Monzo Bank

We read Monzo Bank's privacy policy so you don't have to.

  • Find out what they do with data about you
  • Contact them if you have a request about that data
Make a request

Organisation information

Registration country

United Kingdom

Registration number

09446231

Data Protection Officer

Organisations that use special categories of data, are public bodies, or do large scale processing must appoint a Data Protection Officer.

This organisation does not appear to have a data protection officer.

Data categories collected

Organisations must give details about what categories of data are stored and processed.

  • Bank account details

  • Bank transactions

  • Device information

  • Ethnic originSpecial category

  • Identity documents

  • Names

  • Postal address

  • Social network details

Observations

They say "There may be times when you give us ‘sensitive’ information" and then list the sensitive categories of data under GDPR. Very unclear whether they expect to collect this data of whether they are covering themselves legally.

They say they collect "the settings on your phone". It's not clear which settings those are.

From your phone, they collect "Things you give us explicit permission to see, like your address book, photos, geolocation and data from your camera.

Unusual processing purposes

Organisations must provide information about what they do with data. This section highlights less common uses of data.

This section hasn't been completed yet. Help us by updating it on GitHub.

Third parties

Organisations must give details about other parties that personal data is shared with.

List of third parties

  • Anyone who works for us when they need it to do their job

  • Card producers and networks

  • Credit reference agencies

  • Analytical, Know Your Customer (KYC) and cyber security service providers

  • Customer ‘interface’ providers (for in-app chat service)

  • Companies that do advertising for us

  • Certain authorities that detect and prevent terrorism

  • Anyone who you give us explicit permission to share it with

How specific is this information?

Third parties are listed as groups

Observations

They may share your data with "certain authorities" which "detect and prevent terrorism".

Retention rules

Organisations must give details about how long data is kept.

Summary

As long as you’re using Monzo, and for 6 years after that to comply with the law.

How specific is this information?

  • Retention rules are given without mentioning specific categories of data

  • Specific times are given for how long data is kept

Lawful bases

Organisations must justify collection and use of data under six lawful bases and provide information about their decisions

  • Consent

    Check your credit history

    Market and communicate our products and services and those of affiliated partners where we think these will be of interest to you

  • Legal obligation

    Search your record at immigration and fraud prevention agencies

    Prevent illegal activities like money laundering, tax evasion and fraud

    Make responsible lending decisions, like offering you an overdraft

  • Legitimate interests

    Market products and services generally in app

    Search your record at credit reference agencies when you sign up

Observations

They justify making automated decisions about lending as to meet their legal obligations.

Security standards

Organisations must ensure that data is stored and processed securely.

This privacy notice does not appear to have this information.

Data processing addendum

Some organisations offer a data processing addendum that gives data adequate protections when it leaves the EEA.

This privacy notice does not appear to have this information.

Automated decision making

Organisations must give details about how data is used to make decisions without human involvement.

Summary

This organisation uses automated decision making

Observations

They use automated decisions to make lending decisions like whether to offer an overdraft. You can opt out or ask for a manual review by email and in the app. They don't say which email address to opt out to.

How specific is this information?

The organisation mentions use of automated decision making for specific purposes

Complaint information

Organisations must give details about how to make a complaint with a data protection authority.

Summary

This privacy notice contains information about to make a complaint to a data protection regulator

Observations

The information for making a complaint is to the Financial Ombudsman Service, not the Information Commissioner's Office.

How specific is this information?

This privacy notice doesn't contain specific contact details for a data protection regulator

Design recommendations

Organisations are required to provide privacy information in a transparent way. The Article 29 Working Party has provided recommendations on how to do this.

Assessment

This privacy notice:

  • Has language that is easy to understand

  • Is designed in a way that makes it easy to find information

  • Can be easily found on the organisation's website

Make a request

  • See data they hold about you

    You can ask to see what data Monzo Bank has about you. They usually can’t charge for this, and they must respond to your request within a month.

    Why you might make this request

    You might want a copy of the data about you to understand what data the organisation has collected about you.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

  • Change data they hold about you

    You can ask Monzo Bank to change inaccurate or incomplete data about you. They must respond to your request within a month. Sometimes your request can be refused.

    Why you might make this request

    If an organisation is using information about you which is incorrect, you can ask them to correct it.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

  • Delete data they hold about you

    You can ask that Monzo Bank delete information about you. They must respond to your request within a month. Sometimes your request can be refused.

    Why you might make this request

    You might want to delete data about you if, for example, you have stopped using an organisation’s services.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

  • Limit how they use data about you

    You can ask that Monzo Bank only store data about you and not use it. They must respond to your request within a month.

    Why you might make this request

    You might want the accuracy of the data to be verified or you might want the organisation to hold on to data so you can make a legal claim against them.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

  • Stop their use of data about you

    You can ask Monzo Bank to stop using your data for particular reasons. They must respond to your request within a month.

    Why you might make this request

    You might want to stop the organisation using your data to for direct marketing.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

  • Export data they hold about you

    You can ask Monzo Bank to move data about you to another service or provide it in a format that can be used by another service.

    Why you might make this request

    You might want to move your data to another organisation to get a better deal.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

  • Challenge an automated decision

    You can ask Monzo Bank to give you information about how they use automated decision making, or ask for a person to review an automated decision.

    Why you might make this request

    You might want to find out about an automated decision if, for example, you were rejected for a bank loan or account.

    By email

    Email help@monzo.com using a template.

    Template

    Copy template to clipboard

    Observations from contributor

    You can opt out or ask for a manual review by email and via the app.

Last updated 2018-12-05 at 12:12:32 • Download as JSONAPI documentationView on GitHubView on OpenCorporates