Menu Open menu
Find a branchFind a branch
Go
Please enter your postcode using only letters and numbers. Please enter a postcode.

Call us0800 121 8899

Call us

Free call from mobiles & landlines


Monday to Friday 8am - 8pm
Saturday 9am - 5pm
Sunday 10am - 4pm


All enquiries 0800 121 8899

Call costs explained


Login

About this Notice

This Privacy Notice describes the information we collect about you, how we use it and why.

 

Children and young people

Your parent or guardian should read this Privacy Notice on your behalf or with you if you are old enough to understand it. If your account has been opened by your parent or guardian they have given us information about you so that we could open and run your account. Depending on your age, you or your parent or guardian can ask about the information we hold about you.

Good to know
We never send information about new mortgages or savings products and services we’ve developed to anyone under age 18.

What's in this Notice

Your right to privacy is important to us. When you share your details with us, we want you to be confident that we look after the information securely and we only use or share it in the ways we set out in this Notice.

There are also several things that, by law, we have to explain to you.

If there’s anything you’re not sure about or you have more questions, get in touch with us.

We’re Coventry Building Society Group

The Group is:

Coventry Building Society

Godiva Mortgages Limited

ITL Mortgages Limited

When we use the terms we, us, our and the Group in this notice, we mean Coventry Building Society Group.

Who is the data controller?

The ‘data controller’ is the organisation responsible for making sure your information is processed fairly and lawfully. For the personal data you give us, either Coventry Building Society, Godiva Mortgages Limited or ITL Mortgages Limited will be the data controller. It depends on which organisation you apply to, account you hold or service you use. 

As part of looking after accounts, we work together as a Group so any of the three companies can be the one ‘processing’ your information.

Information we hold about you

Why we need to collect information

To set up and run accounts and services for you, we need specific details. 

If you don’t give us the information we need, or if you don’t allow us to ‘process’ your information, we can’t open an account or set up a service for you. For what we mean by ‘process’, see ‘How we use your information’ further down this page.

We’ll ask you directly for most of the information we need. Sometimes we also collect more data about you from external sources, such as credit reference agencies.

If you give us information about someone else 

You might give us information about another person, for example, if you’re applying for a joint account or for an account on behalf of a child.

We expect that:

  • you have their permission to give us this information.
  • the other person understands how we’ll use their information.
  • the other person has no objection to us holding and using their information.

What information we hold about you

The type of personal information you can expect us to hold about you includes:

Your personal details

  • for example, your name, date of birth, address, telephone number, email address. To have an ISA with us, we must hold your National Insurance number – it’s required by law.

Account details

  • information about the accounts you hold or held with us, and details about the money going in and out.

Records of our contact with you

  • for example, notes on our systems, emails, letters, texts and social media. We also record telephone calls and use CCTV in our premises.

Cookies

  • these track your activity on our website.

For more information about this, see our cookie policy.

Sometimes we’ll also hold sensitive personal information such as details about your health or financial circumstances. We always ask for your explicit consent to do this.

Depending on the accounts you hold with us or services you use, we may also record more personal information such as:

  • your income
  • your employment
  • your financial commitments
  • details of a credit search.

We’ll keep your personal data if you…

  • have an open account with us,
  • have enquired or applied for products with us, or
  • have made a complaint

…so we can provide a service to you.

We’ll keep your data for added time…

  • after you close your account,
  • after your product application date, or
  • after the closure of your complaint

…in order to meet our legal and regulatory obligations.

While we hold your data...

we’ll keep it safe and secure, and we’ll regularly review the rules around how long we keep it for.

When we no longer need your data...

we’ll destroy it safely and securely, consistent with our rules on how long we keep your data.

If you’d like more information about how long we keep information, email our data protection specialists:

Data.ProtectionOfficer@thecoventry.co.uk

How we use your information

We use your information to:

  • assess every application you make for an account or service
  • manage your accounts
  • develop and improve our services
  • make sure we comply with the law that governs our activities. 

Data protection laws require us to explain what ‘legal grounds’ justify us processing your information, including sharing it with other organisations. The legal grounds are:

  • contracts
  • regulation
  • law
  • consent
  • legitimate interests.

This is a list of all the ways we use your information for each of these legal grounds:

Contracts

  • to assess your application for an account or service. This depends on the type of account you apply for. For example, if you apply for credit (such as a mortgage), we have to make thorough checks. We assess your credit score, our risk of lending to you, and any risk that the application could be fraudulent.
  • to set up and manage your accounts and keep our records up-to-date.
  • to allow deposits and withdrawals to be made to and from your account both electronically and in cash.

Regulation and law

  • to confirm your identity when you apply for an account or service.
  • to meet our legal and regulatory obligations and for crime prevention/detection.
  • to make sure you have notice of our general meetings and are able to vote if you’re eligible.

With your consent

We only do these things if you tell us you agree:

  • to keep you informed about other relevant accounts or services.

We ask for your permission to do this when you apply for an account or service with us. You can change your mind at any time. Contact us if you don’t want us to send you information about new mortgage or savings products or services we’ve developed. To remove your details from any marketing activity, get in touch with us.

To store sensitive personal information

  • we might need to do this to, for example, support your insurance claim. If we need to process specific, sensitive personal information, we’ll ask for your explicit consent at the time we need it.

Our legitimate interests

This means the purpose is essential or relevant to our business. These activities never take priority over your interests and rights. We use your information:

To carry out customer research

  • this is to help us improve our accounts and services and to better understand our customers. To ask us not to include you in any customer research, please get in touch with us.
  • to test computer systems to make sure our systems stay secure and function properly.

For security, training and to improve our service

We use recordings of telephone calls to check and improve our customer service. And we record CCTV footage in our branches and offices to protect our employees and customers.

We use technology to carry out automated processing

We use technology to make some decisions about you without involving a person to make the decision – this is called ‘automated decision-making’.

Examples of this are:

  • assessing lending risks.
  • analysing transactions on your account.
  • deciding what happens when a bond matures.
  • choosing what information to send you about our accounts or services.

If you’re getting information about new mortgages and savings products and services we develop and want to opt out, just let us know.

For more about this, see ‘Your rights under data protection law’.

We’ll also use data to analyse statistics. When we do this, we make sure information can’t be traced back to individuals.

We can do this activity only when:

  • it’s essential for us to open or run your account, or
  • it’s authorised by law.

Not happy about an automated decision?

If you apply for an account and there’s something about it that means you’d prefer a human to assess it rather than a computer, please let us know before you submit the application. (For example, if you apply for a mortgage and you have a County Court Judgement registered against you.)

If we make a decision about you using automatic processing, you can ask us to have one of our team reconsider the decision.

Who we share your information with

We’ll only share your information with other organisations for the reasons detailed in this Notice.

To spell out what we don’t do with your information:

  • we’ll never sell your data to anyone else.
  • we’ll never use your data to send you marketing information selling products or services by other organisations.

Confirming your identity

Under money laundering law, all financial organisations have to confirm a customer’s identity. To do this, we send your details to a specialist external agency. It’s a quick and secure process commonly used by banks and building societies. If your details change, we’ll ask you to re-confirm your identity. For example, you apply for another account with us or you change your name.

Credit checking

If you apply for an account with credit (for example, a mortgage), we contact a credit reference agency for details of your credit history. The agency keeps a record of our enquiry (‘search’) and your application, and whether or not we open the account for you.

When your account is open, we give the agencies more information about you. For example, how you run the account – paying your mortgage on time, using your overdraft. If you apply to another company for credit, they’ll then be able to see this information.

Remember: if you apply for a joint account, your financial information will be ‘linked’ to the other applicant(s) by the credit reference agency, which creates an association between you. We, or other financial organisations, might take this into account when you or any of the other applicants are credit-checked again in future. To prevent this, you must ask the agency to unlink your financial records.

The credit reference agencies we normally use are below, along with how to find their ‘Credit Reference Agency Information Notice’ (CRAIN).

You can see the information these agencies hold about you, and read their Privacy Notices, on the websites above. Contact them directly and they’ll explain how to make a request and how much it costs.

Fraud prevention and reporting

Under money laundering law, all financial organisations have to report any suspicious transactions to help detect and prevent crime. We report to the National Crime Agency, the police and other law enforcement agencies.

When people give us false or inaccurate information and we identify it as fraud, we pass the details to fraud prevention agencies, such as Cifas, National Hunter, SIRA, as well as law enforcement agencies who may view and use this information.

We and other organisations may also use this information to prevent fraud and money laundering. For example, to: 

  • check details on applications for accounts with credit facilities
  • manage credit facilities
  • recover debt
  • check details on claims for all types of insurance.

We also use information recorded by fraud prevention agencies in other countries.

For the details of the relevant fraud prevention agencies, ask us. To see the information these agencies hold about you, you’ll need to contact them directly.

Tax reporting

We have to give information about you and your savings accounts to HM Revenue & Customs. For example, to verify that our customers aren’t saving more than the annual allowance in ISAs, and to make sure people with tax residency in other countries are complying with the law.

Our suppliers

Examples of suppliers or other organisations we use are: 

  • third party financial services suppliers, for example, insurance providers or administrators of insurance services. They need access to your personal information to process it, so they can carry out services such as creating quotes, renewing policies and handling claims.
  • mailing, data management and IT suppliers.
  • market research suppliers for example, to carry out surveys, focus groups or other research for us.

We can change the companies we use or appoint to provide services.

When we appoint a company to provide a service on our behalf, they must meet our strict requirements about the security and privacy of our customers’ data.

Transferring data outside the EEA

Occasionally we or a supplier may need to transfer data to countries outside the European Economic Area (EEA). This could be, for example, for tax reporting purposes. Other countries may not have the same standard of data protection laws as we do here in the UK. In these circumstances, we use safeguards to make sure data is transferred securely and in line with UK data protection standards. For example, we’d always use encryption, where information is converted into a code and only readable by the organisation we send it to.

Other occasions we need to share your information

If you apply for a mortgage or hold a mortgage with us, sometimes we need to share information with some or all of these people or groups:

  • your employer to confirm your income and employment.
  • your mortgage intermediary or broker (if you use one) so they can provide their services to you.
  • a legal representative acting either for us or you.
  • a valuer.
  • debt counsellors or other specialist services, if for example you fall into payment difficulties or can’t repay your outstanding mortgage balance.
  • a guarantor of your mortgage or their legal advisor.

We may also share your information with:

  • The Financial Ombudsman Service – for example, if you make a complaint.
  • our regulators.
  • asset managers – for example, as part of a corporate financial transaction such as issuing of a covered bond.
  • another organisation if we ever sell or transfer our business.

Your rights under data protection law

By giving us your information, you become a ‘data subject’. Here are the rights you have as a data subject, under data protection laws:

  • to be informed about how we process your personal information.
  • to have your personal information corrected or updated if it’s inaccurate or incomplete.
  • to object to us processing your personal information.
  • to restrict how we process your personal information.
  • to have your personal information erased.
  • to request access to your personal information and details about how we process it.
  • to move, copy or transfer your personal information (this is called ‘data portability’).

Remember, often it’s essential that we hold or share your information. For example, if you’re applying for a mortgage and don’t want us to share your details with a credit reference agency, then we can’t go ahead with your application.

How to make a request under any of these rights

To ask us about these rights or to make a formal request, get in touch:

By phone

0800 121 8899

By post

FREEPOST CBS CUSTOMER SERVICES

Write the address exactly like this – in capital letters and all on one line.

We’ll reply to you as soon as we can and within 30 days. If we can’t reply within 30 days, we’ll let you know.

To make a request to credit reference agencies, fraud prevention organisations, or brokers, you must contact them directly.

How to contact us about the information we hold or how we use it

You can have a copy of the personal information we hold about you. This is your right under data protection regulations and it’s usually free of charge.

To see the information we hold about you

For security, you must give us some details before we can disclose our records. The easiest way to do this is to fill in our request form – see below.

If you need some help, ask one of us at a branch or over the phone.

We’ll reply to you as soon as we can and within 30 days. If we can’t reply within 30 days, we’ll let you know.

How to make a Subject Access Request

Fill in the form:

Download Data Subject Rights Request (PDF 48KB)

Send to us at:

FREEPOST CBS CUSTOMER SERVICES

Write the address exactly like this – in capital letters and all on one line.

By email

sars.team@thecoventry.co.uk

For other questions or requests

If you have any questions or want to complain about how we collect or process your information, get in touch.

If the information we hold about you is incorrect, let us know and we’ll investigate and update our records.

You can also find out more about your rights under the Data Protection Act at the Information Commissioner’s Office website at ICO.org.uk or by writing to:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow SK9 5AF

If you’re not happy…

If you’re not happy about something we’re doing, please let us know. We sort out most problems very quickly. We aim to resolve any concerns promptly and fairly.

If you have a complaint about data protection or how we use your data, contact our Data Protection Office at Data.ProtectionOfficer@thecoventry.co.uk.

Or you can complain at any time to the Information Commissioner’s Office, an independent government organisation.

Find out more at:

ICO.org.uk

Or write to:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow SK9 5AF

Changes to our Privacy Notice

This notice is effective from April 2018.

We update our Privacy Notice when anything changes or there’s new information we need to tell you. You can view and download the current Privacy Notice (PDF 2.7MB) here.