When a keylogger or any other program is installed in your PC, it is that you have given the full rights to take everything out of your PC. It can transmit your Credit Card number, your email password or any document if it wants. So make sure you try your best to install software from a knows source. Keyloggers in particular can log everything you type in to a disk file and email the list to a given email address. That's what you are told. It can also transmit that to its own location. I think the only safest way to have a keylogger installed is to program one by your own.
what is a keylogger & how it works ?
Windows is a message passing operating system. In other words every event or interrupt is passed to and from processes as messages. If you press a key, it passes as a message through the processes. If you install a program and using techniques such as sub-classing and hooking (more advanced than sub-classing), you would be able to intercept some of the messages through your handler instead of Windows standard handler. In this way, if you trap keystrokes through your handler, all key strokes will be flown through your program. After saving them to disk (or transferring over internet/email, etc...), you simply pass the message back to original Windows handler so no one notice any difference. All the passwords such as facebook, gmail, etc..., credit card number, etc... will be caught by the program in this way.
what are the threats from keyloggers ?
I think I have already explained about it. If it is not from a trusted source, it could also send al those passwords, etc... to a third party web.
what are the steps we should follow if we got know if we got a keylogger in PC
Just do everything possible to remove that. Most of the popular keyloggers can be caught by anti-virus/anti-malware/anti-spyware programs. Malwarebytes Antimalware is a very good program. Get rid of them as soon as possible.
If you want to learn more, I have added an article about
Subclassing and Hooking