Privacy Notice
About This Notice
Welcome to our Privacy Notice. C. Hoare & Co. is committed to protecting your personal information when you use our services. This notice also applies in respect of any information you provide to Messrs. Hoare Trustees, which is a wholly owned subsidiary of C. Hoare & Co. This notice explains how we collect, retain and process your personal information.
Your Rights Regarding Processing Of Your Personal Information
Under certain circumstances, by law you have the right to:
objectto processing of your personal information
request accessto the personal information we hold about you
request correctionof the personal information that we hold about you
request erasureof your personal information
request the restriction of processingof your personal information
request the transferof your personal information to another party in a commonly used form.
For more information on your rights, click here
To exercise one of these rights, please contact us
Contacting Us
For the purposes of data protection legislation, C. Hoare & Co. is a "controller" meaning that we determine the purpose and means of processing the information we collect from you. C. Hoare & Co. is also a "controller" in respect of any information you provide to Messrs. Hoare Trustees, which is a wholly owned subsidiary of C. Hoare & Co. If you ever have any questions, comments or complaints about this notice, please contact us via any of the following means and we will be pleased to assist you:
By post: The Data Protection Officer, 37 Fleet Street, London EC4P 4DQ
By email: DPO@hoaresbank.co.uk
By telephone: +44 (0)20 7353 4522
Information That We Collect
This section details the types of information we collect from you and how we use information about you:
- information that you provide to us from time to time including through our Online Banking service, or when you register, subscribe to, request, or use any of our products or services, or when you submit queries to us
- information that you provide when you fill in forms on our website
- identity data including your name, marital status, title, nationality and date of birth
- identification data including passport details, driving licence, or other identification documents
- contact data including postal addresses, email address and telephone numbers
- profile data such as the products and services you use and your interests and preferences
- details of your financial position and history
- if you contact us by any means, including by telephone, we will keep a record of that correspondence and the information that you provide to us in that correspondence
- information that you provide when completing surveys that will be used for research purposes, although you do not have to take part in our surveys
- details of transactions you carry out using our products or services
- details of your visits to any of our websites please see our Cookiespage for details.
In addition to the above, Messrs. Hoare Trustees will also collect:
- information that you provide to us regarding details of settlors, trustees, beneficiaries, testators, donors and legatees
- information you have provided to C. Hoare & Co. where you have requested our services.
How We Use Your Information
We use information supplied by you:
- to confirm your identity and to allow us to carry out checks in the interest of security and to prevent fraud and assess credit risk
- prevent crime, fraud and money laundering by, for example, checking details provided on applications for credit and credit- related or other facilities
- check the operation of credit and credit-related accounts
- verify your identity if you, or your financial associate, applies for other facilities
- make decisions on credit and credit related services about you, your financial associate, other members of your household, or your business
- manage your personal, your financial associates, and/or business (if you have one) credit, or credit-related account, or other facilities
- trace your whereabouts and recover debts that you owe
- undertake statistical analysis and system testing
- perform services as fraud prevention agencies.
- to administer and maintain your account(s) and provide you with products and/or services
- to improve the products and services that we offer
- to respond to your queries
- to carry out our obligations under any contracts entered into between you and us
- to notify you about any changes to our products, services and/or our websites
- to send you marketing information
- to comply with legal and regulatory requirements that apply to us
- for general statistical analysis.
We will search at credit reference and fraud prevention agencies for information on all applicants for certain products and services. In so doing we will provide the current and previous names, addresses and dates of birth, of all applicants, so if you are providing information about others, on a joint application, you must inform them of the information contained in this notice and be sure that you have their agreement to disclose to us their details. If you give us false or inaccurate information and we identify fraud, details may be passed to credit reference and fraud prevention agencies.
We will use the information provided to us by credit reference and fraud prevention agencies to help make credit or credit related decisions about all applicants, to verify their identity, for the prevention and detection of fraud and/or money laundering, and to manage accounts.
When credit reference agencies receive a search from us they will place a search "footprint" on your credit file (and that of any joint applicant) whether or not an application to us is approved and proceeds. If the search was for a credit application the record of that search (but not the name of the organisation that carried it out) may be seen by other organisations when you apply for credit in the future.
If you are making a joint application now or have ever done the following:
a) applied for credit with someone else
b) have joint account(s)
c) are already financially linked.
Credit reference agencies may link together the records of people that are part of a financial unit. They may do this when people are known to be linked, such as being married, or have jointly applied for credit, or have joint accounts. They may also link people together if they, themselves, state that they are financially linked.
we will check your financial associates’records as well.
A financial associate will be someone with whom you have a personal relationship that creates a joint financial unit in a similar way to a married couple. You will have been living at the same address at the time. It is not intended to include temporary arrangements such as students, or rented flat sharers, or business relationships.
Links between financial associates will remain on your and their records until such time as you or the financial associate successfully files for a disassociation with the credit reference agencies.
Credit reference agencies will supply to us, public information such as County Court Judgments (CCJs) and bankruptcies, electoral register information and fraud prevention information on applicants’ and their known financial associates’ current and previous names, addresses and dates of birth.
The information that we, and other organisations, provide to the credit reference agencies about you, your financial associates and your business (if you have one) may be supplied by credit reference agencies to other organisations and used by them to:
In addition to the above, Messrs. Hoare Trustees will also use the information you supply to:
- draft wills for customers
- act as Trustees, Custodian trustee and or agents for different types of Trusts
- act as Executors/Trustees/Attorney administrator of Wills
- administration of Trusts/Estates.
Information Used For Marketing Purposes
We use your information to identify products and services and/or events that we think may be of interest to you. We will only send you marketing messages by email and/or SMS where you have consented to such contact, or in the case of products and services, where these are similar to those that we have already provided to you.
You have the right to ask us not to send you marketing messages by post, telephone, or email, or any combination of these at any time. You can do this by:
- checking certain boxes on the forms we use to collect your data
- replying directly to the marketing message
- in case you wish to withdraw from all marketing communications, you can also unsubscribe from all marketing by clicking the appropriate link in any email you receive
- contacting the Data Protection Officerat any time
Lawful Processing
In terms of the legal bases we rely on to process your information, these are where the processing is necessary or where you have consented to such use.
- For the performance of a contract with you for provision of our products and/or services, or to take steps at your request prior to entering into such a contract
- To comply with our legal obligations
- For our legitimate interests in:
- ensuring the quality of the products and services we provide to you;
- setting up, administering and maintaining your account with us;
- collecting information for marketing purposes;
- communicating with you;
- statistical analysis.
We process your sensitive and special categories of information (this includes data concerning your health, personal data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, criminal convictions and offences, or data concerning sexual orientation) where we have asked for your explicit consent or otherwise where this is necessary.
- for the establishment, exercise, or defence of legal claims
- where we need to carry out our legal obligations
- in the case that you have obviously made information public (e.g. on social media) we will process sensitive/special categories of information for the purposes of carrying out our legal obligations.
If provision of your personal information is a legal or contractual requirement, or a requirement necessary to enter into a contract with us, and you choose not to provide it, we may not be able to perform some of the tasks we need to in order to provide certain products or services to you.
If you do choose to provide your consent you can withdraw it at any time by contacting the Data Protection Officer.
Sharing Your Information
We will provide your information to our service providers to allow them to assist us with delivering the products or services that you have requested, under various categories:
- Accountants
- Auditors
- Credit reference agencies read more
- Lawyers
- Information technology and information security providers
- intermediaries that introduce you to us
- companies that we introduce you to
- if you request that we do so, your information will be passed between C. Hoare & Co and Messrs. Hoare Trustees to provide products and services to you which you have requested
- Law enforcement agencies and regulators read more
- Fraud prevention agencies read more
- HM Revenue & Customs (HMRC) read more
- UK Financial Services Compensation Scheme
- if the bank (or all or part of its assets) were to be acquired by a third party, in which case personal data about you, as one of our customers, would be one of the transferred assets
- if you have consented to any disclosure to a third party
CallCredit, Consumer Services Team, PO Box 491, Leeds, LS3 1WZ or call 0870 0601414
Equifax PLC, Credit File Advice Centre, PO Box 3001, Bradford, BD1 5US or call 0870 010 0583 or log on to www.myequifax.co.uk
Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0844 4818000 or log on to www.experian.co.uk
We will share with law enforcement and regulators where we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation, or if we reasonably consider that this is necessary to help prevent or detect fraud or other crime, or to protect the rights, property, or safety of the bank, our customers or others.
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found at www.cifas.org.uk/fpn
We will share with HMRC if we are under a duty to disclose or share your information with them. HMRC may transfer it to the government or the tax authorities in another country where you may be subject to tax.
Our websites may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please check their privacy policies.
Where We Store and Use Your Information
We transfer, use and/or store your personal information outside of the European Economic Area ("EEA") and the laws of some of these destination countriesmay not offer the same standard of protection for personal information as in the UK.
We currently transfer data to the following countries outside of the EEA:
USA, Switzerland, Australia, India, Ukraine, Jersey, Canada, and the Philippines. We may update this list from time to time and any changes will be communicated to you via an update to this Privacy Notice.
Transfers to our third party service providers are to enable them to use and store your personal information on our behalf. We will, however, put in place appropriate security procedures in order to protect your personal information. We also ensure that, where your information is transferred to any country outside the EEA this is done using specific legally-approved safeguards. You can request further details and a copy of these by contacting the Data Protection Officer.
Keeping Your Information
We will keep your information only for as long as necessary depending on the purpose for which it was provided. Details of retention periods for different aspects of your personal information are available in our retention policy which is available from the Data Protection Officer.
When determining the relevant retention periods, we will take into account factors including:
- the nature and sensitivity of the personal data
- the potential risk of harm from unauthorised use or disclosure of your personal data
- the purposes for which we process your personal data and whether we can achieve those purposes through other means
- our legal obligations under applicable law to retain data for a certain period of time
- the statute of limitations under applicable law(s) (potential) disputes
- guidelines issued by relevant supervisory authorities.
In certain cases, we will retain data which we believe is of particular historical interest for our museum, or for research and statistical purposes. We will ensure it is only used for those purposes otherwise, we securely erase your information once it is no longer needed.
Security
We have put in place measures to protect the security of your information. These measures are intended to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instruction and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Unfortunately, the transmission of information via email is not secure. Therefore, if you use email to communicate with us we cannot guarantee that it will remain confidential whilst in transit.
Location Data
Certain services provided as part of our Online Banking service or mobile app may make use of your physical location sent from your device. We use your location data to help us prevent and detect fraud and to enable us to provide functionality in accordance with this Privacy Notice.
Your Rights
Under certain circumstances, by law you have the right to:
- object to the processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes
- request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected
- request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see above)
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy, or the reason for processing it
- request the transfer of your personal information to another party in a machine-readable, commonly used and structured format.
If you want to exercise your rights, please contact the Data Protection Officer.
The various rights are not absolute and each is subject to certain exceptions or qualifications. In some cases, these rights do not become a legal requirement until 25th May 2018. In these cases we may not be able to fulfil your request to exercise the right before this date. Where we cannot provide a full response to you for this reason, we will let you know about this in our initial reply to your request.
Your Duty To Inform Us Of Changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Fees
If you request a copy of your information prior to 25th May 2018, there is a charge of ₤10 for the service. If you make your request at any time from 25th May 2018, you will not have to pay a feeto access your personal information (or to exercise any of the other rights).
In some cases, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or if you request multiple copies of the information. Alternatively, we may refuse to comply with the request in such circumstances.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to Complain
If you wish to request further information about any of the above rights, or if you are unhappy with how we have handled your information, contact the Data Protection Officer.
If you are not satisfied with our response to your complaint, or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office ("ICO"): https://ico.org.uk/global/contact-us
ICO Helpline: 0303 123 1113.
Changes to our privacy notice
We keep our Privacy Notice under regular review and any updates will be posted on our website in the most recent version of this Privacy Notice. Where appropriate, changes may be notified to you by post or email.
A summary of recent changes to our Privacy Notice is available for your information:
- November 2018 - Details in respect to sharing your information with fraud prevention agencies, such as CIFAS, updated.
- April 2018 - Notice refreshed in line with the General Data Protection Regulation (GDPR) requirements.
