1. What we collect about you
Information you give us
Information you give us by filling in forms on our website and web-app, by sending us copies of your loan statements or communicating with us through all supported channels including our website, email, phone and Facebook Messenger and by interacting with our services. This information can be categorised into
- Contact information: name, address, personal number, email address, phone number or user identifier of any other communication channel you used to get in touch with us.
- Loan information: your loans current balance, duration, contractual terms and payment status.
- Payment information: your loans payment recipient, minimum required payment, due date and payment reference.
Information we collect about you
Information we collect about you includes both data that we collect automatically from your interactions with our services and information we request from third parties including credit reference agencies (UC AB, Creditsafe i Sverige AB) and identity lookup providers (SPAR).
- Personal and contact information: name, address, date of birth, national identification number and household information.
- Financial information: your income, payment complaints, credit commitments and inquiries, as well as tax and property information.
- Information from your connected email-account: If you have connected your email-account, we can collect information about the contents of the account on a continuous basis.
- Device information: including your IP address, geographical location, browser type and version, language and timezone settings, operating system, platform and screen resolution.
- Interaction with our services: how you browse our websites including pages visited and how you interacted with them, page response times and error reports.
2. What we do with your information
|Purpose of the processing||Legal basis||Automated decision|
|To confirm your identity and verify your personal / contact information.||Contractual obligation, compliance with applicable law||Yes|
|To process applications for our products and services, including credit assessment, pricing and offer generation.||Contractual obligation, compliance with applicable law||Yes|
|To, in case you have connected your email-account, provide you with a compilation showing your existing credits and invoices and to send you payment reminders and confirmations.||Fulfilment of contractual obligations||No|
|To service your loan with us and internal operations, including invoicing, customer service and troubleshooting.||Contractual obligation||No|
|To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.||Legitimate interest||No|
|To prevent misuse of Anyfin’s services, including fraud prevention and risk management.||Contractual obligation, compliance with applicable law||No|
|To develop new products and to improve our services, such as improvement of our decision models, testing, research and process optimization.||Legitimate interest||No|
|To follow local laws and regulations, including anti money laundering and anti terror financing.||Compliance with applicable law||No|
|Collect reviews through the third party solution Trustpilot||Legitimate interest||No|
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel your use of Anyfins services but we will notify you if this is the case at the time.
We may use your personal data to determine which products, services and offers may be relevant for you. We communicate offers and suggestions through a channel you’ve provided or interacted with us before, such as email, text-messages, postal services, social media or other digital channels.
You can ask us to stop sending marketing messages at any time by following the unsubscribe link on any marketing emails sent to you or by contacting us at firstname.lastname@example.org.
4. Who we share your information with
We disclose information to certain third parties as outlined below and ensure that the data is used securely, confidentially and for contractually controlled purposes, in accordance with data protection laws and best practices.
- Banking and financial services partners: financial services providers that help us provide our services to you.
- Credit reference and identity agencies: Your personal data is shared with credit reference agencies and providers of identity lookups to assess your credit score and to confirm your identity. We also continuously exchange financial information with the credit reference agency including your balance with us and any debt not fully repaid on time. Credit reference agencies share this data with other organisations and link it to the data of your spouse.
- Advertisers and analytics providers: In some cases we may use personal data to enable our advertising partners to reach the right audience or to exclude irrelevant recipients. Analytics providers assist us with the improvement and optimization of our website, troubleshooting of issues and marketing activities.
- Authorities: We disclose necessary information to authorities such as the police, tax agencies or the financial supervisory authority if required by law.
- Divestment: We share your personal information if Anyfin or substantially all of its assets are acquired by a third party.
5. Where we process your information
Your personal data is normally processed within the EU/EEA. In certain circumstances, your personal data may be transferred to, and processed in, a country outside of the EU/EEA. This is done only if the country to which the data is transferred or in which it is stored has an adequate level of data protection or if Anyfin and, where appropriate, its Personal Data Processor, has implemented appropriate security measures, such as binding corporate regulations or standard contract clauses. By using Anyfin’s services, you consent to your personal data being transferred and stored outside the EU/EEA on the conditions set out in this paragraph.
6. How is your personal data protected?
Anyfin has implemented security measures to protect your personal data against losses caused by unauthorised access and accidental destruction or damage. Personal data is only accessible by personnel who require the information to carry out their work. All personal data is stored on secure servers and all data communication is encrypted via Secure Sockets Layer (SSL).
7. How is your personal data protected?
We keep your data only as long as necessary to fulfil our contractual obligations towards you and as required by law. Where we keep your data for purposes beyond those of our contractual obligations, we keep the data only as long as is necessary in accordance with the legal basis for the processing.
8. Your legal rights
European data protection laws grant you certain rights in regards to your personal data.
Right to access your personal data
You can request a copy of the personal data we hold about you free of charge.
Right to correct your personal data
You have the right to correct incorrect or incomplete information about yourself, although we may need to verify the accuracy of the new data you provided.
Right to data portability
We will provide you your personal data in a structured, commonly used, machine-readable format, which you can then transfer to an applicable third party. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Right to be forgotten
You have the right to request removal of your personal data if it is no longer required for the purpose it was collected or where it was based on your consent which you have revoked since. Note however that as a financial institution we’re under certain legal obligations that prevent us from immediately deleting parts of your data, such as banking and anti-money laundering laws as well as accounting and tax regulations.
Datainspektionen is the supervisory authority for data protection in Sweden. If you believe a company does not handle your personal data correctly you can always file a complaint with them. For any concerns regarding Anyfin we would appreciate if you reach out to us first however and give us the opportunity to answer any questions you might have.
11. Contact us
Anyfin takes your security and data protection very seriously. If you have any questions about this policy and how we handle your data or if you want to make use of your rights in regards to your personal data, please don’t hesitate to contact us at email@example.com.
Anyfin AB is the Personal Data Controller for your personal data as described above. Anyfin is registered in the Swedish companies register under corporate ID number 559094-8005 and located at Drottninggatan 92, 111 36 Stockholm, Sweden.