Privacy Policy

We need your personal information to:
• Open and manage your savings or mortgage account.
• Provide and improve our services.
• Contact you about products or offers (if you have agreed).
• Refer you to trusted partners (if you have agreed).

We collect data:

We will only collect the data we need.

The data we collect depends upon the products you have or wish to have and can include:
• Name and contact details.
• Addresses.
• Date of Birth.
• Occupation
• Gender.
• Nationality.
• Residency.
• Signature.
• Marital Status.
• Third party (family members or other relevant parties)
• Identifier & Account Numbers.
• Passport/Driving licence Numbers.
• Payment Details (card or bank information).
• Financial Data (including income and expenditure)
• Transaction Data (payments to and from your account/s)
• Credit history and credit reference information.
• Employment Details (salary, sick pay, length of service).
• Fraud Prevention Agency information.
• Usage and Access Data (how your use our website and App)
• Video and audio recordings (CCTV and calls)

We may collect special categories of personal data including
• Health conditions/medical history
• Criminal offence data

We use the following legal reasons to use your data:

Contract - To provide you with our products or services
• Setting up and managing your savings and/or mortgage account/s.

Legal Obligation - To use your data in line with the law
• Carry out identity and anti-money laundering checks.
• Stopping fraud, money-laundering and crime.
• Detection and investigation of crime.
• Deal with requests to exercise your rights e.g. Power of Attorney.
• Provide data to Regulatory Bodies (including the Financial Ombudsman Service), HM Government, and overseas tax authorities e.g. the amount of interest paid on your savings accounts.

Legitimate Interests - Where we use your data in a way that you would expect
• Sharing data with trusted third parties including
o someone who has legal control of your affairs.
o companies who provide us services e.g., IT systems.
o legal and professional advisers.
• Carry out searches with credit reference agencies.
• When your savings or mortgage product ends.
• Dealing with complaints.
• Internal reporting.
• Analysis and developing statistics.
• Improving services.
• Use of CCTV on our premises.
• Stopping, detecting and investigating crime.

Consent – we will ask for your permission to use your data in certain ways which offers you choice and control:
• For marketing or sharing with third parties.
• Taking and publishing photographs for competitions, events and sponsorship.

Explicit consent – we will ask for your permission to capture certain data and will let you know how we use it
• We may process special category data (such as health or criminal convictions) with your explicit consent to better understand your situation and offer appropriate support.

Yes, if you want to open or manage an account. If some details are optional, we’ll tell you.

To provide you with our products and services, we sometimes need to share your data with other trusted organisations.

Whenever we share your data, we require organisations to protect it and to treat it lawfully.

Some of the organisations we share your personal data with (such as IT service providers that support our business) will act as ‘Processors’. Processors are only allowed to use your data in line with our instructions.

We also need to share your personal data with other people and organisations who act as ‘Controllers’”. This means they need to decide how to lawfully use your personal data.

Examples of Controllers are Credit Reference and Fraud Prevention Agencies (see below), Individual Voluntary Agreement/Bankruptcy administrators, insurance companies, tax authorities, financial regulators, and law enforcement agencies. As Controllers, these organisations have their own privacy notices which will affect how they manage your personal data.

We may also need to share your personal data with organisations if we sell, transfer, or merge parts of our business. If this happens, there won’t be any changes to how your data is used or protected.

• FRAUD PREVENTION AGENCIES
Before we can give you, a mortgage or open a savings product, we must prove your identity and make checks with fraud prevention agencies. We do this to help stop fraud and money laundering. We need to use your data to do this.

We, and Fraud Prevention Agencies, may allow law enforcement agencies e.g., the Police and HMRC, to access and use your data to detect, investigate and prevent crime. Fraud Prevention Agencies can hold your data for different periods of time. If you’re considered to be a fraud or money laundering risk, your data can be held for up to six years.

You can get the details of the Fraud Prevention Agencies we use by getting in touch. (See section 2)
Consequences of processing

If we, or a Fraud Prevention Agency, decide you are a fraud or money laundering risk, we may refuse to provide you with our products or services, this could mean any accounts you already have with us will be closed. A record of any fraud or money laundering risk is kept by the Fraud Prevention Agencies and may result in other organisations refusing to provide you with services, finance, or employment.

If you have any questions about this, please get in touch. (See section 2)

• CREDIT REFERENCE AGENCIES
To process a mortgage application, we carry out credit and identity checks on you with one or more Credit Reference Agencies (CRAs). If you already have a mortgage with us, we may also carry out searches with CRAs to manage your account. To do this, we will supply your data to CRAs, and they will give us data about you. This will include data from your credit record about your financial situation and history. CRAs will also supply us with public (including the electoral register), shared credit, and fraud prevention data.

We will use this data to:
• Assess if you can afford to take out the mortgage.
• Check the accuracy of the data you have provided.
• Stop criminal activity, fraud, and money laundering.
• Manage your account(s).
• Trace and recover debts.
• Ensure any mortgage offer provided to you is appropriate.

We will continue to exchange your personal data and account information with CRAs while you are a customer. We also inform the CRAs when you pay off your mortgage. If you borrow money and do not repay it in full and on time, CRAs will record the outstanding debt amount. CRAs may supply this information to other organisations.

When CRAs receive a search request from us, they will place a search footprint on your credit file that may be seen by other organisations.

If you are making a joint application or tell us that you have a spouse or financial partner, we will link your records together. This means you should discuss this with them and share the information in this section with them before making an application. CRAs will also link your records together. These links will remain on your and their files until you or your partner successfully requests the CRAs to break that link.

Credit Reference Agency Information Notice (CRAIN) – (https://www.experian.co.uk/legal/crain)

Please note that the Society is not responsible for external links.

Occasionally your data may be transferred outside the UK. If this is necessary, we ensure it’s protected to UK General Data Protection Regulations (GDPR) standards or appropriate safeguards are in place such as aligning to approved international frameworks.

You have right to:

• Be informed – know how we use your data.
• Access your personal data – get a copy of your data.
• Have your personal data corrected – correct any wrong or missing data.

We will do our best to make sure your data is accurate and up to date. However, we need your help to do this. Please get in touch if any of your data changes, e.g. you move house. (See section 2)

• Have your data deleted (the ‘right to be forgotten’) – the data we hold with your consent, e.g. marketing preferences will be deleted when requested, at any time.Data we hold for other legal reasons (see section 5) will be kept for the period in our Retention Schedule unless we no longer need to keep your data.
• Limit or object how we use your data - in certain circumstances we can limit or change the way we use your data and stop using it.
• Challenge automated decisions – you can choose to have human input into any decisions made. (See section 15 for more details).
• Data portability – you can ask to transfer your data to another organisation.

If you wish to exercise any of your rights, please get in touch via datarights@monbs.com. We will respond within one calendar month.

Please get in touch so we can update your details.

• While you are a customer.
• Up to 5 years after your account has closed or redeemed.
• Between 3 months and 5 years if your enquiry/application does not proceed.

We only keep your data for as long as we need to use it.
We may keep your data longer if we cannot delete it for technical reasons.
Some data may not be kept for the life of your account e.g. call recordings, paper savings application forms and certain correspondence.

We will only send you marketing if you have agreed.

You can change your decision and opt out at any time, just get in touch (see Section 2).

We do not send any marketing to under 18’s.

Please see our Cookie Policy available at https://www.monbs.com/cookie-policy/

We listen to, record, and keep records of calls, emails, social media messages, visits to our branches or agencies, face to face meetings and other communications.

We do this for:
• Security
• Training
• Legal reasons
• Improve the quality of our services

Sometimes we use automated tools to help us make decisions or predictions about you, for example.
• Check mortgage affordability
• Prevent fraud
• Send marketing communications (if you have agreed)
• Understand the types of customers we have

These tools do not make decisions about you on their own. They help us process information quickly and efficiently, but any decision that affects you is reviewed and confirmed by a member of staff. You also have the right to ask for a person to review any decision made using automated tools.

We may use AI and automated tools to help provide our products and services safely and efficiently.

AI may be used to:
• Detect and stop fraud and financial crime
• Help confirm your identity
• Support affordability or risk assessments
• Improve customer service/support and operational efficiency.

AI systems do not make decisions about you on their own. Any decision that affects you is reviewed by a member of staff, who takes responsibility for the outcome. You also have the right to ask for a person to review any decision made using automated tools.

We make sure any AI tools we use are fair, secure, and used in line with data protection law.

We do not use your personal data to train public or generative AI tools.

This privacy notice was updated in March 2026.

If you are unhappy, please get in touch.

You can also complain to the Information Commissioner’s Office which enforces data protection laws:

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk