Your right to privacy is very important to us. We take the security of your information seriously and have strict policies and processes in place to ensure it remains safe. This policy describes the way we collect information, how we use it and how we protect it.
We’re The Nottingham, a group of companies that includes Nottingham Building Society.
We are committed to safeguarding your personal information and we are legally obliged to use your information in line with all laws concerning the protection of personal information. We are regulated by the Information Commissioners Office (ICO) which is responsible for regulations that cover the collection, storage, processing, disclosure, transfer and destruction of personal data in the United Kingdom, and we are registered as a Data Controller with the ICO. We have a Data Protection Officer who ensures the fair processing of your information in line with the regulations, whom you can contact using the contact details at the end of this policy. You also have the right to complain to the ICO if you have any concerns.
We collect personal information about you when you apply for products or make use of our services. Personal information we hold will include:
In some instances, it is necessary for us to collect more sensitive information to be able to provide advice to you or complete applications, for example information about your health to support a life insurance application. This type of information is called special category data and where we do need to collect it, we will gain your consent to the collection and processing of this data. You can withdraw your consent at any time to us processing this data, however, this may mean that you can no longer access the service or product the information was gathered for.
For security and training purposes and to check and improve the quality of our service, we also record and monitor telephone calls.
We will only collect, use, hold or disclose personal information where we have a lawful basis to do so. This means information needed to provide you with a product or service, to satisfy legal or regulatory requirements, or where we have your consent. We will use your information to:
We may use automated systems to analyse your personal data. Where you have chosen to hear from us about products and services we may tailor communications based on your data.
The security of your information is very important to us. We protect your information by maintaining physical, electronic, and procedural safeguards in relation to the collection, storage and disclosure of personal data to prevent unauthorised access, accidental loss, disclosure or destruction. We will not transfer your information to other countries outside the EEA unless it is unavoidable to allow us to deliver our products and services. If we do, we take care to ensure the same level of privacy and security as the UK.
We will keep your personal information only for as long as necessary to administer the accounts you have in line with regulatory and legal requirements, and will destroy it securely when it is no longer needed.
From time to time we may send information to, receive information from, or exchange your personal information with:
We will only share or exchange data with third parties with the protection of a written agreement and the ability to oversee their activities, unless information is required for legal or regulatory reasons. Where we have relationships with other organisations that process your information on our behalf we take care to ensure they have high data security standards. We will not allow these organisations to use your personal information for unauthorised purposes.
If the business is reorganised or sold to another organisation, we may transfer any personal information we hold to that organisation.
The personal information we will/have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. If false or inaccurate information is provided and/or if fraud is detected, you could be refused certain services, finance or employment.
Further details of how your information will be used by us and these fraud prevention agencies can be provided by asking for a copy of our full fraud prevention agency notice.
Credit reference agencies collect and maintain information about consumers’ and businesses’ credit behaviour. We use them to confirm your identity and to keep your money safe. They may keep records of enquiries about you and details of how you manage your accounts. The credit reference agencies we normally use are:
Credit referencing agencies have published their own guidance on use of personal data called the Credit Referencing Agency Information Notice (CRAIN). You can view these notices by visiting their website and searching for CRAIN. If you would like to see the information that these credit reference agencies hold about you, please contact them directly. Please note there may be a charge for this service.
Data protection regulations mean you have rights over how we hold and use the information we hold about you:
If you wish to action any of the above please contact us by: