Blue Motor Finance Limited (BLUE), has prepared this Fair Processing Notice (FPN) to explain how it uses any personal data it collects about you. Blue’s contact details are:
BLUE has dedicated FPNs for Customers and Staff & Applicants. This FPN applies to all individuals who do not fall within the scope of either the Staff or Customer FPNs. If you are unsure whether you fall within the categories of Staff or Customers, please contact Blue’s Data Protection Officer and they will help you identify which FPN applies to you.
This is a non-exhaustive list of parties who Blue considers 3rd Parties and who fall within the scope of this FPN:
Blue collects your information for a variety of reasons, primarily regarding its proposed or actual business relationships with you. The information that you provide to Blue will depend on the nature of the relationship and therefore may include your:
Dependent on the nature of your relationship with Blue, it may also collect information about you from third parties, including Credit Reference Agencies (CRAs) and Fraud Prevention Agencies (FPAs). Please refer to the with whom will Blue share your information? section below for clarification as to whether this applies to you. The information that Blue receives from CRAs and FPAs includes:
If you refuse to provide Blue with this information, it may be unable to enter a business relationship with you.
As the data controller, Blue is legally responsible for ensuring that it has a legal basis for processing your information. The UK GDPR sets out several legal bases for processing personal data, and Blue relies on the following of those bases:
Blue may use your information to:
Blue may process your information in various ways, using automated and manual systems.
Blue does not use automated decision making or profiling to process your data.
Blue also processes your information for security purposes through the operation of CCTV within its premises.
Please note: Blue will only share your information with Credit Reference Agencies and Fraud Prevention Agencies if you fall into the following categories:
Credit Reference Agencies
Blue may share your information with Credit Reference Agencies (CRAs) for the purpose of gathering information about you to inform its decision to enter a contract or business relationship with you or the organisation you represent. If Blue searches your record at a CRA, the CRA will add to your record the details of its search. Blue may also share your information with CRAs on an ongoing basis. This information will be available to other organisations that search your CRA record. Other organisations may use this information and other information about you to make contractual or other decisions about you.
For more information on CRAs, including their relationship with Fraud Prevention Agencies, please refer to the Credit Reference Agency Information Notices below.
Fraud Prevention Agencies
Blue may share your information with Fraud Prevention Agencies (FPAs) to detect and prevent fraud. This may include details of fraud, unlawful or dishonest conduct, malpractice, or other seriously improper conduct (“Relevant Conduct”). Blue may use the information it receives from FPAs (including details of any Relevant Conduct) to:
a. Determine whether to enter a contract with you or the organisation you represent
b. Determine whether to terminate a contract with you or the organisation you represent (subject to the terms of the contract and any applicable law)
c. Determine whether to bring legal action against you or the organisation you represent (subject to the terms of the contract and any applicable law)
FPAs will share their records with other organisations. Those organisations may use this information to make decisions about you and other persons connected to you, including in relation to employment, credit, or insurance.
For more information on FPAs, please refer to the CIFAS Fair Processing Notices:
Legal, Governmental, and Regulatory Bodies
Blue may share your information with legal, governmental, and regulatory bodies to meet its legal and regulatory obligations. These may include the Financial Conduct Authority, the Financial Ombudsman Service, the Information Commissioner’s Office, Her Majesty’s Revenue & Customs, or any other legal, governmental, or regulatory body.
Blue may share your information with professional advisers (including legal advisers), outsourcing providers (such as IT service providers), financial institutions (such as banks), or with any other type of organisation or person that it uses to help it conduct its business and internal administration.
Authorised Third Parties
Blue may share your information with any person that you have authorised to engage with it on your behalf or that otherwise has a legal authorisation to do so. Blue may share your information with any organisation you have appointed to act on your behalf or authorised to receive your information, such as law firms.
Blue may share your information with any person to whom it sells or transfers (or enter negotiations to sell or transfer) its business, or any potential or actual transfer of its rights or obligations under any contract it may have with you or the organisation you represent. If the transfer or sale goes ahead, the transferee or purchaser may use your information as set out in this FPN.
Blue may transfer your information outside the United Kingdom. If Blue transfers your information outside the United Kingdom to a country that is not subject to an adequacy decision in respect of its data protection laws, it will conduct a transfer risk assessment and put in place the necessary safeguards to ensure that your information receives an equivalent level of protection. For more information on international data transfers, including details of safeguards, please contact Blue’s Data Protection Officer.
If Blue has a contract with you, it will keep your information for 6 years from the end of the contract. However, it may retain your information for longer than 6 years where the need arises, such as in connection with ongoing legal matters. Please contact the Data Protection Officer if you have any questions or concerns about Blue’s retention of your information.
If Blue does not have a contract with you, it will keep your information for 1 year from the end of the contract. However, it may retain your information for longer than 1 year where the need arises, such as in connection with ongoing legal matters. Please contact the Data Protection Officer if you have any questions or concerns about Blue’s retention of your information.
You may have the following rights in regard to your information:
If you have questions regarding your rights or wish to exercise a right, please contact the Data Protection Officer.
If you are dissatisfied with Blue’s processing of your information, please first contact the Data Protection Officer. Blue’s Data Protection Officer may be able to resolve your complaint or address your concerns. The Data Protection Officer can be contacted at firstname.lastname@example.org
You have the right to complain to the Information Commissioner’s Office about Blue’s processing of your information. You can contact the Information Commissioner’s Office using the following details. Web: https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 1113