Arvest Bridge Bank

Arvest Bridge Bank is a modern English bank focused on bringing together traditional financial stability and innovative digital services. Operating across England, Arvest provides personal and business clients with secure current accounts, smart savings solutions, flexible lending, and seamless online banking, all supported by a dedicated local team.

Privacy Policy of Arvest Bridge Bank

  1. Introduction

This Privacy Policy explains how Arvest Bridge Bank ("Arvest", "we", "us", or "our"), a bank operating in England, collects, uses, discloses, and protects your personal data when you use our products, services, websites, mobile applications, or otherwise interact with us. It also explains your rights under applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using Arvest services or providing your personal data to us, you acknowledge that you have read and understood this Privacy Policy.

  1. Data Controller

The data controller responsible for your personal data is:

Arvest Bridge Bank [Registered address] England

If you have any questions about this Privacy Policy or our data protection practices, you can contact us at:

Email: [[email protected]] Phone: [+44 (0)0000 000000] Postal: Data Protection Officer, Arvest Bridge Bank, [Registered address], England

  1. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Identification and contact details

  • Full name
  • Date and place of birth
  • Residential and correspondence addresses
  • Email address, phone number(s)
  • Nationality and residency information
  • Government-issued identification details (e.g., passport, driving licence, national ID number)

3.2 Financial and account information

  • Bank account numbers and sort codes
  • Payment card details (card number, expiry date, limited transaction data)
  • Account balances and transaction history
  • Direct debits, standing orders, and payee details
  • Credit and debit information, including credit scores where applicable

3.3 Regulatory and risk-related data

  • Information required for Know Your Customer (KYC) checks
  • Anti-money laundering (AML) and sanctions screening data
  • Information about source of funds and source of wealth
  • Records related to fraud prevention and suspicious activity

3.4 Usage and technical data

  • Login credentials and security information (usernames, encrypted passwords, security questions)
  • IP address, device identifiers, browser type and version
  • Information about how you use our websites, mobile apps, and online banking services
  • Cookie data and similar technologies (for more details, see our separate Cookie Policy, where applicable)

3.5 Communication and interaction data

  • Records of your communications with us (emails, letters, telephone call recordings, chat messages)
  • Customer service enquiries, complaints, and feedback

3.6 Special category and sensitive data In limited circumstances, and only where permitted by law, we may process special category data, such as:

  • Biometric data (e.g., facial recognition or voice recognition for authentication)
  • Data relating to criminal convictions or offences for fraud prevention and regulatory checks

We will only process such data where necessary and with appropriate safeguards in place, and where required, we will obtain your explicit consent.

  1. How We Collect Your Data

We may collect personal data in the following ways:

  • Directly from you: when you open an account, apply for a product or service, complete forms, update your details, contact us, or use our services.
  • Automatically: when you use our online or mobile services, we collect technical and usage data using cookies and similar technologies.
  • From third parties: for example, from credit reference agencies, fraud prevention agencies, public databases, business directories, social media platforms (where you interact with our official pages), and other financial institutions.
  • From joint account holders, authorised representatives, or your employers (for business or corporate accounts).
  1. Legal Bases for Processing

We process your personal data only where we have a lawful basis under the UK GDPR, including:

5.1 Performance of a contract To provide banking and financial services to you, including opening and managing your accounts, processing transactions, and responding to your requests.

5.2 Legal and regulatory obligations To comply with legal obligations applicable to banks in England, such as AML and KYC requirements, tax reporting, record-keeping, and regulatory reporting.

5.3 Legitimate interests To pursue our legitimate business interests, provided your interests and fundamental rights do not override those interests, for example:

  • Improving and developing our products and services
  • Ensuring the security of our systems and preventing fraud
  • Managing our relationship with you and maintaining accurate records

5.4 Consent Where required by law, we may rely on your consent, for example for certain marketing communications or the use of specific cookies. You may withdraw your consent at any time (see Section 10).

  1. How We Use Your Personal Data

We may use your personal data for the following purposes:

  • To open, administer, and manage your accounts and services with Arvest
  • To process payments, transfers, deposits, withdrawals, and other transactions
  • To verify your identity, conduct KYC checks, and assess and manage credit risk
  • To detect, prevent, and investigate fraud, money laundering, terrorist financing, and other financial crime
  • To comply with applicable laws, regulations, and regulatory guidance
  • To provide you with online and mobile banking services and to ensure their security
  • To respond to your enquiries, complaints, and requests for support
  • To send you service messages, account alerts, and important updates
  • To analyse usage of our services and improve our products, user experience, and security features
  • To conduct internal audits, compliance checks, and risk management activities
  • To provide you with information about Arvest products or services that may be of interest to you, subject to your marketing preferences
  1. Sharing Your Personal Data

We may share your data with the following categories of recipients, always subject to appropriate safeguards and only where permitted by law:

  • Other Arvest group entities (if any), for operational, regulatory, and risk management purposes
  • Service providers and professional advisers who assist us in providing our services (e.g., IT providers, payment processors, card issuers, auditors, legal advisers)
  • Credit reference agencies and fraud prevention agencies
  • Other banks and financial institutions to process transactions (e.g., correspondent banks, payment networks)
  • Regulators, supervisory authorities, tax authorities, law enforcement, and courts where we are required to do so by law or have a legitimate interest in doing so
  • Third parties involved in a corporate transaction such as a merger, acquisition, or sale of assets, subject to confidentiality protections

We do not sell your personal data.

  1. International Transfers

Where we transfer your personal data outside the UK or the European Economic Area (EEA), we will ensure an adequate level of protection by:

  • Transferring to countries that have been recognised as providing an adequate level of data protection; or
  • Implementing appropriate safeguards such as the UK-approved International Data Transfer Agreement or standard contractual clauses; or
  • Relying on another lawful transfer mechanism permitted by data protection law.

You can contact us for more information about transfers and the safeguards we apply.

  1. Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected, including for:

  • The duration of your relationship with Arvest
  • Compliance with legal, regulatory, and accounting requirements
  • Establishing, exercising, or defending legal claims

In many cases, banking regulations require us to retain certain records for a minimum period (for example, 5–7 years after an account is closed). Once retention periods expire, we will securely delete or anonymise your data.

  1. Your Rights

Under the UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data (subject to certain conditions and exemptions):

  • Right of access: to obtain confirmation whether we process your data and to request a copy of your personal data.
  • Right to rectification: to have inaccurate or incomplete data corrected.
  • Right to erasure: to request deletion of your personal data in certain circumstances.
  • Right to restriction of processing: to request that we limit the processing of your data in certain situations.
  • Right to data portability: to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller where technically feasible.
  • Right to object: to object to our processing of your data based on legitimate interests or direct marketing.
  • Rights related to automated decision-making: to request human intervention, express your point of view, and contest decisions that are based solely on automated processing and produce legal or similarly significant effects.

To exercise any of these rights, please contact us using the details in Section 2. We may need to verify your identity before responding to your request.

  1. Marketing Communications

We may use your contact details to provide you with information about Arvest products and services that may be relevant to you, in accordance with your preferences and applicable law.

You can opt out of receiving marketing communications at any time by:

  • Following the unsubscribe instructions in our emails or messages; or
  • Contacting us using the details provided in Section 2.

Please note that even if you opt out of marketing, we may still send you non-marketing communications related to your accounts or our ongoing relationship with you.

  1. Security of Your Data

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include, where appropriate:

  • Encryption, access controls, and secure storage
  • Network and infrastructure security controls
  • Regular monitoring, testing, and auditing of our security measures
  • Staff training and confidentiality obligations

However, no system can be completely secure. You are responsible for keeping your login details and other security information confidential and for notifying us promptly if you suspect any unauthorised use of your accounts.

  1. Cookies and Similar Technologies

Our websites and online services may use cookies and similar technologies to collect technical and usage data, enhance your user experience, and support security and performance.

Where required by law, we will obtain your consent before placing non-essential cookies on your device. You can manage your cookie preferences through your browser settings or our cookie management tools, subject to certain limitations.

For more details, please refer to our separate Cookie Policy (if available on our website).

  1. Children’s Data

Our products and services are generally not directed to children under 18, except where we expressly provide specific products for minors (for example, youth savings accounts). Where we process children’s data, we will do so only with appropriate safeguards and, where required, with the consent of a parent or guardian.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes, we will take appropriate steps to inform you, such as updating the date at the top of this notice and, where appropriate, providing you with a more prominent notice (for example, by email or via our online banking platform).

We encourage you to review this Privacy Policy periodically to stay informed about how Arvest handles your personal data.

  1. Complaints

If you have concerns about how we process your personal data, please contact us first using the details in Section 2 so we can try to resolve your concerns.

You also have the right to lodge a complaint with the UK data protection authority:

Information Commissioner’s Office (ICO) Website: https://ico.org.uk Telephone: +44 (0)303 123 1113

If you are located outside the UK, you may also have the right to complain to your local data protection authority.

By continuing to use Arvest Bridge Bank services, you acknowledge that you have read and understood this Privacy Policy and how we use your personal data.

Use of cookies and data at Arvest Bridge Bank

Arvest Bridge Bank uses cookies and similar technologies to ensure the secure and stable operation of our website, to analyse how visitors use our services, and to improve the content we provide. Some cookies are necessary for the site to function correctly, while others help us personalise your experience. You can manage your cookie preferences at any time. For full details on how Arvest collects, stores, and protects your personal data in England, please review our Privacy Policy page before continuing to use the site. Open Arvest Privacy Policy