested.
We will store the personal information we collect about you for no longer than necessary for the purposes of our legal obligations and legitimate business interests.
Personal information that we process for the purpose of carrying out anti money laundering checks (and ancillary functions related to this) as part of our customer due diligence checks will be retained for 6 years from the date of collection, in line with legal and regulatory requirements.
To determine the appropriate retention period for other personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, as well as the applicable legal, regulatory, tax, accounting or other requirements.
We may share your personal information with the following categories of recipients
Business Partners: we may share your personal information with our business partners that enable us to provide our services, including but not limited to providers of API aggregation (parties that collect and consolidate personal information, including credit checks, for our customers and perspective customers) , loan management system, collection services (direct debits), sanctions screening, customer due diligence, credit monitoring, debt collection services, open banking services and/or credit reference agencies, where this is necessary in the normal course of our business.
Service providers: we may share your personal information with third party vendors and other service providers that perform services for us or on our behalf, mailing, advertising, fraud prevention, web hosting, customer relationship management, communication management, payment gateway or analytics services.
Purchasers and third parties in connection with a business transaction: your personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
Law enforcement, regulators and other parties for legal reasons: we may share your personal information with third parties as required by law or if we reasonably believe that such action is necessary to (i) comply with the law and the reasonable requests of law enforcement; (ii) detect and investigate illegal activities and breaches of agreements; and/or (iii) exercise or protect the rights, property, its customers, or others.
Please read the following information very carefully:
As a responsible lender, Kikin has a legal obligation to take steps to ensure that our customers are creditworthy and suitable to receive our services.
We use a variety of methods to try to make sure that we do not lend money to customers who are in financial difficulty or are otherwise unsuitable to use our services. One of these is to carry out credit reference checks. In order to do this, we share with and receive your personal information from certain credit reference agencies and other third parties who collect, consolidate, and provide us with such personal information.
These Credit Checking Agencies provide us with data about a customer's or prospective customer’s credit history and borrowing habits.
On your request, we can provide contact details of these Credit Checking Agencies for you to contact in writing to request the information that they hold about you.
From time to time, we may contact you with information about our products and services, including sending you marketing messages and asking for your feedback on our products and services.
Where you are an individual subscriber (that is, a recipient with a non-corporate email address) with whom we have not previously engaged in the context of providing our services, we need your consent to send you unsolicited email marketing. Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal.
Where consent is not required under applicable law (for example, email marketing to corporate email address, or where we have previously engaged with you in the context of providing our services, and you have not opted out of receiving our marketing communications), it is in our legitimate interests to market our services. We consider this use to be proportionate and will not be prejudicial or detrimental to you.
We also participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your online browsing history and your interests. To do this, we or our advertising partners may collect information about how you use or connect to the Website, or the types of other websites, social media services, content and ads that you (or others using your device) visit or view or connect to our Website so that we or our advertising partners may play or display ads on the Website, on other websites, apps or services you may use, and on other devices you may use.
You have the right to opt out of receiving marketing communications at any time by:
contacting us at email@example.com or unsubscribing from email communications.
Security. We implement appropriate technical and organisational measures, including encryption, to protect your personal information against accidental or unlawful destruction, loss, change or damage. All personal information we collect will be stored on our secure servers. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, bank account details, national identification numbers, or any other passwords associated with your use of our services.
In accordance with applicable privacy law, you have the following rights in respect of your personal information that we hold:
Right of access. You have the right to obtain access to your personal information.
Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information we hold about you without undue delay.
Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not justified.
Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.
Right to object. You have a right to object to any processing based on our legitimate interests in certain circumstances. You can also object to our direct marketing activities for any reason by clicking the “unsubscribe” link set out in any marketing communication you receive.
Right to withdraw consent. If you have provided consent to any processing of your personal information, you have a right to withdraw that consent.
Right not to be subject to automated individual decision making. Right not to be subject to automated individual decision making. You have the right to not be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.
We sometimes use algorithms to make decisions on our behalf. This is referred to as automated decision-making. We use automated decision-making for the following purposes:
To assess your application for an account. Our algorithms assess your suitability for an account with us based on information obtained from Companies House, credit reference agencies, sanction screening providers, customer due diligence providers, and open banking providers. This means that we may automatically decide that you present a fraud or money-laundering risk or pose a risk to us in terms of breaking financial sanctions, in which case we will reject your application for an account.
To detect and prevent fraud. Our algorithms may freeze a transaction or account if we suspect fraud or money-laundering. Such decisions are based on information obtained from portfolio monitoring services and open banking service providers.
You can ask us to check this decision by emailing firstname.lastname@example.org
Our Website may, from time to time, contain links to and from third party websites, including those of our business partners, advertisers, news publications and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.
By email: email@example.com