Who we are
Medifinance Ltd are Commercial Finance Brokers based in Surrey. We act as a broker for our customers. Medifinance Ltd are Authorised and Regulated by the Financial Conduct Authority. FRN675486
How we will use the information about you
Here at Medifinance Ltd we take your privacy seriously and will use your personal information in a number of ways which will help us;
- make lender decisions
- for fraud prevention
- for audit
- for statistical analysis
We may share your information with, and obtain information about you from, credit reference agencies or fraud prevention agencies. If you apply to us for insurance, we will pass your details to the insurer. Information you provided may be put onto a register of claims and shared with other insurers to prevent fraudulent claims.
We will not disclose your information to any company outside of our panel of funders & product partners except to help prevent fraud or if required by law to do so.
However, from time to time we would like to contact you with detail of other products, offers & services that we provide. If you consent to us contacting you for this purpose, please tick to say how you would like us to contact you.
Your Personal DatA
What we need
Medifinance Ltd will be what is known as the ‘controller’ and the ‘processer’ of the personal data you provide to us. We collect personal data about you which may also include any special types of information or location-based information.
We also gather
Your; name, residential address, email address, DOB, telephone number(s), bank details
Why we need it
We need to know your basic personal data in order to provide you with an accurate recommendation for your personal circumstances. We will not collect any personal data from you that we do not need to provide and oversee this service to you.
For processing of data to be lawful under General Data Protection Regulations (GDPR), Medifinance Ltd use;
- (a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
- (b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
What we do with it
All the personal data we use is controlled by Medifinance Ltd in the UK, however, for the purposes of IT hosting and maintenance, this information is located on servers within the European Union. No 3rd parties have access to your personal data unless the law allows them to do so. We have a Data Protection regime in place to oversee the effective and secure processing of your personal data. More information on this framework can be found on our website.
We may pass your data to our panel of lenders in order to provide you with offers of products suitable to meet your customer requirements.
Your data is stored electronically on our cloud encrypted server. Our servers are based in the UK
How long we keep it
We are required under GDPR regulation to keep your basic personal data, such as your name, residential address, DOB & bank details for a minimum of 6 years, after which time it will be destroyed. The information used for marketing will be kept with us until you notify us that you no longer wish to receive this information.
What are your rights?
If at any point you believe retained information is incorrect you can request to see this information and even have it corrected and possibly deleted. Providing you with this information is free of charge, but charges may apply for excessive requests.
If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.