Melli Bank Plc (‘Melli’) is incorporated in England & Wales with registration number 4152338. We are authorised by Prudential Regulation Authority (‘PRA’) and regulated by Financial Conduct Authority (‘FCA’) and PRA.
This privacy notice explains how your personal data will be used by us.
Your personal data is data which by itself or with other data available to us can be used to identify you. The data we hold will vary according to the account and relationship you have with us. It can include but isn’t limited to:
Personal data that the law regards as being in a special category because of its sensitivity to you can only be collected and used where you have given us explicit consent or where permitted by the law. If you provide us with documents that contain, or otherwise volunteer to us, personal data that constitutes a special category of personal data, then you will be regarded as giving your explicit consent to us processing that data as described in this privacy notice.
We collect personal data as described below directly from you and others.
To check your identity and eligibility for an account - (Purpose: Contract performance; Legal obligation)
The law requires us to verify the identity of our new customers and to re-verify the identity of our existing customers from time to time. This is so we know who our customers are and to make it more difficult for criminals to use false or impersonated identities for criminal purposes, such as hiding the proceeds of crime or committing fraud.
To verify your identity, we may check the information you provide to us with credit reference and fraud prevention agencies and publicly available information.
To manage your account and relationships with us - (Purpose: Contract performance; Legal obligation)
We will use your personal data to manage any account, product, service or relationship you have with us, in line with the terms of that arrangement and the rules of our regulators. Examples of these are:
b) Helping to resolve any problems or complaints you may have.
c) Administering any offers or promotions you’ve agreed to participate in.
To carry out risk & credit assessment - (Purpose: Contract performance; Legal obligation; Legitimate interest)
We have a legitimate interest in only lending money to customers who are able to repay it. Our regulators also require us to lend money in a responsible manner. So, whenever you apply for one of our products, we will use the personal data you give us and that we may already hold to assess the risk to us. We may also get personal data from credit reference and fraud prevention agencies to undertake credit/risk assessments of your application.
To prevent financial crime and the funding of terrorism - (Purpose: Legal obligation; Legitimate interest)
The law requires us to screen applications and to monitor accounts to help combat the threats posed to our society by terrorism and money-laundering and other financial crime. We also have a legitimate interest in avoiding losses caused by financial crime such as fraud.
We may check and share personal data held by us with fraud prevention agencies, law enforcement and other government agencies for the purpose of preventing, detecting and prosecuting financial crime and the funding of terrorism.
To recover money that is owed to us - (Purpose: Contract performance; Legitimate interest)
We have a legitimate interest in recovering debts that are due to us if there is not a satisfactory plan in place to repay them. We may instruct a debt collection agent or solicitor to act for us in recovering the debt, including by bringing legal proceedings in the courts and we will provide relevant personal data to them to help recover any money that is owed to us.
To improve our services and computer systems - (Purpose: Legal obligation; Legitimate interest)
We have a legitimate interest in making improvements to how we provide our services and to improve the security and resilience of the computer systems we use. We must also respond to any changes in law or regulation that relate to the protection of the personal data we hold.
We may use the personal data we hold to help us develop and test our systems (including new technologies and services) to ensure that they are safe and will work in the ways in which we expect them to. When we do this we will use processes and technologies that are designed to keep this personal data secure.
To manage and organise our business - (Purpose: Legal obligation; Legitimate interest)
We may carry out credit and identity checks when you apply for a product or service for you or your business with one or more credit reference agencies (‘CRAs’). We may also from time to time search personal data that CRAs have to help us manage those accounts. To do this we will share your personal data with CRAs and they will give us personal data about you. The personal data we exchange can include personal data from your application. CRAs will also supply us with public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
When we ask CRAs about you or your business, they will note it on your credit file. This is called a credit search. Other lenders may see this and we may see credit searches from other lenders.
If you’re making a joint application, or you tell us that you have a spouse or financial associate, we will link your records together - so you should make sure they know what you are doing, and share this information with them, before applying. CRAs will also link your records together. If you later want to break this link you need to talk directly to the CRAs.
You can find more about the CRAs on their websites, in the Credit Reference Agency Information Notice.
Your personal data may be transferred outside the UK and the EEA. While countries within the EEA, which includes the UK, have similar standards of legal protection for your personal data. In countries outside the EEA reasonable steps are taken to make sure your data is protected to UK standards. This include imposing contractual obligations of adequacy, or only allowing transfers to countries which have been officially recognised as having an adequate legal framework for the protection of personal data.
We will keep your personal data for no longer than is necessary to manage your relationship with us, this will mean that we will continue to hold some personal data for a period of time after your account has closed or our relationship has ended. This is to comply with our legal and regulatory obligations to keep records of our relationship, to resolve disputes or where it may be needed for future legal proceedings.
You can contact customerServicesdepartment@mellibank.com for more details on all the above
If for whatever reason you are unhappy with the way we are using your personal data, you should contact us in the first instance so that we can understand your issue and try and resolve it.
You can send your complaint to customerServicesdepartment@mellibank.com for the attention of Manager – Customer Services Department marked with private and confidential or write to the Manager – Customer Services at 98A High Street Kensington, London W8 4SG marked with private and confidential.
If you are not happy with the response from Melli following your complaint, you have the right to complain to the Information Commissioner’s Office (‘ICO’). It has enforcement powers and can investigate compliance with data protection law. For further information, visit ico.org.uk or call ICO helpline on 0303 123 1113 or write to ICO at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
We will keep this information up to date and it will be available at http://www.mellibank.com/ or on request at any time.