Infinity Arvest Bank
AdvantagesTestimonialsFAQContactsBlog

Infinity Arvest Bank Privacy Policy

This Privacy Policy explains how Infinity Arvest Bank ("Infinity Arvest Bank", "we", "us", or "our") collects, uses, discloses, and protects your personal data when you use our banking products and services, visit our branches, websites, mobile applications, or otherwise interact with us in England.

  1. Who We Are Infinity Arvest Bank is a banking institution operating in England. We provide a range of financial services including current accounts, savings, loans, payment services, and digital banking. We act as a data controller for the personal data we process about you.

  2. Data We Collect We collect and process different categories of personal data depending on your relationship with us and the products you use:

    • Identification data: name, date of birth, nationality, identification numbers (such as passport, driving licence, or national ID), signatures.
    • Contact data: home and correspondence address, email address, telephone numbers.
    • Financial data: bank account numbers, sort codes, transaction history, payment instructions, balances, direct debits, standing orders, card details (partially masked where applicable), credit and debit records.
    • Employment and income data: occupation, employer details, salary, other income sources, tax information.
    • Risk and compliance data: information for anti‑money laundering (AML), counter‑terrorist financing, fraud prevention, sanctions screening, politically exposed person (PEP) checks, creditworthiness and risk assessments.
    • Technical and usage data: IP address, device identifiers, browser type, operating system, app version, access times, pages viewed, clickstream and usage patterns on our websites and mobile apps.
    • Communication data: records of emails, secure messages, letters, telephone calls (where recorded), in‑app chat, complaints and feedback.
    • Marketing and preference data: your marketing consents, contact preferences, and records of marketing campaigns you interact with.

Where required, we may collect special category data (for example, data relating to health or vulnerability) when it is relevant to providing you with appropriate banking services and where permitted by law.

  1. How We Collect Your Data We collect personal data from:

    • You directly, when you complete application forms, provide documents, communicate with us, use our branches, online services or mobile apps.
    • Your use of our products and services, such as payment and transaction activity, card usage, and online banking behaviour.
    • Third parties, including credit reference agencies, fraud prevention agencies, public databases, business directories, social media (where you interact with us), and other banks or payment service providers involved in your transactions.
    • Our service providers and partners who support our banking operations, technology, and security.

  2. Legal Basis for Processing We process your personal data only when we have a lawful basis under applicable data protection laws, including:

    • Contract: to enter into and perform our contracts with you (for example, to open and manage your account, execute transactions, issue cards, provide credit).
    • Legal obligation: to comply with applicable laws and regulatory requirements in England and other relevant jurisdictions (for example, AML, KYC, tax reporting, banking regulations, record‑keeping).
    • Legitimate interests: to pursue our legitimate business interests, provided your rights and interests do not override them (for example, securing our systems, preventing fraud and abuse, improving our services, managing risk, and ensuring business continuity).
    • Consent: where you have given us explicit consent (for example, for certain marketing activities or where required for processing special category data). You may withdraw your consent at any time as described below.
    • Vital interests or public interest: in rare cases, to protect your vital interests or where required in the public interest.

  3. How We Use Your Data We use your personal data for the following purposes:

    • Providing and managing banking services: opening and maintaining accounts, processing deposits and withdrawals, executing payments and transfers, issuing cards, granting and managing loans and credit, and delivering related services.
    • Customer identification and verification: carrying out KYC checks, confirming your identity, verifying addresses and contact details, and ensuring you are eligible for our products.
    • Risk management and compliance: conducting credit checks, monitoring transactions for unusual or suspicious activity, carrying out AML and fraud checks, sanctions screening, and fulfilling regulatory reporting obligations.
    • Customer support and communication: responding to queries, complaints and requests; providing alerts, statements, notifications and service updates; and communicating changes to terms, policies or security.
    • Service improvement and development: analysing how our services are used, conducting surveys and analytics, testing and enhancing our systems, and developing new products and features.
    • Security and fraud prevention: protecting your accounts, our systems and our premises; monitoring for and responding to security incidents, fraud, and misuse.
    • Marketing and relationship management: where permitted, sending you information about our products, services, events, and offers that may interest you, including those related to our "harvest"-branded or themed savings and investment products; tailoring content and communications to your profile and preferences.
    • Business operations: internal reporting, auditing, accounting, and maintaining records in line with legal and regulatory requirements.

  4. Automated Decision‑Making and Profiling We may use automated systems to make certain decisions, for example:

    • Credit decisions: assessing applications for loans, overdrafts, or other credit products.
    • Fraud and AML monitoring: detecting unusual patterns of activity and flagging transactions for review.

These processes may involve profiling based on your financial behaviour and other information. Where automated decisions have legal or similarly significant effects, we will ensure that they are made in accordance with applicable law and that you can request human review, express your views, and contest the decision where required.

  1. How We Share Your Data We may share your personal data with:
    • Group entities and affiliates of Infinity Arvest Bank, where necessary for internal administration, risk management, and consolidated reporting.
    • Service providers and professional advisers, such as IT and cloud service providers, payment processors, card manufacturers, communication providers, auditors, consultants, and legal advisers, who process data on our behalf under strict contractual safeguards.
    • Other financial institutions and payment service providers, such as intermediary banks, correspondent banks, clearing and settlement systems, and merchants, to process your transactions.
    • Credit reference agencies and fraud prevention agencies, for credit assessment, identity verification, and fraud detection and prevention.
    • Regulators, authorities and law enforcement, including banking regulators, tax authorities, courts, and other public bodies, where required by law or to protect our rights and the rights of others.
    • Potential buyers, investors or transferees, in connection with corporate transactions (such as mergers, acquisitions, asset sales or restructuring), subject to appropriate confidentiality protections.

We do not sell your personal data.

  1. International Transfers Your personal data may be transferred to and processed in countries outside England and the United Kingdom, including countries that may not offer the same level of data protection as the UK. When we transfer personal data internationally, we will ensure that appropriate safeguards are in place in accordance with applicable data protection laws, such as:
    • Adequacy regulations or decisions by relevant authorities.
    • Standard contractual clauses or equivalent contractual protections.
    • Other lawful transfer mechanisms where applicable.

You may contact us to obtain more information about these safeguards.

  1. Data Retention We retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy and to comply with legal, regulatory, accounting, and reporting requirements. In general, this means we will keep data:
    • For the duration of your relationship with us and for a defined period thereafter.
    • For as long as required under applicable banking, anti‑money laundering, and financial regulations, which may require us to retain certain records for several years after your account is closed or our relationship ends.

When data is no longer required, we will securely delete, anonymise, or otherwise dispose of it.

  1. Your Rights Subject to applicable law, you have the following rights regarding your personal data:
    • Access: to obtain confirmation of whether we process your data and to request a copy.
    • Rectification: to request correction of inaccurate or incomplete data.
    • Erasure: to request deletion of your data where there is no valid reason for us to continue processing it (subject to legal obligations to retain certain information).
    • Restriction: to request restriction of processing in certain circumstances.
    • Objection: to object to processing based on our legitimate interests and to object at any time to the use of your data for direct marketing.
    • Data portability: to receive certain data in a structured, commonly used, machine‑readable format and to request its transfer to another controller where technically feasible.
    • Withdrawal of consent: where processing is based on consent, to withdraw your consent at any time; this will not affect the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, please contact us using the details provided in the "Contact Us" section below. We may need to verify your identity before responding to your request.

  1. Security We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, alteration, and destruction. These measures include:
    • Encryption and secure transmission of data.
    • Access controls and authentication mechanisms.
    • Regular monitoring, testing, and auditing of our systems.
    • Staff training and confidentiality obligations.

Despite our efforts, no system can be completely secure. You also play an important role in keeping your data safe by protecting your passwords, PINs, devices, and login details, and by notifying us promptly if you suspect any unauthorised access or fraudulent activity on your accounts.

  1. Cookies and Online Tracking Our websites and mobile applications may use cookies and similar technologies to:
    • Enable core site and app functionality.
    • Remember your preferences and improve your user experience.
    • Analyse usage and performance.
    • Support security and fraud prevention.

Where required, we will ask for your consent before placing certain cookies on your device. You can manage your cookie preferences through your browser or device settings, but disabling some cookies may affect the functionality of our digital services.

  1. Children’s Data Our services are generally not directed at children under 18, except for specific products explicitly designed for younger customers (such as youth or student accounts). Where we process personal data of minors, we do so only as permitted by law and with appropriate safeguards.

  2. Changes to This Privacy Policy We may update this Privacy Policy from time to time, for example to reflect changes in law, regulation, or our services. When we make material changes, we will take appropriate steps to notify you, such as updating the date at the top of this policy, posting a notice on our website, or contacting you directly.

  3. Contact Us If you have any questions about this Privacy Policy, or if you wish to exercise your data protection rights, please contact us using the contact details provided on our official website or through your local Infinity Arvest Bank branch in England.

If you are not satisfied with our response, you may have the right to lodge a complaint with the relevant data protection authority in the United Kingdom.

Your privacy at Infinity Arvest Bank

Infinity Arvest Bank uses cookies and similar technologies to operate our website securely, remember your preferences and analyse how visitors use our services. This helps us improve performance, personalise content and ensure that you can safely harvest the full benefits of our digital banking tools. You can learn more about how we handle data, how long we store it and how to update your choices at any time in our detailed Privacy Policy. View full Privacy Policy