

We are Cater Allen Private Bank, the data controller. You can contact our Data Protection Officer (DPO) at 201 Grafton Gate East, Milton Keynes, MK9 1AN if you have any questions.
This is our Privacy Statement which explains how we obtain, use, and keep your personal data safe in relation to the Cater Allen website (caterallen.co.uk) and the Cater Allen internet banking website.
Your personal data is data which by itself or with other data available to us can be used to identify you.
We're committed to keeping your personal information safe in accordance with applicable data protection laws.
The types of personal data we capture and use will depend on what you are doing on the website or when using internet banking. We'll use your personal data for some or all of the reasons set out in this Privacy Statement. If you become a customer we'll also use it to manage the account, product or service you've applied for and we'll provide you with a separate data protection statement specifically in relation to that as part of the application process. Some of the information relevant to that is included in this Privacy Statement for consistency. Examples of the personal data we use in relation to our websites may include:
We'll tell you if providing some personal data is optional, including if we need to ask for your consent to process it. In all other cases, if you fail to provide the requested personal data, we may be unable to process or respond to your application, query, or service request. We'll collect this personal data directly from you when you use this website. Where you go through an application process with us, we may collect some of your personal data indirectly, from other sources. We will tell you about the sources of the personal data in the data protection statement relevant to the specific product. If you provide personal data about another individual, you must have their authority to provide their personal data to us and you must share this Privacy Statement and any related data protection statement with them beforehand together with details of what you've agreed on their behalf.
Subject to applicable laws, we'll monitor and record your calls, emails, text messages, social media messages and other communications in relation to your dealings with us. We'll do this for regulatory compliance, self-regulatory practices, crime prevention and detection, to protect the security of our communications systems and procedures, to check for obscene or profane content, for quality control and staff training, and when we need to see a record of what's been said. If you take out an account or service with us, we may also monitor activities on your account/service where necessary for these reasons and this is justified by our legitimate interests or our legal obligations.
We'll process your personal data:
You're free at any time to change your mind and withdraw your consent. The consequence might be that we can't do certain things for you. To the extent that action has already been taken based on your consent, withdrawal of your consent will not apply to the processing of your personal data that has already occurred, based on your consent.
Subject to applicable data protection law we may share your personal data:
In some instances your personal data may be transferred outside the UK and the European Economic Area. While some countries have adequate protections for personal data under applicable laws, in other countries additional steps will be necessary to ensure appropriate safeguards are in place to protect your personal data. These include imposing contractual obligations to ensure these safeguards are put in place or requiring the recipient to subscribe to or be certified with an 'international framework' for the protection of personal data. More details can be found in our 'Using my personal data' booklet.
If you apply for an account via the website, before you enter any personal details into the online form, we'll tell you how your information will be used in our data protection statement relevant to that account, in the 'Using my personal data' booklet and sometimes in the relevant terms and conditions. You'll be asked to confirm that you have read these and you'll be asked to agree to our terms and conditions before you submit the application.
The data protection statement, in conjunction with the 'Using My Personal Data' booklet, includes details of the uses we may make of your data, the legal bases we are relying upon to carry out that processing, and who we may share your personal data with. For instance, for credit account applications like bank accounts, we may pass your details to a recognised credit reference agency to help process your application.
We may occasionally send you information about accounts and services which we think would be of interest to you but only where we have your consent or if this is within our legitimate interests (see above for more details about lawful bases). You can choose to stop receiving information at any time by contacting us.
You can call us on 0800 092 3300. To help us improve our service we may record or monitor phone calls as explained in the monitoring of communications section as necessary to comply with any legal obligations and for our legitimate interests.
When you contact us, we may need to collect some personal details like your name, address and phone numbers. Email isn't 100% secure so you shouldn't send personal data such as your account information using normal email. Please consider another method, such as calling us, if you need to share personal information.
Emails are stored on our standard internal contact systems which are secure and can't be accessed by external parties. We store this information to identify trends, and for the purposes set out in the monitoring of communications section as necessary to comply with any legal obligations and for our legitimate interests. For more information on the criteria we use to determine our retention periods, see below.
We may automatically process your personal information, without human intervention, to evaluate certain personal aspects about you (known as profiling).
In particular, we may analyse or predict (among other things) your economic situation, personal preferences, interests or behaviour. This could mean that automated decisions are made about you using your personal information. For example, we might analyse certain customer demographics, account holdings and account behaviours (such as Direct Debits you have set up on your accounts including those which identify accounts and products such as credit cards and store cards which you hold with other providers/elsewhere) and look at details of transactions relevant to your accounts. We may also analyse events such as the maturity dates of your accounts and opening anniversaries.
In some instances we'll use automated processing and decision making, where relevant, to decide which of our other products or services might be suitable for you. We'll look at the types of accounts that you already have with us, as well as your age, where this is relevant to the product, we think you might be interested in. We'll also conduct behavioural scoring, including by looking at the accounts and products you already have with us and how they are being used, such as account turnover, arrears and other indications of financial difficulties. Where searches are carried out against publicly available data sources and credit reference agencies, these searches may appear on your credit report, but they will not affect your ability to get credit.
You may have a right to certain information about how we make these decisions. You may also have a right to request human intervention and to challenge the decision.
You may withdraw your consent at any time by contacting us. Further details can be found in the 'Using My Personal Data' booklet.
We'll tell you if we intend to use your information for marketing purposes and we'll give you the opportunity to opt out if you want to (unless we need a consent to use your information for marketing purposes – if we do we'll seek one). If you receive marketing emails and don't want to in future, please use the unsubscribe link within the email and we'll remove you from future campaigns. Ways to opt out of marketing communications that we send you via other channels, can be found in the 'Using My Personal Data' booklet.
We'll treat any survey or competition information you provide with the same high standard of care as we do all other customer information, using any details provided strictly within the terms of the competition and this Privacy Statement.
Cookies are small text files placed on your computer, smartphone or other device and are commonly used on the internet. We use cookies and similar technologies to:
We use cookies to enable us to perform our contract with you (e.g. if you are an Internet Banking customer) and for our legitimate interests (e.g. to help us improve our service). We'll also ask your consent for non-essential cookies. To find out more about all types of cookies and how to control and delete them, including clearing your browsing history, you can read our cookie policy.
The following criteria are used to determine data retention periods for your personal data:
Your rights are as follows (noting that these rights don't apply in all):
The right to be informed about our processing of your personal data;
You have the right to complain to the Information Commissioner's Office. It has enforcement powers and can investigate compliance with data protection law: ico.org.uk
For more details on all the above you can contact our DPO, view the 'Using My Personal Data' booklet or request it by calling us on 0800 092 3300.
Your personal data may be converted into statistical or aggregated data, which can't be used to identify you. We may share and sell such anonymised data including in an aggregated format, within and outside of the Santander group of companies, for statistical analysis, research and other business purposes. For example, sharing information about general spending trends in the UK to assist in research. The law says this is not considered to be personal information after it has been anonymised and/or aggregated.
For more information on the Santander group companies, please see the 'Using My Personal Data' booklet.
We'll notify you if there are any material changes to this Privacy Statement if required by applicable law or where we intend to process your personal data for a new purpose before we start that new processing activity.
This Privacy Statement is not designed to form a legally binding contract between Cater Allen and users of our website or internet services.
Certain hypertext links in this website may lead you to websites which are not under the control of Cater Allen Private Bank. When you activate these, you may leave the caterallen.co.uk website. These links are provided solely for your convenience and do not represent any endorsement or recommendation by Cater Allen Private Bank.
We accept no responsibility or liability for the contents of any website to which a hypertext link exists and gives no representation or warranty as to the information on such websites. We accept no responsibility or liability for any loss arising from any contract entered into with any website to which a hypertext link exists.
We accept no liability for any loss that may arise if the goods or services advertised within this website become unavailable.
You can contact us on 0800 092 3300 or write to our DPO at 201 Grafton Gate East, Milton Keynes, MK9 1AN if you have any questions.
It is your responsibility to ensure that your computer is virus protected. We accept no responsibility for any loss you may suffer as a result of accessing and downloading information from this site.
There are some things you can do to protect your personal information online. It's by no means exhaustive but will help make sure you don't fall foul of Internet fraud:
For more information about staying safe online you can visit our Security Centre at caterallen.co.uk
You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.
All information passed between you and Cater Allen when using our online services is sent using secure industry standard encryption.