Privacy

Your information will be held by TSB Bank plc ('TSB'), under the trading name Whistletree. Any reference to "we" or "us" is to TSB.

How your personal information is used by TSB.

Please read this Privacy Notice to understand how we use and protect the information that you provide to us.

TSB Data Privacy Notice

The Data Protection Act 1998 requires us to manage all personal information in accordance with the Data Protection Principles. In particular, we are required to process your personal information fairly and lawfully. This means that you are entitled to know how we intend to use any information you provide. All our employees are responsible for maintaining customer confidentiality. We provide training and education to all employees to remind them about their obligations. In addition, our policies and procedures are regularly audited and reviewed.

Where we obtain your information

Your personal information will be held securely by TSB so that we can manage your relationship with us. This will include any additional information provided by you or others in various ways, including:

a) emails and letters, during telephone calls and conversations in branch, when registering for services, in customer surveys, when you participate in competitions and promotions, through our website and during financial reviews and interviews;

b) from analysis (for example, the amount, frequency, location, origin and recipient) of your payments and other transactions, from your use of our services and what we know from operating your account; and

c) information we receive from our business partners and from other organisations such as credit reference agencies and fraud prevention agencies.

We will not retain your personal information for longer than is necessary for the maintenance of your account, or for legal or regulatory requirements.

If you give us personal information about someone else (such as a joint applicant) then you should not do so without their permission. Where information is provided by you about someone else, or someone else discloses information about you, it may be added to any personal information that is already held by us and it will be used in the ways described in this Privacy Notice.

How we use your information

We may use the personal information we hold about you for the following administrative activities:

a) providing you with products and services and notifying you about either important changes or developments to the features and operation of those products and services;

b) responding to your enquiries and complaints;

c) administering offers, competitions and promotions;

d) undertaking financial reviews; and also for the following data processing activities:

e) updating, consolidating, and improving the accuracy of our records;

f) undertaking transactional analysis;

g) arrears and debt recovery activities;

h) testing new systems and checking upgrades to existing systems;

i) crime detection, prevention, and prosecution;

j) evaluating the effectiveness of marketing and for market research and training;

k) customer modelling, statistical and trend analysis, with the aim of developing and improving products and services;

l) assessing lending and insurance risks;

m) managing your relationship with us.

By processing this information - it enables us to better understand your needs and run your accounts in the efficient way that you expect.

Your data may also be used for other purposes for which you give your specific permission, or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act.

When we may share your information

We will treat your personal information as private and confidential, but may disclose it outside TSB if:

a) allowed by this agreement;

b) you consent;

c) needed by our agents, advisors or others involved in running accounts and services for you or collecting what you owe us;

d) needed by subcontractors to help us manage your records;

e) HM Revenue & Customs or other authorities require it;

f) the law, regulatory bodies or the public interest permits or requires it;

g) required by us or others to investigate or prevent crime;

h) needed by market research companies to assist us in providing better products and services for you;

i) needed by any other parties connected with your account (including guarantors);

j) needed by organisations which provide us with a service, on the understanding that they keep your information secure and confidential, unless you tell us not to;

k) required as part of our duty to protect your accounts, for example we are required to disclose your information to the UK Financial Services Compensation Scheme (FSCS).

We will always ensure your information remains safe and secure.

Using your information to help prevent terrorism and crime

The Government also requires us to screen applications that are made to us to ensure we are complying with the international fight against terrorism and other criminal activities. As a result of this we may need to disclose information to government bodies.

Sharing your personal information between first and second charge lenders

If you have a secured loan or mortgage with us, we may need to share information with other lenders who also hold a charge on your property.

Sharing personal information between joint applicants

Sometimes, when you open a joint account or product, this may mean that your personal data will be shared with the other applicant. For example, transactions made by you will be seen by your joint account holder and vice versa.

How we share your personal information with and use credit reference agencies

Credit Reference Agencies

Credit Reference Agencies (CRAs) collect and maintain information about consumers' and businesses' credit behaviour. This includes the Electoral Register, fraud prevention, and credit information - including details of previous applications and the conduct of your accounts - and public information such as County Court Judgements, decrees, and bankruptcies.

The information that we and other organisations provide to credit reference agencies about you, your financial associates and your business (if you have one) may be provided to other organisations and used by them and us to:

a) help make decisions, for example when:

(i) checking details on applications for credit and credit-related or other facilities;

(ii) managing credit and credit-related accounts or facilities;

(iii) recovering debt;

(iv) checking details on proposals and claims for all types of insurance;

(v) checking details of job applicants and employees;

b) detect and prevent crime, fraud and money laundering;

c) check your credit history;

d) verify your identity if you, or someone financially linked with you, applies for services;

e) trace your whereabouts; and

f) undertake research, statistical analysis and systems testing.

If we need to make a credit decision, your records will be searched along with those of anyone who is financially associated with you such as your spouse or partner. The CRA will keep a record of this search and place a "footprint" on your credit file, whether or not the application proceeds.

We may also give details of your account and how you conduct it to credit reference agencies, including if you borrow and do not repay in full and on time. If you fall behind with your payments and a full payment or satisfactory proposals are not received within 28 days of a formal demand being issued, then a default notice may be recorded with the CRAs. Similar information may also be given about your other lending/credit relationships with us. Any records shared with CRAs will remain on file for 6 years after your account is closed, whether it has been settled by you or as a result of a default. Other organisations may see these searches and updates if you apply for credit in the future, and these may affect your ability to borrow from other lenders.

If you apply for or hold an account in joint names, or tell us that you have a spouse or financial associate, a financial association will be created between your records, including any previous and subsequent names used by you. This means that your financial affairs may be treated as affecting each other. These links will remain on your and their files until such time as you or your partner is successful in applying for a disassociation with the CRAs to break that link. You must be sure that you have their agreement to disclose information about them. Searches may be made on all joint applicants, and search footprints will be left on all applicants' records.

You have a right to apply to the credit reference agencies for a copy of your file. We carry out most of our credit searches using Experian, but details of how you have run your account(s) may be disclosed to all the credit reference agencies. The information they hold may not be the same and there is a small fee that you may need to pay to each agency that you apply to.

Their addresses are:

    • Experian Consumer Help Service, PO Box 9000, Nottingham NG80 7WP or call 0844 481 8000 or log on to  www.experian.co.uk
    • Equifax plc, Credit File Advice Centre, PO Box 1140, Bradford BD1 5US or log on to  www.equifax.co.uk
    • CallCredit, Consumer Services Team, PO Box 491, Leeds LS3 1WZ or call 0870 060 1414 or log on to  www.callcredit.co.uk
How we use fraud prevention agencies

We have systems that protect our customers and ourselves against fraud and other crime. Customer information can be used to prevent crime and trace those responsible. We will share your personal information from your application with fraud prevention agencies. If false or inaccurate information is provided and fraud is identified, details of this fraud will be passed to these agencies. Law enforcement agencies may access and use this information. We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

  • checking details on applications for credit and credit related or other facilities;
  • managing credit and credit related accounts or facilities;
  • recovering debt;
  • checking details on proposals and claims for all types of insurance;
  • checking details of job applicants and employees.

We and other organisations may access and use the information recorded by fraud prevention agencies from other countries.
Please contact us on 0330 159 9612, 8.30am – 6pm Monday to Friday, if you want to receive details of the relevant fraud prevention agencies.

Using companies to process your information outside the EEA

All countries in the European Economic Area (EEA), which includes the UK, have similar standards of legal protection for your personal information. We may run your accounts and provide other services from centres outside the EEA (such as the USA and India) that do not have a similar standard of data protection laws to the UK. If so, we will require your personal information to be protected to at least UK standards.

We may process payments through other financial institutions such as banks and the worldwide payments system operated by the SWIFT organisation if, for example, you make a CHAPS payment or a foreign payment. Those external organisations may process and store your personal information abroad and may have to disclose it to foreign authorities to help them in their fight against crime and terrorism. If these are based outside the EEA, your personal information may not be protected to standards similar to those in the UK.

How we may contact you

Using your personal information to contact you about products and services

Unless you have given us your consent, we will not send marketing to you either from us, or by passing information about you to other selected companies for their own direct marketing.

This contact may continue after your relationship with us ends. You may opt out of receiving information at any time by calling us, writing to us or contacting your local branch.

Using your email address for service contact

Making sure we deliver excellent customer service is very important to us and to do this various methods of communication may be used when sending you information about your account. Most of the time you will be contacted by letter or telephone, but you may also be sent updates by text message or email when it is believed to be appropriate. You can ask us to stop sending these messages at any time. Additionally, in extraordinary circumstances (such as natural disaster or civil unrest) we may also send you updates by text message or email. If we decide to use email to contact you, we will only do this if we have ensured that using email will not put your information at risk, or, if you have requested we email you, that we have explained the risks of sending an "insecure" email and that you are happy to accept that risk.

In addition you may wish to choose a channel of communication that suits you when you need to contact us. If you need to email us, we recommend you check our website to see if a secure email facility exists so that your email can be sent securely. If you send us emails in other ways, such as from your personal account, then remember that the message may not be secure and there is a risk that it could be intercepted. If you choose to send an "insecure" email, please keep the amount of confidential information you include to a minimum.

When you apply for and use our products and services

Using credit scoring

When you apply for credit, an automated system known as credit scoring may be used when considering whether to agree the borrowing. It is a method of assessing your likely conduct of an account based on a range of data, including the conduct of previous similar accounts. It is a system widely used by credit providers to help make fair and informed decisions on lending.

Credit scoring takes account of information from three sources - the information you provide on your application, information provided by credit reference agencies and information that may already be held about you by us. A credit scoring system will consider information from these sources, to make an overall assessment of your application. The credit scoring methods used are regularly tested to ensure they remain fair, effective and unbiased.

Using a credit scoring system helps us to lend responsibly. If you submit an application and it is declined through this automated process, you can contact us within 21 days to have the decision reconsidered. You also have the right to ask that the decision is not made based solely using a credit scoring system.

How we manage sensitive personal information

The Data Protection Act defines certain information as 'sensitive' (racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life, criminal proceedings and offences). If you apply to us for insurance we may ask you for some 'sensitive' information, but we will always ask for your explicit consent. As a customer, there may also be times when you give us 'sensitive' information. We will use it to provide the service you require and may share it with our subcontractors to keep our records up to date.

How we check your identity

We may ask you to provide physical forms of identity verification when you open your account. Alternatively, we may search credit reference agency files in assessing your application. The agency also gives us other details and information from the Electoral Register to verify your identity. The agency keeps a record of our search, whether or not your application proceeds. Our search is not seen or used by lenders to assess your ability to obtain credit.

Undertaking anti-money laundering checks

To comply with money laundering regulations, there are times when we need to confirm (or reconfirm) the name and address of our customers. For more details about identity checks, please call 0330 159 9612, 8.30am – 6pm Monday to Friday.

Recording phone calls

We may monitor or record phone calls with you in case we need to check we have carried out your instructions correctly, to resolve queries or issues, for regulatory purposes, to help improve our quality of service, and to help detect or prevent fraud or other crimes.

Conversations may also be monitored for staff training purposes.

We may also use interactive voice recognition technology to help us manage your account and provide you with the services you require.

Using information on social networking sites

As part of our ongoing commitment to understanding our customers better, we may research comments and opinions made public on social networking sites such as Twitter and Facebook.

Obtaining a copy of your information

Under the Data Protection Act you have the right of access to your personal data. The Act allows us to charge a fee of £10 for this service. If anything is inaccurate or incorrect, please let us know and we will correct it. For further details on how to request a copy of your information, please contact:

DSAR Unit
Whistletree
PO Box 655
Durham
DH1 9LX

Cookies

In general, you can visit our website without identifying who you are or revealing any information about yourself. However, cookies are used to store small amounts of information on your computer, which allows certain information from your web browser to be collected. Cookies are widely used on the internet and do not identify the individual using the computer, just the computer being used. Cookies and other similar technology make it easier for you to log on to and use our websites during future visits.

  • Changes to privacy notice

We keep our Privacy Notice under regular review and we will reflect any updates within this notice.

This Privacy Notice was issued in July 2016.

  • Further information

For further information please call 0330 159 9612, 8.30am – 6pm Monday to Friday.