Control your data
Control your privacy and data
The EU General Data Protection Regulation (GDPR)
The law has changed but our commitment to keep your personal data safe hasn’t.
Our continued commitment to you
Our focus on respecting your privacy and safeguarding your personal data remains as strong as ever. We’ve updated our privacy notices to reflect the new and strengthened rights in relation to your personal data, and the legal grounds for using it. The notices became effective on 25 May 2018.
We are committed to:
- Keeping your personal data safe
- Giving you control and flexibility over the use of your personal data
- Providing useful and timely information.
Keeping you in control
We take care to protect your data and keep you in control of the information you share with us.
We’ll always keep your data safe
We’re committed to respecting your privacy and safeguarding your personal data.
If we’re required by law to share your data with other organisations, such as the government, we always do so securely and we don’t share more than we need to.
When we ask other companies to process data on our behalf we’ll always make sure they follow similarly high standards to those followed by Barclays. Sometimes we use data to support government initiatives. But any reports that we publish will always be anonymous so your personal data remains exactly that – personal to you.
How we use your personal data
We use your data to ensure we process your transactions safely and securely. It can also help us to personalise your experience and develop new services that we think you’ll like. Data can also help us to focus on the needs of individuals – we take extra care when dealing with vulnerable customers, and we never send marketing material to children.
Whether it’s to deliver products and services to you and others, or to follow legal requirements, we’ll always be clear and open with you about how and why we’re using your data. And if you need more detail, we’ll always keep our privacy notices where you can find them easily.
How data makes things easier
Sharing some personal data with us is essential for you to be able to use our services securely. For example, it means we can quickly get in touch with you if we think there’s fraud on your account. Knowing more about our customers also means we’ve been able to help them out and provide extra support during difficult times, such as after a major incident or during the collapse of a large employer.
We never forget it’s your personal data
You’ve trusted us with your data, and in return we’ll give you the control you need. You can decide how we contact you with offers of products and services or information we think you may be interested in.
It’s straightforward to keep your personal details up to date using Online Banking, our mobile banking app, by phone or in one of our branches, and we’ll always make it easy for you to change your mind about how we contact you.
About the GDPR
The General Data Protection Regulation (GDPR) is a change to the law relating to personal data that became effective from 25 May 2018.
Personal data relates to an individual. It could be used to identify you. It includes your name and contact details, but can also include data about your transactions or your use of our services.
What does GDPR mean?
The GDPR aims to give you more control of your data. It provides new and strengthened rights.
- Right to access – you can ask us whether we’re processing your personal data, including where and for what purpose. You can also request an electronic copy of your personal data free of charge
- Right to restrict processing – in certain circumstances, you can ask us to restrict our use of your personal data
- Right to rectification – you can already ask us to correct inaccurate personal data we hold about you
- Right to erasure (right to be forgotten) – in certain circumstances, you can ask us to erase your personal data
- Right to data portability – you can ask us to provide you with a copy of your personal data in a commonly used electronic format so that you can transfer it to other businesses
- Right to object to automated decision-making – in certain circumstances, you can ask us not to make automated decisions about you based on your personal data that produce significant legal effects
- Right to lodge a complaint – you can lodge a complaint with your local data protection authority.
Do I need to do anything?
You don’t need to do anything. We’ve updated our privacy notices to reflect the changes.
We haven't changed the ways we use your personal data, but our privacy notices provide additional detail about this. In particular Who we are, our contact details and the contact details of our data protection officer. The types of personal data we collect about you and, where we don’t collect it from you, who we collect it from:
- The recipients or categories of recipients of your personal data, if any
- The legal basis for using your personal data
- Where applicable, if we intend to store, process or transfer your personal data to a third country or international organisation
- How long we keep your personal data after our relationship with you has ended (for example, after you stop banking with us or using our platforms)
- Automated decisions we make about you – for example we use technology to help identify that someone else may be using your card without your permission
- Your rights in relation to the personal data we hold about you.
About our privacy notices
We may change our privacy notices and add new privacy notices in the future, so we recommend that you check this page occasionally to ensure that you’re happy with any changes.
Your data rights
If you wish to control how your personal data is used, we're here to help you. Please complete the relevant application form on one of the sites below. Note that you'll be leaving this site and joining a new one.
For clients in Monaco and Switzerland, please make your requests directly with your Private Banker/Relationship Manager.
Further information about the GDPR and local data protection laws is available on the relevant data protection authorities’ websites detailed below:
- UK - Information Commissioner’s Office www.ico.org.uk
- Ireland – Data Protection Commission www.dataprotection.ie
- Dubai – Commissioner of Data Protection www.difc.ae/laws-regulations/data-protection
- Guernsey – Office of the Data Protection Commissioner www.dataci.gg
- Isle of Man – Information Commissioner www.inforights.im
- Jersey – Office of the Information Commissioner www.dataci.je
- Monaco – Commission de Contrôle des Informations Nominatives www.ccin.mc/en/
- Switzerland – Federal Data Protection and Information Commissioner www.edoeb.admin.ch/edoeb/en/home.html