WASHINGTON (Reuters) - The U.S. Consumer Financial Protection Bureau is turning its attention to companies that collect consumer financial information to provide services and products.

The regulator laid out a series of principles on Wednesday to establish its expectations for accessing consumer’s financial data in the course of doing business.

“These principles express our vision for realizing an innovative market that gives consumers protection and value,” CFPB Director Richard Cordray said in a statement.

The principles serve as a blueprint for companies that rely on consumers voluntarily handing over their financial data for additional services, including debt repayment, financial management, or to receive offers for additional financial products like mortgages or credit cards.

The CFPB reiterated that such data should only be gathered with consumer consent, and that companies should only use and retain that data for as long as necessary to provide their stated services. The CFPB emphasized that data security should be a particular priority for these companies.

It also said companies should make clear to consumers any third parties that may gain access to their data as part of a service, and that there should be mechanisms in place for consumers to address inaccurate information or unauthorized access.

The CFPB announced in November it was seeking input on the subject, specifically inquiring about potential issues around security and management of that data, as well as consumer choice for such services.