How we use your information

The Data Protection Act puts obligations on users of personal information and lays down principles for its use. One principle states that information has to be processed fairly and lawfully. This means that you are entitled to know how we intend to use any information you provide. You can then decide whether you want to give it to us.

Organisations must lodge a notification with the Information Commissioner describing the purposes for which they process personal information. The details are publicly available from the Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Or you can call 01625 545745 or fax 01625 524510. Alternatively, see the Commissioner's website (www.ico.gov.uk).

Unless you have given us your consent, we will not provide information about you to companies outside our group to use for their own marketing purposes. Sometimes we need to give information to our agents and subcontractors so that they can provide a particular service for us. Sometimes, these companies may be located abroad in countries that do not have adequate data protection laws. In these circumstances we always take great care to ensure that your personal information is kept safe and secure. Other members of our group may also share your information to help keep their records up to date and administer your relationship with them.

We are also committed to meeting the standards set by the Banking Code, copies of which are available on request from us or on the BBA website (www.bba.org.uk). Occasionally, the Banking Code Standards Board's compliance monitoring body audits a sample of our customer records to assess our compliance with the Code. Whenever this happens, strict confidentiality conditions are always imposed.

Some Acts of Parliament oblige us to disclose information about our customers to certain bodies with statutory powers. For example, we must give information to authorised benefit fraud investigators where fraudulent benefit claims are suspected. In addition, the Inland Revenue has the statutory authority to audit our customers' accounts from time to time.

If you apply to us for a credit-based product, the details you provide, the information we already have and information from credit reference agencies are used to assess credit risk using a technique called 'credit scoring'. Various factors in all these details help us to assess the risk. A score is given to each factor and a total credit score obtained. If your score is above a confidential pre-set pass score, the application is likely to succeed.

If you email us, or give us your email address, we will keep a record of it. We may use it to contact you occasionally about other products and services, which may interest you, unless you ask us not to do so. We will not give your email address to any unauthorised third parties. Remember that email t will be 'insecure' and could be intercepted. If you do send us email, please keep the amount of confidential information you include to a minimum. We will do likewise when we reply.

The Data Protection Act defines certain information as 'sensitive' (racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life, criminal proceedings and offences). If we ever collect these details from you we will only use this information to provide the service you require and we will ask for your explicit consent. As a Birmingham Midshires (BM) customer, there may be times when you give us sensitive information. We may share it with other parts of the HBOS group and our subcontractors to keep your records up to date.