NKK Finance Limited t/a Flender is represented in Ireland by Flender Ireland Limited with its registered head office at 14 Clanwilliam Terrace, Grand Canal Dock, Dublin 2.
NKK Finance Limited t/a Flender and Flender Ireland Limited have a pre-existing data controller and data processor contractual relationship in place with NKK Finance Limited t/a Flender being the data controller and Flender Ireland Limited being the data processor. As part of this processing agreement, both companies have agreed to use and be bound by the same internal Data Protection Policy and both companies are hereby referred to as ‘Flender’ unless the context states otherwise.
Furthermore, both companies have contractually agreed to submit to the jurisdiction of the Irish Courts and the Irish Data Protection Commission on all matters relating to data protection. As such, the appropriate supervisory authority under the General Data Protection Regulations (GDPR) is the Irish Data Protection Commission (www.dataprotection.ie).
Flender endeavours to comply with the General Data Protection Regulation, Data Protection Acts, ePrivacy Regulation and data protection best practices. This policy informs individuals how Flender processes personal data in accordance with the principles of data protection identified in data protection legislation.
Flender will process any personal information provided to us by individuals, whether it be provided through our website (flender.ie), in person, by any form, correspondence, telephone, email or by any other means, or otherwise held by us in relation to you in the manner set out in this policy.
The information about you that we may process (e.g. use and store) includes information:
We may use your personal information for the purposes of:
We do not engage in profiling nor do we engage in any automated decision-making processes.
With your explicit consent, Flender may use your data for the provision of direct marketing or advertising purposes, including but not limited to:
Flender is committed to privacy by design and privacy by default. As such, you will never have to ‘opt-out’ of our marketing or advertising processes; you will only ever have the option of ‘opting in’ if you’d like to be included.
We do not engage in ‘pre-ticked’ boxes on consent forms nor do we ever assume you would consent to your data being processed.
You are free to withdraw consent for any marketing and or advertising related matters at any time you want without having to provide any reason as we respect your right of privacy.
Flender engages in social media but we do not refer to clients or any organisation without their explicit consent. Due to the nature of various social media platforms, we are unable to continuously monitor our social media accounts and, as such, we cannot be held liable for any third party public posts.
In the highly unlikely situation where an unauthorised third party has publicly posted personal data to any of our social media accounts without of the consent of the data subject then we will remove and delete such content as soon as possible.
Flender shares your personal data internally. As stated above, ‘Flender’ is the collective term for NKK Finance Limited t/a Flender of 16 Essex Enterprise Centre, 1-2 Davy Road, Gorse Lane Industrial Estate, Clacton-on-Sea, England, CO15 4XD and Flender Ireland Limited of Alexander House, Sweepstakes, Ballsbridge, Dublin 4, who have a pre-existing data controller and data processor contractual relationship in place with NKK Finance Limited t/a Flender being the data controller and Flender Ireland Limited being the data processor.
Flender will also share your personal with selected third-party service providers, other third-parties as well as any relevant authorities in the case of any mandatory disclosures under law.
Flender engages the services of a third-party credit rating agency which, by necessity, requires the processing of financial data, to establish the appropriate level of risk, and by extension the appropriate level of interest rate, charges, etc. of any person or entity seeking to avail of Flender’s services. Flender also engages a third-party debt collector in order to collect outstanding debts which, by necessity, requires the processing of personal data in order to collect debts and or initiate legal proceedings.
Other third-parties. Only with your explicit consent, your personal data may be used by us or shared with our marketing partners, advertisers, marketing and or advertising network, social media networks and analytics companies and or any third-parties in connection with marketing, promotional, data enrichment and other offers, including but not limited to, company products and or services that may be of interest.
Legal transfers.We may transfer and disclose your personal data to third parties to:
All personal data processed by Flender is kept within the EU, specifically all data is stored and processed within Ireland and the United Kingdom. As we transfer data cross-border from one EU member State to another (Ireland and UK) we have nominated the Irish Data Protection Commission as the lead supervisory authority in accordance with the Data Protection Commission’s ‘One Stop Shop’ (OSS) on the basis that our main establishment for data protection purposes is within the Republic of Ireland. As such, our Local Supervisory Authority for OSS is the Irish Data Protection Commission.
For further information concerning the ‘One Stop Shop’ procedure, please see the Data Protection Commission’s website (www.dataprotection.ie)
Flender does not transfer personal data outside of the EEA or EU unless it is specifically requested by a data subject, or on foot of performance of a contract outside of the EEA or EU, on a case-by-case basis.
If we do transfer personal data to outside of the EEA, Flender will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of the following safeguards:
We will take reasonable steps to ensure that your information is kept secure and protected, including but not limited to electronic data being protected using appropriate software, relevant networks safety and security checks, and, any computers or devices that can access data are encrypted. We do store some personal data in physical forms and they are kept in an appropriately secure environment that includes;
All personal data processed by Flender is kept within the EU, specifically all data is stored and processed within Ireland and the United Kingdom.
We have a general data retention policy that relates to the retention of relevant data for seven years. We identify this based on business/commercial needs, legal requirements and any consumer or client queries and or issues to which the Statute of Limitations may apply.
There are some legal exceptions to the seven year retention policy but each is on a case-by-case basis, e.g. investigation of accidents in the work place under Health & Safety legislation.
Personal data that is no longer required will be destroyed and or deleted in secure manner.
Any person has the right to find out whether an organisation has any personal data about them, what they use the personal data for and ask for copies of personal information held by that organisation.
If you wish to make a data access request in order to get a copy of any personal data we may process, please write a letter stating that you wish to make a data access request and address it to:
Or email Mark Hughes at firstname.lastname@example.org.
In order to process your request we may request that you send us a copy of your identification (passport, drivers licence, etc.). The reason we may ask for personal identification is to ensure that you are the correct person making the request for your personal data.
Unfortunately, verbal data access requests cannot be entertained as we need to establish a data controller’s identity and retain a paper/auditing trail of any data access request to establish ongoing compliance with GDPR and the Data Protection Act 2018.
In response to any data access request, you have the right to refer the matter to the Data Protection Commission if you are unhappy with the outcome, however, we ask that you would notify us first of any issue so that we may help resolve it as quickly as possible.
The Data Protection Commission can also provide you with full information as to your rights as a data subject at dataprotection.ie.
You have the right to rectify any incorrect or inaccurate personal data at no cost to you.
If you believe that we are incorrectly processing any of your personal data, please inform us by writing to the above person or email email@example.com.
Flender has undertaken to submit to the jurisdiction of the Republic of Ireland and Data Protection Act 2018 and the Data Protection Commission.
Individuals have the right to refer any matter to the Data Protection Commission by contacting them at www.dataprotection.ie or by writing to:
If you are, for whatever reason, considering contacting the Data Protection Commission about us we would ask that you inform us of your difficulty first so that we can try to resolve it to your satisfaction.