What we do with the data | Our privacy policy | NatWest

The purposes for which your information may be used

We will only use and share your information where it is necessary for us to carry out our lawful business activities. Your information may be shared with and processed by other RBS group companies. We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail below.

This guide contains
the following sections:

Overview
Information we hold
What we do with the data
Sharing data outside NatWest
Your rights

Contractual necessity

We may process your information where it is necessary to enter into a contract with you for the provision of our products or services or to perform our obligations under that contract. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to:
 

Assess and process applications for products or services
 

Provide and administer those products and services throughout your relationship with the bank
including opening, setting up or closing your accounts or products, collecting and issuing all necessary documentation, executing your instructions, processing transactions, including transferring money between accounts, making payments to third parties, resolving any queries or discrepancies and administering any changes. Calls to our service centre and communications to our mobile and online helplines may be recorded and monitored for these purposes
 

Develop, manage and maintain our relationships with you and for ongoing customer service.
This may involve sharing your information with other RBS group companies to improve the availability of our services, for example enabling customers to visit branches of other RBS group companies
 

Administer any credit facilities or debts
including agreeing repayment options
 

Communicate with you
about your account(s) or the products and services you receive from us

Legal obligation

When you apply for a product or service (and throughout your relationship with us), we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to:
 

Confirm your identity
including using biometric information and voice-recognition technology and other identification procedures, for example fingerprint verification
 

Perform checks and monitor transactions and location data
for the purpose of preventing and detecting crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. This may require us to process information about criminal convictions and offences, to investigate and gather intelligence on suspected financial crimes, fraud and threats and to share data with law enforcement and regulatory bodies
 

Assess affordability and suitability of credit
for initial credit applications and throughout the duration of the relationship, including analysing customer credit data for regulatory reporting
 

Share data with other banks and third parties to help recover funds that have entered your account
as a result of a misdirected payment by such a third party
 

Share data with police, law enforcement, tax authorities or other government and fraud prevention agencies
where we have a legal obligation, including reporting suspicious activity and complying with production and court orders
 

Deliver mandatory communications to customers
or communicating updates to product and service  terms and conditions
 

Investigate and resolve complaints
 

Conduct investigations into breaches of conduct
and corporate policies by our employees
 

Manage contentious regulatory matters, investigations and litigation
 

Perform assessments and analyse customer data
for the purposes of managing, improving and fixing data quality
 

Provide assurance that the bank has effective processes
to identify, manage, monitor and report the risks it is or might be exposed to
 

Investigate and report on incidents or emergencies
on the bank’s properties and premises
 

Coordinate responses  to business disrupting incidents
coordinate responses to business disrupting incidents and to ensure facilities, systems and people are available to continue providing services
 

Monitor dealings to prevent market abuse

 

 

Legitimate interests of the bank

We may process your information in the day to day running of our business, to manage our business and financial affairs and to protect our customers, employees and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business. This may include processing your information to:
 

a) We may process your information where it is in our legitimate interests do so as an organisation and without prejudicing your interests or fundamental rights and freedoms.

 

Monitor, maintain and improve internal business processes
information and data, technology and communications solutions and services
 

Ensure business continuity and disaster recovery
and responding to information technology and business incidents and emergencies
 

Ensure network and information security
including monitoring authorised users’ access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our telecommunications systems and websites, prevention or detection of crime and protection of your personal data
 

Provide assurance on the bank's material risks
and reporting to internal management and supervisory authorities on whether the bank is managing them effectively
 

Perform general, financial and regulatory accounting and reporting
 

Protect our legal rights and interests
 

Manage and monitor our properties and branches
(for example through CCTV)  for the purpose of crime prevention and prosecution of offenders, for identifying accidents and incidents and emergency situations and for internal training; and
 

Enable a sale, reorganisation, transfer
or other transaction relating to our business


 

b) It is in our interest as a business to ensure that we provide you with the most appropriate products and services and that we continually develop and improve as an organisation.

This may require processing your information to enable us to:
 

Identify new business opportunities and to develop enquiries
and leads into applications or proposals for new business and to develop our relationship with you
 

Send you relevant marketing information
(including details of other products or services provided by us or other RBS group companies which we believe may be of interest to you)
 

Understand our customers’ actions, behaviour, preferences, expectations, feedback and financial history
in order to improve our products and services, develop new products and services, and to improve the relevance of offers of products and services by RBS group companies
 

Monitor the performance and effectiveness of products and services

Assess the quality of our customer services and to provide staff training.
Calls to our service centres and communications to our mobile and online helplines may be recorded and monitored for these purposes
 

Perform analysis on customer complaints
for the purposes of preventing errors and process failures and rectifying negative impacts on customers
 

Compensate customers for loss, inconvenience or distress
as a result of services, process or regulatory failures
 

Identify our customers’ use of third-party products and services
in order to facilitate the uses of customer information detailed above; and
 

Combine your information with third-party data
such as economic data in order to understand customers’ needs better and improve our services
 

We may perform data analysis, data matching and profiling
to support decision making with regards to the activities mentioned above. It may also involve sharing information with third parties who provide a service to us


 

c) It is in our interest as a business to manage our risk and to determine what products and services we can offer and the terms of those products and services.

It is also in our interest to protect our business by preventing financial crime. This may include processing your information to:
 

Carry out financial, credit and insurance risk assessments
 

Manage and take decisions about your accounts
 

Carry out checks (in addition to statutory requirements)
on customers and potential customers, business partners and associated persons including performing adverse media checks, screening against external databases and sanctions lists and establishing connections to politically exposed persons
 

Share data with credit reference, fraud prevention agencies and law enforcement agencies
 

Trace debtors and recovering outstanding debt
 

For risk reporting and risk management 
 

Application decisions may be taken based on solely automated checks of information from credit reference agencies and internal RBS records. For more information on how we access and use information from credit reference and fraud prevention agencies see the Sharing data outside of NatWest page.

 

 

 

 

 

 

 

 

Add your signposting title here… Changes to the way we use your information

From time to time we may change the way we use your information.  Where we believe you may not reasonably expect such a change we will notify you and will allow a period of at least 30 days for you to raise any objections before the change is made. However, please note that in some cases, if you do not agree to such changes it may not be possible for us to continue to operate your account and/or provide certain products and services to you.

Add your signposting title here… How we use and share your information with other RBS group companies

We will only use and share your information where it is necessary for us to lawfully carry out our business activities. Your information may be shared with and processed by other RBS group companies. We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail on this page, for contractual necessity, legal obligation and legitimate interests of the bank.

Add your signposting title here… Security

We are committed to ensuring that your information is secure with us and with the third parties who act on our behalf.

For more information about the steps we are taking to protect your information please visit the Security Centre page or contact us at 03457 888 444 Overseas number +44 3457 888 444 Minicom 0800 404 6161.

Set Tab for lightbox