Privacy policy

Weatherbys Bank Limited (“we”, “us”, “our”) is committed to protecting your privacy. We aim to be clear and transparent about how we process your personal data. If you have any questions, we are very happy to discuss them with you.

This policy, along with our terms and conditions and any documents it refers to, explains the basis on which we process any personal data you give us or that we obtain about you.

Weatherbys Bank Limited is the data controller. Our address is 52-60 Sanders Road, Wellingborough, Northamptonshire, NN8 4BX, United Kingdom. You can contact our Data Protection Officer by emailing dpo@weatherbys.bank or by calling +44 (0)1933 543 543.

If you have difficulty reading this policy, you can increase the font size through your browser.

Please read the following sections to understand:

What personal information we collect about you

To provide banking and financial services and to comply with the laws and regulations that apply to us, we need to collect and process personal data about you. If you choose not to provide the information we need this may delay or prevent us from meeting our obligations. It may also mean that unfortunately we will not be able to provide our products or services to you.

We use different types of information which we have grouped as follows:

Your financial position, status and history.

Where you live and how we contact you, including email and phone.

Details about your employment, income and nationality.

Details about payments to and from your account(s) with us, including details of payers and payees.

Details about the products and services we provide you.

Data about where you are, such as the address your computer uses to connect to the internet (IP address) or the location of a shop where you use your card.

Data about how you use our products and services.

Details of the devices and technology you use.

What we learn about you from letters, emails and conversations with you.

Details about your family, friends and other relationship that you share with us.

Details about you that appear in public records, such as the electoral register, Companies House Information and information about you that is available on the internet.

Other data about how you use our products and services.

Details about you contained in documents you provide to us, such as your passport, driving licence, utility bills, bank statements or birth certificate.

The law classifies certain types of personal data as special category data. We will only collect this type of data with your consent. This may include information about your:

  • Racial or ethnic origin
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic or biometric data
  • Health
  • Criminal convictions or offences

Any permissions, consents or marketing preferences you give us, including how you’d like us to contact you.

A number or code issued by a government body to identify you, such as your National Insurance number or TIN number.

Our cookie statement

We may use information about how you use the internet by placing a cookie file on the hard drive of your computer or device. The main ways we might use cookies are explained below.

Advertising and performance measurement

Our website uses cookies and tags to measure the performance of our advertising campaigns. These tools help us understand how paid media brings visitors to our site, alongside general visitor analytics.

We track metrics such as:

  • Clicks and Impressions
  • Floodlight tags, which activate when someone sees or clicks an advert and then visits our site

We also collect aggregated and anonymised information, including:

  • Browser type
  • Device type, such as desktop, mobile or tablet
  • Operating system
  • IP address, used for geolocation and stored in anonymised form
  • Time and date of visit
  • Pages viewed
  • Time spent on a page
  • Page scroll depth

This information is used only for reporting and analysis and doesn’t include individual user profiles. Platforms like Google Analytics provide performance data without identifying individual users or personal information.

Personalisation and site functionality

Cookies may also be used to:

  • Store information about your preferences so we can tailor our site to your interests
  • Speed up searches and improve how the site performs
  • Recognise you when you return to our site
  • Enhance security and protect your data
Retargeting and audience profiling

Cookies may also be used by us and our third-party partners to deliver relevant advertising on other websites. These cookies help us to:

  • Retarget users who have previously visited our site
  • Identify new audiences similar to our existing visitors
Advertising cookies

We use advertising cookies and tags from providers such as Google and StackAdapt to:

  • Measure how effective our campaigns are
  • Understand which adverts bring users to our site
  • Deliver more relevant advertising in the future

These cookies may collect:

  • Basic technical information, such as browser type, device type and approximate location
  • Information about pages viewed and how the site is used
  • Anonymous advertising identifiers, such as cookie IDs
  • Data used to group users into interest-based segments

Importantly, these cookies don’t collect your name, email address, phone number or other information that directly identifies you. All data is handled in line with each provider’s privacy policy:

  • Google Privacy Policy
  • StackAdapt Privacy Policy

You can manage or withdraw your consent for these cookies at any time through our cookie settings or your browser preferences.

Cookie management

You can manage or withdraw your consent for cookies at any time through our cookie settings or your browser preferences.

You can also choose to refuse cookies by changing your browser settings. If you do this, some parts of our site, such as video content, may not be available to you.

If you have not changed your browser settings to refuse cookies, our system will issue cookies you visit our site.

 

Where we collect information from

We collect information from a range of sources, as set out below.

How we collect information

We collect information in the following ways:

  •  When you apply for our products or services
  • When you speak to us on the phone or in person. Calls are recorded and monitored for training and to improve our services
  • When you use our website, app or online banking
  • From emails and letters you send us
  • If you take part in our client surveys, competitions or promotions

This includes the type, amount, frequency, origin and recipients of payments and transactional information, profile and usage data when you connect to our internet, app, online banking or telephone services.

This includes information provided by companies or individuals who introduce you to us, your financial advisers, lawyers or accountants, card associations, credit reference agencies, insurers, fraud prevention agencies, public sources like Companies House and government and law enforcement agencies.

Why we collect your personal data and the lawful basis we rely on

Data protection law allows us to process your personal information only when we have one or more of the following lawful reasons:

  • To fulfil a contract we have with you
  • When we need to comply with our legal duty
  • When it is in our legitimate interest
  • When you give us your consent

A legitimate interest means we have a commercial or business reason to use your information. This reason must not go against what is fair or right for you. If we rely on legitimate interest, we will explain what that interest is.

The table below shows how we use your information and the lawful reasons we rely on.

What we use your personal information forThe reasonsOur legitimate interest
To provide banking and other financial services to you and to process your transactions as part of our contract with you.

To manage fees, charges and interest due on client accounts.

To collect and recover any money owed to us.

To manage and provide treasury and investment products and services.		Fulfilling a contract

Our legitimate interests

Our legal duty		Making sure we are efficient in fulfilling our legal and contractual duties.
To contact you by phone, email, text, online, through our app or by post to help you manage your account or accounts and to meet regulatory requirements, such as changes to our terms and conditions.Fulfilling a contract

Our legitimate interests

Our legal duty		Making sure we are efficient in fulfilling our legal and contractual duties.
To comply with the law and meet our obligations to regulators, for example by verifying your identity when required and preventing or detecting fraud, money laundering and other crimes such as identity theft.Fulfilling a contract

Our legitimate interests

Our legal duty		Developing and improving how we deal with financial crime, as well as complying with our legal duties.

Complying with regulations that apply to us.
 
To pursue our legitimate business interests, which include carrying out credit checks, obtaining or providing credit references and meeting internal operational needs such as product development, audit and credit and risk management.

To develop, assess and improve our services and for training and quality purposes. For example, we record all telephone calls.   This may also include behavioural information about how you use our products and services.		Our legitimate interestsMaking sure we run our business efficiently, achieve our business objectives and operate in our clients’ best interests.
To provide details of products and services we’ve carefully selected for you, but only where you’ve given your consent. We will never pass your information to a third party for them to use in their own direct marketing.ConsentMaking sure we inform our clients of products and services they may be interested in.

How we use your information to make profiling decisions

We use systems to help us decide whether to lend money to you or your business when you apply for a loan, mortgage, overdraft or other products. This helps us make decisions that are fair, efficient and in your interests. These decisions can affect the products, services or features we may offer to you now or in the future, as well as the charges we apply. We may use profiling to:

  • Decide what to charge for some products and services based on what we know
  • Place you in a customer group to help us understand your needs, design suitable products and services and manage our relationship with that group
  • Use your information to identify possible fraud or money laundering by monitoring transactions for activity that seems unusual for you or your business
  • Check that a product or service is suitable for you when you open an account and confirm that you or your business meets the conditions needed to open it. This may include checks on age, residency, nationality or financial position.

Your rights in relation to profiling

It’s your right to ask us not to make decisions based on profiling alone and you can object to the profiling decision and ask us to review it.

Credit reference agencies and fraud prevention agencies

We carry out credit and identity checks when you apply for a product or service. We may use Credit Reference Agencies (CRAs) to do this.

From time to time, we may also search information the CRAs hold to help us manage accounts. If we do, we will share your personal information with them in return for information about you. This might include details about:

  • Credit applications
  • Shared credit
  • Your financial situation and history
  • Public information from sources like the electoral register and Companies House

We use this data to:

  • Assess whether you or your business can afford to make repayments
  • Make sure what you’ve told us is true
  • Help spot and prevent financial crime
  • Manage accounts with us
  • Recover debts where we need to

We will continue to share your personal information with CRAs for as long as you are a customer. This will include:

  • Details of your settled accounts and any debts not paid on time
  • Details of credit you have from other lenders
  • If you borrow, details of your repayments and whether you pay them on time

We may also use them to trace your address if we need to recover outstanding debt.

Your CRA record may include associations – people linked to you, such as you partner other members of your household. Any enquiry we make may include information about them. This may happen when you make a joint application, when you tell us about a financial association with someone such as a business partner or when there are already associated records in place. An association will be taken into account in future applications by either or both of you until you apply to the credit reference agency to remove the link.

CRAs may use your information to carry out analysis and develop services. They will also keep a record of our enquiries which may be used by other organisations to make decisions about you. These may affect your ability to obtain credit. The CRA Information Notice (CRAIN) sets out details of how credit reference agencies use your information and is available here.

Further information and contact details of CRAs

Experian Customer Support Centre, Experian Limited, PO Box 8000, Nottingham, NG80 7WF
Telephone 0344 481 0800
Experian website

Equifax Customer Service Centre, Equifax Limited, PO Box 10036 Leicester, LE3 4FS
Telephone 0800 014 2955
Equifax website

Callcredit Consumer Services, Callcredit, PO Box 491, Leeds LS3 1WZ
Telephone 0845 366 0071
Callcredit website

Fraud Prevention Agencies

We may need to confirm your identity before providing products and services to you or your business. After you become a customer we will also share your information when required to help detect fraud and money laundering risks. We use fraud prevention agencies help us with this.

We or a fraud prevention agency may allow law enforcement agencies to access your personal information when required. Fraud prevention agencies may keep your information for different lengths of time. If they identify a risk of fraud or money laundering they may keep it for up to six years.

If we or a fraud prevention agency decide there is a risk of fraud, we may stop activity on your account or accounts or block access to them.

Fraud prevention agencies may send your information to countries outside the European Economic Area. If they do, a contract will be in place so that the organisation receiving it protects your information to the same standard as within the EEA. This may include following international frameworks designed to keep data sharing secure.

Who we share your personal information with

So that we can provide banking and other financial services and to comply with the law and regulations, we may share your personal data with third parties. These third parties must also keep your personal data secure and confidential. We may transfer and disclose your information to:

  • Any authorities we are required to by law or for regulatory purposes, like HMRC, Financial Conduct Authority, Information Commissioners Office or UK Financial Services Compensation Scheme
    • Where we need to share your information with tax authorities outside the UK – either directly or through a local tax authority – that tax authority might share your information with other tax authorities
    • Where we need additional information or documents about this, you must supply them. If you don’t, we are able to close your account or – if required by law or other regulations – to withhold parts of certain payments into your account
  • Our auditors, as required to comply with our legal and regulatory responsibilities
  • Anyone acting on your behalf, payment recipients, beneficiaries and account nominees
  • Debit card companies, like Visa
  • The Direct Debit scheme
  • Advisers such as lawyers, accountants or other financial or professional advisers, when you have given them authority to represent you or use your accounts, products or services on your behalf
  • Service providers and agents (including their sub contractors) like agent banks, clearing houses or payment system providers
  • Other financial institutions, fraud prevention agencies, credit reference agencies and debt recovery agents
  • Brokers we receive referrals from
  • Any company we introduce you to
  • Companies or individuals that you ask us to share your information with
  • The BHA (racing account customers only) where there are changes to your account like a closure, or to your personal details

If we share information in a country outside the UK, we make sure they have or agree to the same levels of protection unless it’s not possible. We are required by law to share the information nonetheless.

International transfers

Your Personal Data may be processed outside of the UK. This is because some of the organisations we use to provide our service to you are based outside the UK.

We have taken appropriate steps to ensure that when your Personal Data is processed in a country outside the UK, it does not have a materially lower level of protection than that guaranteed in the UK. We do this by ensuring that:

  • Your Personal Data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an adequacy regulation), or
  • We enter into an International Data Transfer Agreement (“IDTA”) with the receiving organisation and adopt supplementary measures, where necessary. (A copy of the IDTA can be found here international-data-transfer-agreement.pdf (ico.org.uk)) or
  • When transferring your Personal Data to America, we may rely on the UK-US Data Bridge, where appropriate.

Marketing

From time to time, we may use your information to contact you with details about our products and services which we feel may be of interest to you. We will only send you marketing if you have consented or not opted out of marketing communications.

You have the right at any time to stop us from contacting you for marketing purposes. If you wish to exercise these rights you can do so by following the ‘unsubscribe’ link on any emails received or contacting us at dpo@weatherbys.co.uk.

How long we keep your personal data

In line with our Data Retention Policy, in most cases we keep data for 7 years after your relationship with us has ended. This allows us to respond to any questions or complaints, show that we have treated you fairly or maintain records in line with the rules that apply to us.

We may keep your information for longer than 7 years after your relationship with us has ended if this is needed for legal or regulatory reasons or if your information relates to pension advice. We may also keep it for statistical purposes. If we do, we will protect your privacy and use your information only for those purposes.

Your personal data rights

You have rights in relation to your personal data, as follows:

You have the right to know what personal data we collect about you, how we use it, for what purpose and in accordance with which lawful basis, who we share it with and how long we keep it. We use our privacy notice to explain this.

You have the right to receive a copy of the Personal Data we hold about you.

You have the right to have any incomplete or inaccurate information we hold about you corrected.

You have the right to ask us to delete your Personal Data.

You have the right to object to us processing your Personal Data. If you object to us using your Personal Data for marketing purposes, we will stop sending you marketing material.

You have the right to restrict our use of your Personal Data.

You have the right to ask us to transfer your Personal Data to another party.

You have the right not to be subject to a decision based solely on automated processing which will significantly affect you. We do not use automated decision-making.

If you have provided your consent for us to process your Personal Data for a specific purpose, you have the right to withdraw your consent at any time. If you do withdraw your consent, we will no longer process your information for the purpose(s) you originally agreed to, unless we are permitted by law to do so.

How to exercise your rights

You will not usually need to pay a fee to exercise any of the above rights. However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

If you wish to exercise your rights, you may contact us using the details set out below within the section called ‘How to contact us and our Data Protection Officer’. We may need to request specific information from you to confirm your identity before we can process your request. Once in receipt of this, we will process your request without undue delay and within one month. In some cases, such as with complex requests, it may take us longer than this and, if so, we will keep you updated.

Complaints

You have the right to complain if you consider that we have not complied with the data protection law when handling your Personal Data. We will acknowledge receipt of your complaint within 30 days, investigate the matter without undue delay, and keep you informed of the progress and outcome. If you wish to complain please use the contact details given below under “How to contact us and our Data Protection Officer”. We will do our best to resolve the matter to your satisfaction.

If you are not satisfied with the outcome of your complaint, you can complain with the relevant supervisory authority. The supervisory authority in the UK is the Information Commission who can be contacted at:

For supervisory authorities in other countries within the EU see the link below:
https://edpb.europa.eu/about-edpb/about-edpb/members_en

How to contact us and our Data Protection Officer

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights outlined above, please contact us as follows:

Weatherbys Bank Limited
Sanders Road, Wellingborough  NN8 4BX
dpo@weatherbys.bank

We have also appointed a Data protection Officer (“DPO”). Our DPO can be contacted as follows:

Evalian Limited
West Lodge, Leylands Business Park, Colden Common, Hampshire  SO21 1TH
dpo@evalian.co.uk

Please mark your communications FAO the ‘Data Protection Officer’.

Changes to our Privacy Policy

We review our policy regularly. It was last updated in January 2026.