You can use the search function to find a range of UK Finance material, from consultation responses to thought leadership to blogs, or to find content on a range of topics from Capital Markets & Wholesale to Payments & Innovation.
How we use and protect your personal data
Last updated: 21st of April 2022
Who we are
UK Finance is the collective voice for the banking and finance industry. Representing 300 firms across the industry, we act to enhance competitiveness, support customers and facilitate innovation.
We have appointed a data protection officer who may be contacted at email@example.com or firstname.lastname@example.org.
You can find more information about us by clicking here.
Our commitment and obligations to you
We take the collection, usage and security of your personal data seriously. We can only use your personal data under law if we have a good reason for doing so. The law provides examples of those reasons. These include:
A legitimate interest is when we have a business or commercial reason to use your information. But even then it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
Types of personal data
On occasion the following special category (sensitive) personal data may be obtained: physical or mental health details, political opinion, racial or ethnic origin and religious beliefs. We will only obtain and process this information with your consent (permission) or in situations where it is in the wider public interest.
If you choose to provide us with any personal data relating to a third party (for example, information relating to your spouse, children, parents, and/or employees) or ask us to share their personal data with third parties by submitting such information to us, you confirm that they understand the information in this notice about how we will use their personal data.
How is the personal data obtained?
We obtain this information in several ways, for example through your use of our services or other dealings with us, including through the member onboarding process, enquiry forms, and from information provided in the course of ongoing correspondence. We may collect personal data from you:
With regard to each of your visits to our site we may collect the following information:
Further, if you visit our offices or premises, we may have CCTV which may record your image.
Information received from events, training and working groups / committees
We may collect data about you when you attend any of our events, training sessions and/or UK Finance working groups / committees. This may be collected via business card information you have provided to a UK Finance employee or where you have been invited, nominated or otherwise requested to attend one of our events, training sessions and/or working groups / committees. This information may include your name, job title, company, business or personal email address, phone numbers (business or personal).
Information received from other sources
What do we use your personal information for?
As a business, it is critical that we perform our agreement with you with the best service possible, and it is in our legitimate interest to be responsive to you and to ensure the proper functioning of our products and organisation.
Here is a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.
We may use data of UK Finance personnel (and those wishing to become personnel of UK Finance) for the following reasons:
We may obtain information about your general internet usage by using cookie files stored on your computer or device (“cookies“). Cookies are text files containing small amounts of information which are downloaded to your computer or device when you visit a website. They help us to improve our site and to deliver a better and more personalised service.
How we share your personal data
We take your privacy very seriously and we’ll only share your information where:
We may occasionally share your data with trusted third parties to help us deliver efficient and quality services. We will never sell, trade, or rent your personal data to others; however, we may share your information with selected third parties including:
Economic crime information sharing
We may share your personal data with law enforcement agencies, fraud prevention agencies, public authorities or other organisations if legally required to do so, or if we have a public interest and/or good faith belief that such use is reasonably necessary to:
Sharing aggregated/anonymised data
Where we have made your information anonymous, we may share this outside of UK Finance with partners such as research groups, universities, advertisers or connected sites. For example, we may share information publicly to show trends about the financial services market.
Links to external websites
Our sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or how such websites collect and use your data. Please check these policies before you submit any personal data to these websites.
Where we store or transfer your personal data
We would usually ensure that the majority of personal data we store or process is within the UK or European Economic Area (EEA).
There may be situations where the data that we collect from you may be transferred to, and stored at, a destination outside the UK and EEA”), including, in particular, the United States. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or business partners. We will ensure they agree to apply equivalent levels of protection for personal data. If this is not possible – for example because we are required by law to disclose information – we will ensure the sharing of that information is lawful. Also, if they are not in a jurisdiction that is regarded as having “adequate” levels of protections for personal data, we will put in place appropriate safeguards (such as contractual commitments), in accordance with applicable legal requirements, to ensure that your data is adequately protected.
Security of your personal data
We always take appropriate technical and organisational measures to ensure that your information is secure. In particular, we train our employees who handle personal data to respect the confidentiality of customer information and the privacy of individuals. We regard breaches of your privacy very seriously and will impose appropriate penalties, including dismissal where necessary. We have appointed a Data Protection Officer to ensure that our management of personal data is in accordance with this Privacy Notice and the applicable legislation. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the data transmitted to our site; any transmission of your data is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
UK Finance is ISO 27001 accredited. This is an internationally recognised specification for information security management. To meet our commitment to protecting your data we have invested in our people, processes and technology. Independent assessments are carried out on a regular basis. This would also include a technical audit of our systems to receive our Cyber Essentials Plus certification. For more information about this government-backed scheme, please refer to the National Cyber Security Centre website or follow this link.
How long we keep your information
We will retain your personal information for as long as you use our services and for a reasonable time thereafter. After you have terminated your use of our services, we will retain your personal information for up to seven years and thereafter may store it in an aggregated and anonymised format.
Data protection laws give you certain rights in relation to the data we hold on you. These include the following rights to:
Your ability to exercise these rights will depend on a number of factors and in some instances, we will not be able to comply with your request e.g. because we have legitimate grounds for not doing so or where the right doesn’t apply to the particular data we hold on you.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent.
If you would like more information on these rights, please contact us using the details below.
How to contact us
What if I have a complaint?
If you have a concern about any aspect of our privacy practices, you can make a complaint. This will be acted upon promptly. To make a complaint, please contact us via one of the methods set out above. If you are not satisfied with our response to your complaint, you have the right to lodge a complaint with our supervisory authority, the Information Commissioner’s Office (ICO). You can find details about how to do this on the ICO website at https://ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.
Any changes we may make to the Privacy Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check this page frequently to see any updates or changes to this Privacy Notice.