Weatherbys Bank Limited (“we”, “us”, “our”) is committed to protecting and respecting your privacy at all times. We aim to be clear and transparent regarding how we process your personal data, but should you have any queries, we would be very happy to discuss them with you.
This policy (together with our terms and conditions and any other documents referred to in it) sets out the basis on which any personal data you provide to us, or we obtain, will be processed by us.
If you wish to read a particular section, please click on the relevant heading below to take you directly to that section.
Weatherbys Bank Limited is the data controller. Our address is 52-60 Sanders Road, Wellingborough, Northamptonshire, NN8 4BX, United Kingdom. Our Data Protection Officer can be contacted by email at firstname.lastname@example.org or by telephoning our office on +44 (0)1933 543 543.
If you have any difficulty reading this Policy you can increase the font size through your browser.
Please read through the following sections to understand:
What personal information we collect about you
In order to provide you with banking and financial services and comply with the law and regulations by which we are bound, we will need to collect and process personal data about you. If you do not provide the information we require, whether it’s necessary to enter into a contract with you and/or comply with our legal and regulatory obligations, it may delay or prevent us from meeting our obligations and may mean that unfortunately we will not be able to provide our services or products to you.
We use many different types of information which we have put into groups as set out below:
Your financial position, status and history
Where you live and how we contact you, including email and telephone
This includes details about your employment, income, nationality
Details about payments to and from your account(s) with us including details of payers and payees
Details about the products and services we provide to you
Data we obtain about where you are for example, the address you connect a computer to the internet (IP address) or a shop where you buy something on your card
Details about how you use our products and services
Details of the devices and technology you use
What we learn about you from letters, emails and our conversations with you
Details regarding your family, friends and other relationships you provide to us
Details about you that are in public records, eg electoral register, and information about you that is available on the internet
Other data about how you use our products and services
Details about you that are stored in documents you provide to us eg your passport, driving licence, utility bills, bank statements, birth certificate
The law states that some types of data are special category data. We will only collect this type of data with your consent. Such data includes but is not limited to your:
- Racial or ethnic origin
- Religious or philosophical beliefs
- Trade union membership
- Genetic or biometric data
- Health data
- Criminal convictions and offences
Any permissions, consents or marketing preferences you give to us, including how you want us to contact you
A number or code given to you by a government body to identify who you are such as a national insurance number or TIN number
We may use information about your general internet usage by using a cookie file which is stored on the hard drive of your computer or device. Cookies contain information that is transferred to your computer or device’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern
- To store information about your preferences, and so allow us to customise our site according to your individual interests
- To speed up your searches
- For security
- To recognise you when you return to our site.
Where we collect information from
We collect information from a variety of sources as set out below.
|How we collect the information
|When you apply for our products and services
When you talk to us on the telephone (all calls are recorded and monitored for training and in order to improve our services to you) or face to face
When you use our website, mobile device App, or our online banking
From emails and letters
If you take part in any of our client surveys, competitions or promotions
This includes the type, amount, frequency, location, origin and recipients of payments and transactional information, profile and usage data when you connect to our internet, mobile App, online banking or telephone services.
This includes information provided by companies or individuals who introduce you to us; your financial advisers, lawyers and/or accountants; card associations; credit reference agencies; insurers; fraud prevention agencies; public sources of information such as Companies House; government and law enforcement agencies
Why we collect your personal data and the lawful basis we rely on to process it
Data Protection law says that we are only allowed to process your personal information if we have one or more of the following lawful reasons:
- To fulfil a contract we have with you
- When it is needed to comply with our legal duty
- When it is in our legitimate interest
- When you give us your consent.
A legitimate interest means that we have a commercial or business reason to use your information, however even then it must not unfairly go against what is right for you. If we rely on our legitimate interest, we will tell you what that is.
We have set out in the table below the ways in which we will use your information and which of the reasons we are relying on.
|What we use your personal information for
||The reason we are relying on
||Our legitimate interest
|To provide banking and other financial services to you and to deal with your transactions as part of our contract with you.
To manage fees, charges and interest due on client accounts.
To collect and recover any money that is owed to us.
To manage and provide treasury and investment products and services.
Fulfilling a contract
Our legitimate interests
Our legal duty
|Ensuring we are efficient in fulfilling our legal and contractual duties|
|To contact you by telephone, email, text, online, via our mobile app or by post to help you manage your account(s) and comply with our regulatory requirements such as changes to our terms and conditions.
Fulfilling a contract
Our legitimate interests
Our legal duty
|Ensuring we are efficient in fulfilling our legal and contractual duties|
|To comply with the law and meet our obligations to our regulators e.g. verifying your identity when we need to, preventing and detecting fraud, money laundering and other crimes such as identify theft.
Fulfilling our contract
Our legal duty
Our legitimate interests
Developing and improving how we deal with financial crime, as well as complying with our legal duties
Complying with regulations that apply to us
To allow us to pursue our legitimate business interests which include performing credit checks and obtaining or providing credit references and for our own internal operational needs such as product development, audit and credit and risk management. We will also use your information to assess and improve our services and for training and quality purposes. For example, we record all telephone calls.
|Our legitimate interests||Ensuring that we run our business efficiently, achieve our business objectives and operate in our client’s best interests|
To provide details of products and services we have carefully selected for you but only where you have provided your consent. We will never pass your information to a third party for them to use in their own direct marketing
|Consent||Ensuring that we inform our clients of all suitable products and services which may be of interest to them|
How we use your information to make profiling decisions
We use systems to decide whether to lend money to you or your business when you apply for a loan, mortgage or overdraft. This helps us to ensure that our decisions are fair, efficient and in your interests. These decisions can affect the products, services or features that we may offer to you now or in the future or the charges we apply. We may use profiling to:
- Decide what to charge for some products and services based on what we know.
- We may place you in a customer segment or group in order to learn about your needs in order to design products and services which are the most suitable and to manage our relationships with the customer segment.
- We use your information to decide whether your account(s) are being used for fraud or money laundering and we monitor transactions to decide if an account is being used in a way that is unusual for you or your business.
- When you open an account with us we check that the product or service is suitable for you and your needs based on what we know. We also check to ensure that you or your business meets the conditions needed to open the account. This may include checking age, residency, nationality or financial position.
Your rights in relation to profiling
You have rights in relation to our profiling activities. You can ask us to not make our decision based on the profiling alone and you can object to the profiling decision and ask us to review it.
More information about credit reference agencies and fraud prevention agencies
We carry out credit and identity checks when you apply for a product or services for you or your business. We may use Credit Reference Agencies (CRAs) to help us with this.
If you use our services, from time to time we may also search information that the CRAs have to help us manage those accounts.
We will share your personal information with CRAs and they will give us information about you. The data we exchange can include:
- Your name, address and date of birth
- Credit application
- Details of any shared credit
- Financial situation and history
- Public information, from sources such as the electoral register and Companies House
- We will use this data to:
- Assess whether you or your business are able to afford to make repayments
- Make sure that what you’ve told us is true and correct
- Help detect and prevent financial crime
- Manage accounts with us
- Recover debts where appropriate
- We will continue to share your personal information with CRAs for as long as you are a customer. This will include:
- Details of your settled accounts and any debts not fully paid on time
- Details of other credit you have obtained from other lenders
- If you borrow, details of your repayments and whether you pay them on time
CRAs may use your information to carry out statistical analysis, and to develop new services. They will also keep a record of our enquiries which may also be used by other organisations to make decisions about you which may affect your ability to obtain credit. Full details of how credit reference agencies use your information is set out in the CRA Information Notice (CRAIN), which is available here.
We will share information with them where we make credit assessments and to understand your financial position. We may also use them to trace your address so that we can continue to make contact with you or if necessary to recover any outstanding debt due to us.
Your record held with the credit reference agency may include associated persons which link you to other persons such as your partner or other members of your household. Any enquiry we make may include information about associated persons such as when you are making a joint application, you tell us about a financial association with another person such as a business partner or there are existing associated records. An association will be taken into account in future applications by either or both of you until such time as you apply to the credit reference agency to unlink your records.
You can do this and find out more information about CRAs by using the contact details below;
Experian Customer Support Centre, Experian Limited, PO Box 8000, Nottingham, NG80 7WF
Telephone 0344 481 0800
Fraud Prevention Agencies
We may need to confirm your identity before we provide products and services to you or your business. After you have become a customer of ours we will also share your information as required in order to help detect fraud and money laundering risks. We use Fraud Prevention Agencies to help us with this.
We or a Fraud Prevention Agency may allow law enforcement agencies to access your personal information as required by them. Fraud Prevention Agencies may keep your information for different periods of time but if they find a risk of fraud or money laundering they may keep it for up to 6 years.
If we or a Fraud Prevention Agency decide that there is a risk of fraud we may stop activity on your account(s) or block access to them.
Fraud Prevention Agencies may send your information to countries outside the European Economic Area (EEA). If they do, there will be a contract in place to ensure that the organisation they send it to protects your information to the same standard as within the EEA. This may include following international frameworks for making data sharing secure.
Sending your information outside the EEA
We will only send your information outside the EEA if we are following your instructions, complying with a legal duty or working with Fraud Prevention Agencies.
We may use your information to tell you about relevant products and services which we consider would be suitable for you. We can only send you marketing if you have given us your consent.
Who we share your personal information with
In order to provide you with banking and other financial services and to comply with the law and other regulations we may share your personal data with other third parties. However, those third parties are also bound to keep your personal data secure and confidential. We may transfer and disclose your information to:
- Any authorities we are required to share information with by law or for regulatory purposes, for example, HMRC, Financial Conduct Authority, Information Commissioners Office, UK Financial Services Compensation Scheme.
- Where we are required to share your information with tax authorities outside the UK either directly or through a local tax authority, that tax authority could then share your information with other tax authorities.
- Where we require additional information or documents about this, you must supply them. If you do not, we will be obliged to close your account or if required by law or other regulations, to withhold parts of certain payments received into your account.
- Our auditors, as required to comply with our legal and regulatory responsibilities
- Persons acting on your behalf, payment recipients, beneficiaries and account nominees
- If you have a debit card with us, we will share transaction details with companies which help us to provide this service such as Visa
- If you use direct debits we will share your information with the Direct Debit scheme
- If you have a secured loan or mortgage with us we may share information with other lenders who also hold a charge over your property
- Any party linked with you or your business’ product or services
- Your advisers such as lawyers, accountants and financial or other professional advisers if you have authorised anyone like this to represent you or give us instructions or use the account or products or services on your behalf
- Our service providers and agents (including their sub contractors) such as agent banks, clearing houses and clearing or payment systems providers
- Other financial institutions, fraud prevention agencies, credit reference agencies and debt recovery agents
- Any introducing broker we receive referrals from
- Any company that we introduce you to
- Companies or individuals that you ask us to share your information with
- If you are a racing account client, the BHA where there are changes to your account such as closure, or changes to your personal details
If we share any information with organisations in a country outside the UK, we will ensure that they have or agree to apply equivalent levels of protection unless this is not possible but we are required by law to share the information in any event.
Your rights in relation to your personal data
Under the Law you have various rights in relation to your information. These rights are explained below:
You are entitled to request access to your personal data at any time by contacting us. We will provide you with access to your information without delay and within 1 month of receiving your request, or at the latest within 3 months.
Access will be provided free of charge unless your requests are excessive or unfounded in which case we are entitled to charge a reasonable administrative fee or we may refuse to respond. We will provide you with an explanation in either case.
Before complying with your request, we are obliged to verify your identity. If a large amount of information is involved we may ask you to specify the information you wish to access.
You can ask us to correct your information if you think it is incorrect. Please contact us if you want to do this.
We will correct information without undue delay and at the latest within one month of receiving the request from you.
If we have disclosed it to a third party, we will endeavour to contact them and inform them of the changes unless this is not possible or it would be disproportionate to do so.
You have the right to object to us using your information, ask us to restrict our use of it or ask us to delete it if there is no need for us to keep it. This is known as the “right to object”, the “right to restrict” and the “right to be forgotten”. There may however be a legal or another reason why we need to keep your information, however, we will inform you of this when you make your request.
You can ask us to stop processing your information where we are doing so for our legitimate interests or where you wish to withdraw your consent.
If you no longer wish us to contact you for marketing purposes, you have the right to ask us to stop by withdrawing your consent. This can be done by:
- telephoning us on +44 (0)1933 543 807
- sending us an email and/or using the unsubscribe link at the bottom of emails we send to you
- informing us through our Online banking if you use this service
- by writing to the Data Protection Officer, Weatherbys Bank Limited, Sanders Road, Wellingborough, NN8 4BX.
You can choose any of the above methods, regardless of the method you chose to give us consent to marketing in the first place. When we receive your withdrawal of consent, we will update our records accordingly and ensure that you no longer receive marketing from us. You can of course change your mind and ask us to send you marketing in the future. We would however need to obtain new consent from you.
Please note that we are entitled to have processed your information up until the time that you withdraw your consent.
You can ask us to restrict the use we make of your information if:
- It’s not accurate.
- It’s been used unlawfully but you don’t want us to delete it.
- It’s not relevant any more, but you want us to keep it for use in legal claims.
- You have already asked us to stop using it but you are waiting for us to tell you if we are allowed to keep on using it.
Where we have restricted processing, we will tell you when that restriction has been lifted.
You can ask us to delete your information where:
- We no longer need it.
- You have withdrawn your consent or objected to us processing it and we have no other reason to keep it.
However, this does not apply where we need it to fulfil our contract with you or comply with the law or to deal with a legal claim.
You have the right to receive a copy of the personal data we process in a format that can be reused or ask us to transfer your information to another organisation where possible, however, this only applies to personal data that is held electronically by us.
How long we keep your personal data
We will keep your personal data in accordance with our Data Retention Policy. In most cases we will keep it for 15 years after you have ceased your relationship with us in order to respond to any questions or complaints, show that we have treated you fairly or to maintain records according to rules that apply to us.
We may keep your information for longer than 15 years after you have ceased your relationship with us if it is needed for legal or regulatory reasons or where your information involves pension advice. We may also keep it for statistical purposes. If we do, we will make sure that your privacy is protected and only use your information for those purposes.
What to do if you are unhappy about the way in which we use your information
If you are unhappy, please contact us. You also have the right to make a complaint to the Information Commissioners Office (ICO) by contacting them at: