This notice explains how we use your personal data, describes the categories of personal data we process and for what purposes. It applies when you use this website or any of our apps or when you apply for or use any of our credit cards and related products or services. We are committed to collecting and using personal data fairly and in accordance with the requirements of the General Data Protection Regulation (GDPR).
We are committed to ensuring that your information is kept safe, secure and used responsibly, and we have put in place appropriate technical and other security measures to protect it.
Who we are
Vanquis Bank Limited (Company Number 02558509) whose registered office is at 1 Godwin, Street, Bradford, West Yorkshire BD1 2SU, a member of the Provident Financial Group (the Group). You can get in touch with our Customer Services Department at Vanquis Card, Customer Services, PO Box 399, Chatham, ME4 4WQ or by telephone on 0330 099 3000. Please click here for opening hours and call charge information.
Other firms within the Provident Financial Group with which we may share your personal data are:
- Provident Personal Credit Limited. Registered number 146091 England.
- Provident Financial Management Services Limited. Registered number 00328933 England.
The registered address for these companies is: No. 1 Godwin Street, Bradford, West Yorkshire, BD1 2SU.
- Moneybarn Limited. Registered number 02766324 England.
- Moneybarn No. 1 Limited. Registered number 04496573 England.
The registered address for these companies is: The New Barn, Bedford Road, Petersfield, Hampshire, GU32 3LJ.
What kind of personal information we use
We use many different kinds of personal information depending on the products and services we deliver or offer to you or how we otherwise interact with you. For all products and services we need to use the following personal data: full name, address, email address, telephone number, date of birth, contact details, employment, information about your credit history, information about those to whom you are financially linked, information about how you have used other products and services provided by us or other members of the Provident Financial Group, information we receive from credit reference and fraud prevention agencies, and other financial information. Where you use our websites, we will collect your Internet Protocol (IP) address and information about your browsing behaviour.
We might also need health information to help us support our customers who have a vulnerability.
How we collect your personal data
We collect personal data:
- directly from you, for example when you fill out an application form either in paper or on our website or mobile app (at that stage we will tell you more about how your personal data will be used in relation to a particular product or service);
- by observing how you use our products and services, or those of other members of our Group, for example from the transactions and operation of your accounts and services, or your use of our websites;
- profile data and usage data which relates to the profile you create to identify yourself when you connect to our internet or mobile services and how you use those services;
- from other organisations such as credit reference and fraud prevention agencies;
- from organisations to which you have given your consent (or there is an alternative legal basis) to share your personal data with us for specific purposes, such as for direct marketing;
- from other individuals who know you; and
- from public sources, such as the ‘Open Register’, which is an extract of the electoral register, but is not used for elections. You can opt out of being included in the register. Doing so, will not affect your right to vote. For more information, please go to: https://www.gov.uk/electoral-register/view-electoral-register
How we use your personal data
Data protection law says that we can only use personal data if we have a proper reason to do so. For example, these reasons include fulfilling a contract we have with you, when we have a legal duty, when it is in our legitimate interest or when you consent to its use. When data protection law allows us to process your personal data for our own legitimate interests, it is only allowed provided those interests do not override your own interests and/ or your fundamental rights and freedoms.
An example of where we would process your personal data for our legitimate interests would be where you believe you are the victim of fraud and in order to investigate your claim we may have to share your name and account number, payment and other details of the case with any other bank involved. Sharing personal data in these circumstances would not only be in our legitimate interest but also yours. An example of us using your personal data when we have a legal duty, is where we must do so in order to comply with anti-money laundering obligations.
Our purposes for processing your personal data
We will only ask you for your personal data where it is necessary to fulfil the following purposes. Where providing us with your personal data is optional, we will inform you of this. Our purposes are grouped under our legal bases for processing.
Entering into and fulfilling a contract between you and us
- To consider and process applications made by our customers and prospective customers for products and services we provide.
- To deliver the products and services we provide, including:
- Making and accepting payments, and receiving deposits on your behalf;
- Providing you with information, advice and guidance on the products and services you hold;
- This includes account statements, formal reminders and notices informing you of forthcoming changes, such as increasing or decreasing credit limits on your credit card;
- Calculating interest and, where relevant, determining fees and charges which may apply to your account; and
- To address enquiries or complaints we may receive from you or a representative appointed by you.
Fulfilling our legal obligations
- Checking your identity;
- Conducting assessments of your creditworthiness when you apply for a credit product, through sharing your personal data with credit reference agencies (please see the section headed ‘Credit Reference Agencies’ below);
- Assisting you with managing the products and services you hold;
- Detecting, investigating and reporting financial crime, and taking measures to prevent this;
- Maintaining records of our business, as required by law – for instance, keeping records of our accounts;
- Complying with laws which require us to provide information, directly or indirectly to any national authority, for the purpose of calculating and collection of tax;
- To otherwise meet our obligations under all laws and regulations based on law which apply to our business activities;
- Responding to enquiries and requests for information by any of our Regulators;
- Creating and submitting reports required by any of our Regulators;
- Identifying and managing risks to our organisation; and
- Where we have a duty to protect vulnerable customers.
For our legitimate interests
- As a commercial organisation:
- Understanding how our customers use our products and services, so we can improve these.
- Developing new products and services and identifying which may be of interest to you – this may involve profiling;
- Where we have the relevant permissions, contacting you to make you aware of these products and services – note: we may contact you for a reasonable period after you cease your relationship with us;
- Sharing information with organisations who introduce you to us under a commercial agreement – for instance, where we pay them commission;
- Sharing information for the purpose of ensuring your ongoing creditworthiness, throughout the life of your credit product (please see the section headed ‘Credit Reference Agencies’ below);
- Improving our systems and processes, which may include using your personal data to test the accuracy of these, but only where it is essential to do so;
- To recover money owed to us;
- To otherwise exercise our rights under our contracts with you for the provision of the products and services you hold;
- Sharing your personal data with other firms within the Provident Financial Group for business analysis, data verification and data enrichment purposes
- To invite you to participate in market research and customer surveys;
- To sell to, or purchase debts from other firms;
- Sharing your personal data with any person to whom we may transfer, or may consider transferring any of our rights or business; and
- To share information with third parties for the purpose of preventing fraud and financial crime (see section headed, ‘Fraud Prevention Agencies’ below).
Where we require your consent / explicit consent
- To process about you, where necessary, ‘special categories of personal data’ – this includes data about your:
- Race or ethnicity;
- Religion or other beliefs of a similar nature;
- Sexual life or orientation;
- Trade Union membership;
- Political opinions; and
- Genetic or biometric data about you.
- We may process personal data about your health or medical conditions, where we need to understand this to provide you with support, or to make adjustments in how we provide you with information.
- Sharing your personal data with other organisations, including those within the Provident Financial Group, to make you aware of their own products and services.
Retaining your personal data
We will retain your personal data for as long as we are obliged, under relevant legislation and regulation, or where no such rules apply, for no longer than it is necessary for our lawful purposes. This will usually be no more than seven years from the point at which the obligation to retain a record containing your personal data begins. The retention period of your personal data may need to be extended where we require this to bring or defend legal claims. We may also retain data for longer periods for statistical purposes, and if so we will anonymise or pseudonymise this.
Using data processors and transferring your personal data overseas
We may use service providers, agents and subcontractors to provide services on our behalf. This may require these organisations to access and process your personal data. We have listed our third party partners and categories of suppliers we use in Appendices 1 and 2.
From time to time your personal data may be transferred to organisations that are based in countries outside the European Economic Area. In these circumstances, we will ensure they process your personal data only in accordance with the applicable data protection legislation and under strict organisational and contractual controls, specifically EU model clauses. We also use the EU Commission approved EU-US Privacy Shield framework, where appropriate, when personal data is processed on our behalf in the USA. For more information about these controls, please visit https://ico.org.uk and search for ‘International transfers’.
Your Privacy Rights
You have the right to object to how we process your personal data. You also have the right to see what personal data we hold about you. You can ask us to correct inaccuracies, delete or restrict personal data or ask for some of your personal data to be provided to someone else. These rights are explained in more detail below.
Requests to exercise your rights to your personal data can be made by:
- By post: to “Attention: Data Rights Team, Vanquis Bank, PO Box 399, Chatham, ME4 4WQ”
- By telephone: on 0330 099 3000
Our Data Protection Officer can be contacted at the address above.
Your data protection rights are subject to certain restrictions and conditions. We will assess your request and where we decide not to act upon this, we will notify you of our reasons for this. We will not make a charge for handing your rights request, unless we consider this to be manifestly unfounded or excessive (particularly if this is repetitive).
You have the right to complain to us and to the data protection regulator, the Information Commissioner’s Office, whose address is: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Telephone: 0303 123 1113. You can find out how to report a concern on their website at: https://ico.org.uk/reportaconcern
Your rights are:
To be informed: You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. We fulfil this right by giving you this notice.
Access to your personal data: You can request access to a copy of your personal data that we process as a data controller, together with details of why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making.
Right to withdraw consent: If you have given us your consent, you can withdraw that consent at any time. Please contact us if you want to do so. If you withdraw your consent, we may not be able to provide certain products or services to you. If this is the case, we will tell you.
Right to object: You may object to our processing of your personal data by us, where this processing is based on our legitimate interests or in the public interest. We will assess whether our interest in continuing to process your personal data overrides your rights and freedoms. If not, we will stop processing your personal data. Either way, we will inform you of the outcome.
You have the right to object to direct marketing (including marketing-related profiling) and if you do so, we must stop these types of activities. (See “Automated decision making and profiling” and “Marketing” below.)
Rectification: You can ask us to change or complete any inaccurate or incomplete personal data held about you.
Erasure: This is also known as “the right to be forgotten” and this means that you can ask us to delete your personal data where it is no longer necessary for us to use it, you have withdrawn consent (where applicable), or where we have no lawful basis for keeping it or otherwise using it. There are limited exceptions, for example where we need to use the information to bring or defend a legal claim.
Portability: You can ask us to provide you or a third party with some of the personal data that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred. This is limited to personal data you have provided with your consent or in relation to the products you have with us, and which we process by automated means, such as your account transaction data.
Restriction: You can ask us to restrict the personal data we use about you where:
- it is inaccurate;
- you have asked for it to be erased;
- you have objected to our use of it; or
- where you need this for the bringing or defending of legal claims.
When you have asked us to restrict the use of your personal data we may still store your information but will not use it further without your consent, unless we need to process it:
- to bring or defend legal claims;
- to protect the rights and freedoms of other individuals; or
- for other important public interest reasons.
Automated decision making and profiling
Sometimes we use your personal data in automated processes to make decisions about you. You have the right not to be subject to a decision based on solely automated processing, including profiling, if this will have a legal or other significant effect on you (unless certain exceptions apply).
We use automated decision making in:
- Credit scoring, which uses past data to assess how you are likely to act when paying back any money you borrow (this includes data about similar accounts you may have had before). We will tell you where we will make such decisions and you have the right to ask for these to be reconsidered manually;
- Assessing and amending the credit limit of your credit card account, based on your account behaviour. We will give you notice of our intention to amend your limit and you will have the ability to request an increase or reduction to this; and
- Determining the appropriate action to take, where your account has gone into arrears or default. We will tell you where we will make such decisions and you have the right to ask for these to be reconsidered manually.
We will use your personal data in profiling in order to identify your suitability for products and services we offer and to inform you of these. Where an individual’s financial history suggests they are unlikely to be accepted for a particular product or service, we may use that data to opt them out of receiving information about that product or service. This is in individuals’ interests as it helps stop them receiving irrelevant marketing or being targeted with marketing about products that they cannot afford. These types of profiling are only used in relation to our own products and services and as such are generally not considered to have a significant effect on your rights and interests. (See “Right to object” above and “Marketing” below).
Credit Reference Agencies
In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”). Where you take banking services from us we may also make periodic searches at CRAs to manage your account with us.
To do this, we will supply your personal data to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We will use this information to:
- Assess your creditworthiness and whether you can afford to take the product;
- Verify the accuracy of the data you have provided to us;
- Prevent criminal activity, fraud and money laundering;
- Manage your account(s);
- Trace and recover debts; and
- Ensure any offers provided to you are appropriate to your circumstances.
We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.
When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.
If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal data, data retention periods and your data protection rights with the CRAs are explained in more detail on the Credit Reference Agency Information Notice (‘CRAIN’), which may be accessed via the links to the CRAs detailed below.
- Callcredit: https://www.callcredit.co.uk/crain
- Experian: https://www.experian.co.uk/crain
- Equifax: https://www.equifax.co.uk/crain
Fraud Prevention Agencies
Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
What we process and share
The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
Details of the personal information that will be processed may include your:
- date of birth
- residential address and address history
- contact details such as email address and telephone numbers
- financial information
- employment details
- identifiers assigned to your computer or other internet connected device including your Internet Protocol (IP) address
- vehicle details
When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:
- our processing reveals your behaviour to be consistent with that of known fraudsters or money launderers; or is inconsistent with your previous submissions; or
- you appear to have deliberately hidden your true identity.
You have rights in relation to automated decision making: if you want to know more please contact us using the details above.
Consequences of processing
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services, goods or financing you have requested, or to employ you, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
We may use your personal data to tell you about relevant products and offers that we and selected partners think you may find interesting. We can only use your personal data to send you marketing messages if you have given your consent or it is for a legitimate interest (when we have a business or commercial reason to use your information).
You can ask us to stop sending you marketing messages by contacting us at any time, although you will still receive statements and other important information such as changes to your existing products and services.
If you have previously applied for a Vanquis Bank product, we will usually contact you after six months to let you know about similar products and promotional offers as it may be that your circumstances have changed and/or you may be eligible for an alternative product. We will follow up further with you for a period of two years for this purpose but when you provide us with personal data at the beginning of the application process, you will be given the option to let us know that you do not want your personal data used for direct marketing purposes. If you select this option, we will not send you any marketing material.
Where you have provided your informed consent, we may share your personal data with other companies within the Provident Financial Group, who may contact your with offers of products and services which may interest you.
You can change your mind and update your choices at any time by using the “unsubscribe” or “opt out” option in any marketing communication you receive from us or by contacting us in the following ways:
- By post: Vanquis Card, PO Box 399, Chatham, ME4 4WQ
- By telephone: 0330 099 3000
Links to other websites
Certain hypertext links in this website may lead you to websites which are not under our control. Once you have left our website we are unable to accept responsibility for the protection of any personal data you provide to the owner of that website. You should look at the privacy information applicable to that website.
Keeping up to date
We keep our Privacy Notice under regular review. This notice was last updated in March 2018.
Appendix 1 - List Third Party Partners
We do not currently have any affinity partners
Appendix 2 - Categories of supplier with whom we may share personal data for our business purposes
- Communications providers – mail, email and SMS text services
- Credit Reference Agencies
- Customer Service function providers
- Debt Collection Agencies
- Fraud Prevention Services
- IT Consultants
- IT service providers
- Legal Services
- Management Consultants
- Market Benchmarking service providers
- Market Research
- Digital Marketing service providers
- Direct Marketing service providers
- Marketing Insight service providers
- Payment Processors
- Professional Services firms
- Risk Consultancy Services
- Software Providers
- Transcription service providers
- Web Analytics service providers
- Website Hosting service providers
What are Cookies?
Cookies are small files that store information on your hard drive or browser that means that our website can recognise that you have visited our website before.
Cookies can't harm your computer and we don't store personally identifiable information (such as your name, address or credit card details in cookies we create), but we do use encrypted information gathered from them to help improve your experience of the site. For example, cookies make it easier for you to maintain your preferences on the website, and by seeing how you use the website, we can tailor the website around your preferences and measure usability of the website.
You can, should you choose, disable the cookies from your browser and delete all cookies currently stored on your computer. Your cookie settings are set separately for each different device, computer or browser and if you want to change your cookie settings you will need to do so for each device, computer or browser.
If you disable cookies, you'll still be able to browse the site but you will not be able to use all the features, for example the ability to view your account online. Most web browsers have cookies enabled by default, if you want to review your cookie setting please see the section entitled Managing cookies.
Further reading about Cookies:
Information about cookies
More information about cookies is available at:
Internet Advertising Bureau
A guide to behavioural advertising and online privacy produced by the internet advertising industry is available at:
Please note that we take no responsibility for the content of these or any other third party websites.
Cookies used on the Vanquis Website
To make full use of the Vanquis Bank website, your computer, tablet or mobile phone will need to accept cookies, as we can only provide you with certain personalised features of this website by using them.
Here's a list of the main cookies we use, and what we use them for. You'll find information about 3rd party cookies in the next section
|Cookie Name||Cookie Purpose|
|TrackingReference||Application Form Cookies – These are cookies which allow our application process to work correctly.|
|__utma||Google Analytics – This is a commonly used online Analytics tool which anonymously collects information about how our customers navigate around our website so we’re able to optimise the experience we provide.|
|io_token||Iovation - This cookie assists with device recognition and fraud prevention.|
|__CT_Data||ClickTale - This site uses ClickTale web analytics service. ClickTale may record mouse clicks, mouse movements, scrolling activity as well as selected non-personal text you type in this website. This site does not use ClickTale to collect any personally identifiable information entered in this website. ClickTale does not track your browsing habits across web sites which do not use ClickTale services. We are using the information collected by ClickTale service to improve our website, make it more user-friendly and monitor that it is performing correctly.
How to disable ClickTale
Third Party Cookies
Some of the cookies on the Vanquis Bank website are not set by Vanquis Bank.
A cookie set by Vanquis Bank this is known as a ‘first party cookie’. Cookies set by other persons on a Vanquis Bank website are referred to as ‘third party cookies’. Examples of these include third party cookies set by business partners of Vanquis Bank.
Vanquis Bank does not control the ‘third party cookies’ and the responsibility for their use lies with that third party.
We suggest you check with the third party websites for more information about their cookie policies and how to manage them.
Some of the business partners that may set third party cookies on the Vanquis Bank website include:
|Partner Name||Cookie Name||Cookie Purpose|
|Bing||MUID||This cookie is an analytics service provided that connects data from the Bing advertising network with actions performed on the Website.|
|Visual Website Optimizer||_vwo_uuid_v2||This tool allows us to test improved variants of our pages to selected customers to optimise the journey for future customers.|
|OMG||ASP.NET_SessionId||This is used to track referrals made by OMG network.|
|Affiliate Window||ASP.NET_SessionId||This is used to track referrals made by Affiliate Window network.|
How to control and delete cookies
We know that people have concerns about cookies, but we believe that the benefit that you and Vanquis Bank gain from their proper use is worthwhile. You can delete the files that contain cookies – those files are stored as part of your Internet browser. If you wish to restrict or block the cookies which are set by providentfinancial.com, or indeed any other website, or if you wish to receive notification of cookie placement requests or decline cookies completely, you can do this through your browser settings. The Help function within your browser should tell you how. Please be aware that declining or denying cookies may prevent you from being able to use the website to its highest capability.
Alternatively, you may wish to visit www.aboutcookies.org which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies. For information on how to do this on the browser of your mobile device you will need to refer to your manual.
How to disable this:
You can choose to disable the Service at http://www.clicktale.net/disable.html. Please note that the opt out uses a third party cookie such that if a Visitor erases their cookies they will need to click the Disable Clicktale option again in order to opt out from being tracked by the Service.