Privacy Policy

How we use and protect your personal data

Last updated: 17 May 2018

Who we are

NewTa Limited, trading as UK Finance (“we“, “our“, “us” or “UK Finance”) is committed to protecting and respecting your privacy. UK Finance, is a limited company (with company number 10250295) registered at 1 Angel Court, London, EC2R 7HJ.

UK Finance represents nearly 300 of the leading firms providing finance, banking, markets and payments-related services in or from the UK. UK Finance has been created by combining most of the activities of the Asset Based Finance Association, the British Bankers’ Association, the Council of Mortgage Lenders, Financial Fraud Action UK, Payments UK and the UK Cards Association.

UK Finance is dedicated to protecting the confidentiality and privacy of information entrusted to us. We comply with all relevant data protection laws including the EU General Data Protection Regulation (GDPR). Please read this Privacy Notice to learn about your rights, what information we collect, how we use and protect it.

Our data protection officer for the purpose of applicable data protection law may be contacted at If you have any questions or would like to discuss further, you can call us on: 020 7706 3333.

You can find more information about us here

Our Commitment and Obligations to you

We take the collection, usage and security of your personal data seriously.

We can only use your personal data under law if we have a good reason for doing so.  

The law provides examples of those reasons. These include:

  • To perform or fulfil a agreement we have with you; or
  • If we have a legal duty; or
  • If it is within our legitimate business interest; or
  • If there is a public interest reason for doing so; or
  • If you have given your consent.

A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.

Types of Personal Data

  • Basic personal information including name and address, date of birth and contact details identification information
  • Customer Relationship Data
  • Payment Transactions Data
  • Financial information including account and transactional information and history Risk Data / Ratings
  • Profile Data
  • Online profile and social media information and activity based on your interaction with us and our websites and applications, including for example, your banking profile and login information, Internet Protocol (IP) address, smart device information, location coordinates, online and mobile banking security authentication, mobile phone network information, searches, site visits and spending patterns
  • Information Security Risk Data
  • Communications Data
  • Complaints information
  • Technical Information (IP / Cookies)
  • Location Data
  • User login and Subscription Data
  • Economic Crime related information (e.g. Financial Crime and Fraud Information)
  • Investigations Data
  • Education and employment information
  • Visual images and personal appearance (such as copies of passports or CCTV images)
  • Information about your family, lifestyle and social circumstances (such as dependents, marital status, next of kin and contact details)

What Personal Data We Collect and Where From

You may give us information about you:

  • When filling in forms on our website (“our site“) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you subscribe to our training, events and/or services, complete a survey, sign up to a newsletter, post material on our site, report a problem with our site, request further services. The information you give us may include your name, address, email address, phone number, and personal description;
  • When applying for a role or position within UK Finance either online, via third party sites and/or direct contact made with UK Finance.  This information may include your employment history, resume / CV, past salary information and other contact and personal information;
  • We may also collect information from you when you use other sites which we operate or support.  In such cases, please refer to the privacy notice contained on such sites.

Information we collect about you

With regard to each of your visits to our site we may automatically collect the following information:

  • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
  • information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), cookies and methods used to browse away the page and any phone number used to call our customer service number.

Information received from events, training and working groups / committees

We may collect data about you when you attend any of our events, training sessions and/or attendance of UK Finance working groups / committees.  This may be collected via business card information you have provided to a UK Finance employee or where you have been invited, nominated or otherwise requested to attend one of our events, training sessions and/or working groups / committees. This information may include your name, job title, company, business or personal email address, phone numbers (business or personal).

Information received from other sources

We may receive information from other sources, such as from our members, associate members, government officials, law enforcement and fraud prevention agencies, regulatory bodies, our other partners for the purpose of providing services to our members including supporting members and law enforcement and fraud prevention agencies to combat, prevent and detect economic criminal activity.  The information received may include:

  • names, address, bank account details, transaction information, criminal convictions and cautions and indications of potential or actual criminal activity
  • Offers and promotions to you via our site, any other websites we operate or other services we provide, advertising networks and analytics providers or publicly accessible data.

What do we use your personal information for?

  • To carry out our obligations arising from any agreements entered into between you and us and to provide you with the information, products and services that you request from us, including providing membership services to you; including events, training and working groups;
  • To ensure that content from our site is presented in the most effective manner for you and for your computer or device or to provide you with content which we feel may interest you, where (if required to do so) you have consented to be contacted for such purposes:
    • to allow you to participate in interactive features of our services, when you choose to do so; and
    • to notify you about changes to our services.

As a business, it is critical that we perform our agreement with you with the best service possible, and it is in our legitimate interest to be responsive to you and to ensure the proper functioning of our products and organisation.

We use information held about you in the following ways:

Here is a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.

What we use your personal data for What is the lawful reason Business or Commercial Reason (our legitimate interest)
Manage client relationships: engage stakeholders Carried out persuant to the agreement we have with you. Where no agreement, this is done within the legitimate interests of UK Finance. In order to provide and ensure we offer the best service to members and associate members, information can be used to manage relationships for the benefit of the member/associate member.


We may obtain information about your general internet usage by using cookie files stored on your computer or device (“cookies“). Cookies are text files containing small amounts of information which are downloaded to your computer or device when you visit a website. They help us to improve our site and to deliver a better and more personalised service.

You can find more information about cookies and how to manage them at You may disable cookies by changing the settings on your browser. However, if you do so, this will affect your enjoyment of our site and we will no longer be able to offer to you a personalised service. Unless you opt out of cookies in your browser settings, we will assume you consent to the use of cookies. For more information about cookies, please consult our cookies policy.

Email marketing and newsletters

We may make suggestions and recommendations to you following attendance at our events, training sessions and/or associated meetings and working groups that we think may be of interest to you or members of your team / organisation. We will only contact you by electronic means (email) with information about events, training or other meetings similar to those which you have shown an interest in or attended.

We may also use your data, or permit selected third parties to use your data, to provide you with information about services which may be of interest to you and we or they may contact you about these by electronic means only if you have consented to this.  We also may contact you by phone or via post.

You have the right to ask us not to process your information for marketing purposes. You can exercise your right to prevent such processing by ticking the relevant boxes on the forms we use to collect your information, or you can opt out of receiving future marketing communications from us at any time by following the directions contained in the marketing email to unsubscribe. You can also exercise this right at any time by contacting us at

How we share your personal data

We take your privacy very seriously and we’ll only share your information where:

  • we need to for the purposes of providing you with products or services you have requested;
  • we have a public or legal duty to do so e.g. to assist with detecting fraud and tax evasion, economic crime prevention, regulatory reporting, litigation or defending legal rights;
  • we have a legitimate reason for doing so e.g. to manage risk, or assess your suitability for services; or
  • we have asked you for your permission to share it, and you’ve agreed.

Third Parties

We may occasionally share your data with trusted third parties to help us deliver efficient and quality services.
We may share with third parties, including:

  • business partners, suppliers and subcontractors for the performance of any contract we enter into with them or you;
  • financial institutions in performance of our role to support with economic crime information sharing initiatives; providing services for our members or where we are otherwise directed by you to share information with them;
  • fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment;
  • provided you have consented; marketing, market research, advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
  • analytics and search engine providers that assist us in the improvement and optimisation of the website;
  • any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries for the purposes set out above;
  • in the event that we buy or sell any business or assets, including the sale of an individual website owned by us, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; and
  • if UK Finance is acquired by (or all of its assets are acquired by) a third party, in which case personal data held by it about its members and customers will be one of the transferred assets.

Economic Crime Information Sharing

We may share your personal data with law enforcement agencies, fraud prevention agencies, public authorities or other organisations if legally required to do so, or if we have a public interest and/or good faith belief that such use is reasonably necessary to:

  • comply with a legal obligation, process or request (including responding to any requests from law enforcement authorities outside the EEA, as defined below);
  • enforce our agreements, including investigation of any potential violation thereof;
  • detect, prevent or otherwise address economic criminal activity (including financial crime, fraud, money laundering etc);
  • detect, prevent or otherwise address security, fraud or technical issues with our services and site; or
  • protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law.
  • Sharing Aggregated or Anonymised Data:

Where we have made your information anonymous, we may share it this outside of UK Finance with partners such as research groups, universities, advertisers or connected sites. For example, we may share information publicly to show trends about the financial services market.

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), including, in particular, the United States.  It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or business partners. By submitting your personal data, you agree to this transfer, storing and/or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Security of your personal data

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the data transmitted to our site; any transmission of your data is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Our site may, from time to time, contain links to and from the websites of our member and associate member organisations, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

How Long We Keep Your Information

We will retain your personal information for as long as you use our services and for a reasonable time thereafter. After you have terminated your use of our services, we will retain your personal information for up to 7 years and thereafter may store it in an aggregated and anonymised format.

Your rights

  • Access to information. The Data Protection Laws give you the right to access information held about you. Your right of access can be exercised in accordance with Data Protection Laws by contacting us at
  • Consent. You may withdraw your consent to any processing of your personal data at any time by contacting
  • Rectification. You have the right to rectify any personal data held about you that is inaccurate. Your right of rectification can be exercised by contacting us at
  • Erasure. You may have the right to erasure of personal data held about you by contacting us at
  • Complaints or Objecting. In the event that you wish to object to or make a complaint about how we process your personal data, please contact us in the first instance at and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the UK’s Information Commissioner’s Office.

Changes to our Privacy Notice

Any changes we may make to the Privacy Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check this page frequently to see any updates or changes to this Privacy Notice.


Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to