What we do with the data | Ulster Bank Northern Ireland

The purposes for which your information may be used

We will only use and share your information where it is necessary for us to carry out our lawful business activities. Your information may be shared with and processed by other RBS group companies.  We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail below.

This guide contains
the following sections:

Overview
Information we hold
What we do with the data
Sharing data outside Ulster Bank
Your rights

Contractual necessity

We may process your information where it is necessary to enter into a contract with you for the provision of our products or services or to perform our obligations under that contract. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to:
 

Assess and process applications for products or services.
 

Provide and administer those products and services throughout your relationship with the bank including opening, setting up or closing your accounts or products, collecting and issuing all necessary documentation, executing your instructions, processing transactions, including transferring money between accounts, making payments to third parties, resolving any queries or discrepancies and administering any changes. Calls to our service centre and communications to our mobile and online helplines may be recorded and monitored for these purposes.
 

Develop, manage and maintain our relationships with you and for ongoing customer service this may involve sharing your information with other RBS group companies to improve the availability of our services, for example enabling customers to visit branches of other RBS group companies.
 

Administer any credit facilities or debts including agreeing repayment options.
 

Communicate with you about your account(s) or the products and services you receive from us.

Legal obligation

When you apply for a product or service (and throughout your relationship with us), we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to:
 

Confirm your identity including using biometric information and voice-recognition technology and other identification procedures, for example fingerprint verification.
 

Perform checks and monitor transactions and location data for the purpose of preventing and detecting crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. This may require us to process information about criminal convictions and offences, to investigate and gather intelligence on suspected financial crimes, fraud and threats and to share data with law enforcement and regulatory bodies.
 

Assess affordability and suitability of credit for initial credit applications and throughout the duration of the relationship, including analysing customer credit data for regulatory reporting.
 

Share data with other banks and third parties to help recover funds that have entered your account as a result of a misdirected payment by such a third party.
 

Share data with police, law enforcement, tax authorities or other government and fraud prevention agencies where we have a legal obligation, including reporting suspicious activity and complying with production and court orders.
 

Deliver mandatory communications to customers or communicating updates to product and service  terms and conditions.
 

Investigate and resolve complaints.
 

Conduct investigations into breaches of conduct and corporate policies by our employees.
 

Manage contentious regulatory matters, investigations and litigation.
 

Perform assessments and analyse customer data for the purposes of managing, improving and fixing data quality.
 

Provide assurance that the bank has effective processes to identify, manage, monitor and report the risks it is or might be exposed to.
 

Investigate and report on incidents or emergencies on the bank’s properties and premises.
 

Coordinate responses to business disrupting incidents coordinate responses to business disrupting incidents and to ensure facilities, systems and people are available to continue providing services.
 

Monitor dealings to prevent market abuse.

 

 

Legitimate interests of the bank

We may process your information where it is in our legitimate interests do so as an organisation and without prejudicing your interests or fundamental rights and freedoms.

 

a) We may process your information in the day to day running of our business, to manage our business and financial affairs and to protect our customers, employees and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business.

 

This may include processing your information to:

 

Monitor, maintain and improve internal business processes information and data, technology and communications solutions and services.
 

Ensure business continuity and disaster recovery and responding to information technology and business incidents and emergencies.
 

Ensure network and information security including monitoring authorised users’ access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our telecommunications systems and websites, prevention or detection of crime and protection of your personal data.
 

Provide assurance on the bank's material risks and reporting to internal management and supervisory authorities on whether the bank is managing them effectively.
 

Perform general, financial and regulatory accounting and reporting.
 

Protect our legal rights and interests.
 

Manage and monitor our properties and branches (for example through CCTV)  for the purpose of crime prevention and prosecution of offenders, for identifying accidents and incidents and emergency situations and for internal training.
 

Enable a sale, reorganisation, transfer or other transaction relating to our business.


 

b) It is in our interest as a business to ensure that we provide you with the most appropriate products and services and that we continually develop and improve as an organisation. 

 

This may require processing your information to enable us to:

 

Identify new business opportunities and to develop enquiries and leads into applications or proposals for new business and to develop our relationship with you.
 

Send you relevant marketing information (including details of other products or services provided by us or other RBS group companies which we believe may be of interest to you). We may show or send you marketing material online (on our own and other websites including social media platforms), in our app, or by email, sms or post.

 

Understand our customers’ actions, behaviour, preferences, expectations, feedback and financial history in order to improve our products and services, develop new products and services, and to improve the relevance of offers of products and services by RBS group companies.

 

Monitor the performance and effectiveness of products and services.
 

Assess the quality of our customer services and to provide staff training calls to our service centres and communications to our mobile and online helplines may be recorded and monitored for these purposes.
 

Perform analysis on customer complaints for the purposes of preventing errors and process failures and rectifying negative impacts on customers.
 

Compensate customers for loss, inconvenience or distress as a result of services, process or regulatory failures.
 

Identify our customers’ use of third-party products and services in order to facilitate the uses of customer information detailed above.
 

Combine your information with third-party data such as economic data in order to understand customers’ needs better and improve our services.
 

We may perform data analysis, data matching and profiling to support decision making with regards to the activities mentioned above. It may also involve sharing information with third parties who provide a service to us.


c) It is in our interest as a business to manage our risk and to determine what products and services we can offer and the terms of those products and services. It is also in our interest to protect our business by preventing financial crime.

 

This may include processing your information to:

 

 

Carry out financial, credit and insurance risk assessments.
 

Manage and take decisions about your accounts.
 

Carry out checks (in addition to statutory requirements) on customers and potential customers, business partners and associated persons including performing adverse media checks, screening against external databases and sanctions lists and establishing connections to politically exposed persons.
 

Share data with credit reference, fraud prevention agencies and law enforcement agencies.
 

Trace debtors and recovering outstanding debt.
 

For risk reporting and risk management.
 

Application decisions may be taken based on solely automated checks of information from credit reference agencies and internal RBS records. For more information on how we access and use information from credit reference and fraud prevention agencies see the Sharing data outside of Ulster Bank page.

 

 

 

 

 

 

Add your signposting title here… Changes to the way we use your information

From time to time we may change the way we use your information.  Where we believe you may not reasonably expect such a change we will notify you and will allow a period of at least 30 days for you to raise any objections before the change is made.  However, please note that in some cases, if you do not agree to such changes it may not be possible for us to continue to operate your account and/or provide certain products and services to you.

Add your signposting title here… How we use and share your information with other RBS group companies

We will only use and share your information where it is necessary for us to lawfully carry out our business activities. Your information may be shared with and processed by other RBS group companies.  We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail on this page, for contractual necessity, legal obligation and legitimate interests of the bank.

Add your signposting title here… Security

We are committed to ensuring that your information is secure with us and with the third parties who act on our behalf.

For more information about the steps we are taking to protect your information please visit the Security Centre page or contact us at 03457 424365 Overseas number +44 289 053 8033 Minicom 0800 015 4422.

Set Tab for lightbox