How we collect, use, and protect your personal information
Last Updated: January 2, 2026
Klub Finance ("we", "our", "us") is committed to protecting your privacy and ensuring your personal data is handled in accordance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
As a Financial Conduct Authority (FCA) regulated firm, we are required to collect and process personal information to provide our car finance services. This Privacy Policy explains how we collect, use, share, and protect your personal information.
Data Controller
Klub Finance is the data controller responsible for your personal information. Our registered office is located in London, United Kingdom.
We use your information to assess your eligibility for car finance, verify your identity, conduct credit checks, and make lending decisions. This is necessary to enter into and perform our contract with you.
As an FCA-regulated firm, we must comply with legal obligations including anti-money laundering (AML) checks, know your customer (KYC) requirements, and financial crime prevention. We are required to verify your identity and report certain activities to regulatory authorities.
We share your information with credit reference agencies (Experian, Equifax, TransUnion) to obtain your credit report and score. These agencies will record our searches, which may be visible to other lenders and could affect your credit score.
We use your contact information to respond to inquiries, provide updates on your application, send important notices about your finance agreement, and improve our services based on your feedback.
We may share your information with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. If fraud is detected, you could be refused certain services or finance in the future.
Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following legal bases:
Processing is necessary to enter into or perform our finance agreement with you
We must comply with FCA regulations, AML laws, and other UK financial services legislation
Processing is necessary for our legitimate business interests (e.g., fraud prevention, service improvement) where not overridden by your rights
For marketing communications and certain data sharing, we will ask for your explicit consent which you can withdraw at any time
We may share your personal information with the following third parties for the purposes described in this policy:
Experian, Equifax, TransUnion for credit checks and fraud prevention
CIFAS and other agencies to prevent fraud and financial crime
Lenders and finance partners who may provide your car finance
FCA, HMRC, and law enforcement when legally required
IT providers, payment processors, and customer service platforms
Lawyers, accountants, auditors, and insurers as necessary
Important: We do not sell your personal data to third parties for marketing purposes. All third parties are required to keep your data secure and use it only for the purposes we specify.
Under UK data protection law, you have the following rights regarding your personal information:
You can request a copy of the personal data we hold about you (Subject Access Request)
You can ask us to correct inaccurate or incomplete personal data
You can request deletion of your data in certain circumstances (note: we may be legally required to retain some information)
You can ask us to limit how we use your data in certain situations
You can request your data in a portable format to transfer to another service provider
You can object to processing based on legitimate interests or for direct marketing purposes
You can request human review of automated decisions that significantly affect you
To exercise any of these rights, please contact us at:
Email: [email protected]
Post: Data Protection Officer, Klub Finance, London, United Kingdom
We will respond to your request within one month. In complex cases, we may extend this by two additional months.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy and to comply with our legal obligations:
Active Finance Agreements:
Duration of the agreement plus 6 years (as required by UK financial regulations)
Declined Applications:
Up to 6 years from the date of application for regulatory and legal purposes
Marketing Data:
Until you withdraw consent or for 3 years if no engagement
AML/KYC Records:
Minimum of 5 years after the relationship ends (legal requirement)
We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it against unauthorised access, loss, or misuse.
All data transmitted is encrypted using SSL/TLS protocols
Data stored on secure UK-based servers with restricted access
Only authorized personnel can access your information
Ongoing security assessments and compliance reviews
Data Breach Notification: In the unlikely event of a data breach that poses a risk to your rights, we will notify you and the Information Commissioner's Office (ICO) within 72 hours as required by UK GDPR.
Your personal data is primarily processed and stored within the United Kingdom. If we need to transfer your data outside the UK, we will ensure appropriate safeguards are in place, such as:
When you apply for finance, we will share your information with credit reference agencies (CRAs) who will give us information about you, such as your credit history. This is a mandatory part of our lending assessment process.
Record your credit searches and applications (visible to other lenders)
Link your records with any financial associates (e.g., joint account holders)
Supply your information to other organisations for credit decisions and fraud prevention
Experian
experian.co.uk
Equifax
equifax.co.uk
TransUnion
transunion.co.uk
Our website uses cookies to improve your experience and analyze site usage. Cookies are small text files stored on your device. We use:
Required for website functionality (e.g., security, navigation)
Help us understand how visitors use our site (requires consent)
Track effectiveness of our advertising (requires consent)
You can manage your cookie preferences through your browser settings. Note that blocking essential cookies may affect website functionality.
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. Our finance products require applicants to be 18 years or older as per UK financial regulations. If we become aware that we have collected data from someone under 18, we will delete it immediately.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other operational reasons. When we make significant changes, we will:
We encourage you to review this policy periodically to stay informed about how we protect your information.
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact our Data Protection Officer:
0800 123 4567
Data Protection Officer
Klub Finance
London, United
Kingdom
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the UK's data protection regulator:
Website: ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We would appreciate the opportunity to resolve your concerns before you contact the ICO, so please contact us first.
Only what's needed for finance applications and legal compliance
Encrypted storage and secure transmission at all times
Access, rectify, delete, or restrict your data under UK GDPR
Clear about who we share with and why, always FCA compliant
When you apply for finance, we will perform credit checks with UK credit reference agencies. These searches will be recorded on your credit file and may be visible to other lenders. Multiple applications in a short period can negatively affect your credit score. Please ensure you understand this before proceeding with your application.