The public now has greater access to financing thanks to the development of financial technology (fintech), especially information technology-based lending services (peer-to-peer lending). However, this has also led to legal problems, such as the misuse of personal data and intimidating collection tactics against customers. In order to avoid the abuse of personal data, this research will examine the various kinds of regulation and supervisory procedures. Additionally, it will evaluate if threatening gathering activities are in compliance with the legal standards that apply in the Indonesian legal system. Normative legal research using a legislative, conceptual, and case approach, together with descriptive-analytical qualitative study of primary, secondary, and tertiary legal documents, is the research methodology used. The study's findings demonstrate that Indonesia already has a thorough regulatory framework in place for the deployment and oversight of fintech services, especially with regard to consumer protection, personal data, and collection governance, thanks to the regulations of the Financial Services Authority, the Personal Data Protection Law, the Consumer Protection Law, and the Electronic Information and Transaction Law. However, because of inadequate law enforcement, poor business actor compliance, and insufficient oversight, its implementation and monitoring are not currently as successful as they may be. In addition to being against existing laws and punishable by them, intimidating fintech collecting tactics have been shown to violate the principles of good faith, the right to security, and the protection of personal data.