Your right to privacy is important to us. We take the security of your information seriously and have strict policies and processes in place to ensure it remains safe. This Privacy Notice describes the way we collect your information, how we use it and why.
Coventry Building Society Group, which consists of Coventry Building Society, Godiva Mortgages Limited and ITL Mortgages Limited, will manage your data in line with the requirements of the Data Protection Act 1998.
Either Coventry Building Society, Godiva Mortgages Limited or ITL Mortgages Limited will act as the 'data controller' for your personal data if you apply for or hold an account or service with them. Under the Data Protection Act, the 'data controller' is responsible for ensuring that your information is lawfully and properly processed. We may share your information across the Group so that we can service your account, therefore your information may be 'processed' by any company within the Group.
The information we hold about you
To enable us to provide you with accounts and services, we require certain details about you. We will ask you to provide most of this information yourself, however, we may also seek further data using external sources, such as credit reference agencies.
There may be occasions where you provide us with information about another person, for example, if you are applying for a joint account or if you are applying for an account on behalf of a child. In these cases, we will assume that you have permission to provide this information and that the other person understands how we will use their information and has no objection.
We will not be able to provide you with an account or service if you do not supply us with the necessary information to do so, or if you do not give us your permission to process your information.
The type of personal information you might expect us to hold about you includes:
Your personal details, for example, your name, date of birth, address, telephone number, email address, National Insurance number and, in some instances, sensitive data such as information about your health or financial circumstances.
Information about the accounts you hold with us (or have previously held with us) and the transactions on those accounts.
Records of our contact with you, for example:
Notes on our systems, emails or other electronic communications and written correspondence. We may record and monitor telephone calls and record activity on our premises using CCTV, for security, for training purposes and to check and improve the quality of our service.
Cookies which track your activity on our website. Find out more
Depending on the accounts or services you apply for, or hold with us, we may also record additional personal information such as your income, employment details, financial commitments, or details of a credit search.
How we use your information
We use your information to assess every application you make for an account or service, to manage your accounts, develop our services and ensure that we comply with the legislation that governs our activities. We will use your information specifically to:
- Confirm your identity when you apply for an account or service
- Assess your application for an account or service. Depending on the type of account you apply for, this may include assessing lending and fraud risks and credit scoring, for example, if you apply for credit (such as a mortgage or an account with an overdraft)
- Set up and provide the accounts you have requested and keep our records up to date
- Meet our legal and regulatory obligations and for crime prevention/detection
- Test computer systems to ensure the continuing security and integrity of our systems
- Carry out customer surveys and statistical analysis to enable us to improve our products and services
- Keep you informed of other relevant products or services by sending you marketing communications. We will ask your permission to do this when you apply for an account or service with us and you can change your mind at any time. To remove your details from any marketing activity, simply contact us by telephone, in writing or visit your local Coventry branch.
Who we share your information with
We will only share your information with other organisations for the reasons detailed below, and will not provide your details to third party organisations for marketing purposes, unless you have given us your permission.
Confirming your identity
All financial institutions are required by law, under Money Laundering legislation, to confirm a customer's identity. We may, therefore, supply your information to a specialist external agency to help us confirm your identity. We may occasionally need you to re-confirm your identity, for example, if you apply for an additional account with us or change your name.
If you are applying for an account that requires us to provide you with credit (for example a mortgage or an account with an overdraft), we will contact a credit reference agency for details of your credit history. The credit reference agency will keep a record of our enquiry ('search') and your application, whether or not the account is opened. Once your account is open, we will provide further information about you to the credit reference agencies, for example, information about the conduct of your account. If you apply to another company for credit they will then be able to see this information. Please remember that if you are applying for a joint account, your financial information will be 'linked' to the other applicants by the agency, which will create an association between you. This may be taken into account in future applications by either or all of you, unless you ask the agency to unlink your financial records.
The credit reference agencies we normally use are:
- Equifax Ltd, Customer Service Centre, PO Box 10036, Leicester LE3 4FS
- Experian, Consumer Help Service, PO Box 8000, Nottingham NG1 5GX
- Callcredit PLC, 1 Park Lane, Leeds LS3 1EP
If you would like to see the information that these credit reference agencies hold about you, please contact them directly; they will be able to explain how you may progress your request and any charges that may apply.
Fraud prevention and reporting
All financial institutions are required by law, under Money Laundering legislation, to report any suspicious transactions to the National Crime Agency, the police and other law enforcement agencies for crime detection and prevention purposes.
If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies, such as CIFAS, National Hunter, SIRA, as well as law enforcement agencies who may access and use this information. We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
- checking details on applications for credit and credit-related or other facilities
- managing credit and credit-related accounts or facilities
- recovering debt
- checking details on proposals and claims for all types of insurance
- checking details of job applicants and employees.
Please contact us if you want to receive details of the relevant fraud prevention agencies. We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.
We are required to provide information about you and your savings accounts to HMRC for tax reporting and to notify them of ISA records.
Our suppliers and third parties that provide services to you
Examples of suppliers we use or third parties we appoint to provide services to you are:
- Third party financial services suppliers. For example, insurance providers or administrators of insurance services who will have access to your personal information and process it, so that they can provide you with services such as quotations, renewals and claims management.
- Mailing, data management and information technology suppliers.
Please note that from time to time, we may change the suppliers or third parties we use or appoint to provide services. Where we appoint a supplier to provide a service on our behalf, they must meet our stringent requirements regarding the security and privacy of our customers' data.
Occasionally we, or our suppliers, may transfer data to countries outside of the European Economic Area. These countries may not have the same standard of data protection laws as we do here in the UK. In these circumstances, we will take the necessary steps to ensure that the transfer of your data is in line with the UK data protection requirements, and that your information is treated securely, and protected to a similar standard. Organisations based outside of the EEA may be required to provide your information to foreign authorities.
Other occasions we may be required to share your information
If you are applying for a mortgage or hold a mortgage account with us, we may share your information with:
- Your employer to confirm your income and employment
- Your mortgage intermediary or broker (if you have used one) so that they can provide their services to you
- A legal representative acting either for us or you
- A valuer
- Debt counselling or other specialist service providers, should you fall into payment difficulties or be unable to repay your outstanding mortgage balance
- A guarantor of your mortgage or their legal advisor
We may also share your information with:
- The Financial Ombudsman Service, for example, if you have made a complaint
- Our regulators
- Asset managers, for example, as part of a corporate financial transaction such as securitisation or issue of a covered bond
- Another organisation, should we ever sell or transfer our business.
How to access or change the information we hold
You have the right to access the personal information we hold about you under the Data Protection Act 1998; this is called a Subject Access Request. Please make your Subject Access Request to us in writing. If you prefer, we can provide you with a form which also includes some guidance notes to help you do this. Simply download the Subject Access Request form (PDF 96KB), contact us by telephone, visit your local branch or write to us. Please be advised a fee of £10 is applicable per request.
If you have any questions about the way in which we collect or process your information, please contact us. Similarly, if the information we hold about you is incorrect or out of date, please let us know and we will investigate further to correct any inaccuracies. You can also find out more about your rights under the Data Protection Act by visiting the Information Commissioner's Office website at ICO.org.uk or by writing to: Information Commissioner's Office website at www.ICO.org.uk or by writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow SK9 5AF.
Changes to our Privacy Notice
This notice is effective from 16 June 2017. We will change our Privacy Notice from time to time to keep it up to date.