Who are we?
We are Monzo Bank Limited (âweâ, âourâ, âusâ) and operate under the name of Monzo. Weâre registered with the UK data protection authority (the Information Commissionerâs Office or ICO) under number ZA108184.
This policy explains how and why we use your personal information when you open a current account and use our app or card, or services for account holders on monzo.com. For information about the data we collect when you use our community forum on our website, see our Monzo Community Forum Privacy Notice. For information about business accounts, please see our Business Customer Privacy Notice . Read our Cookie Notice for information on how we use cookies.
Got a question about something in this policy, or want to contact our Data Protection Officer (DPO)?
- Chat with us through the app or send us an email at help@monzo.com
- Write to us at Monzo, 38 Finsbury Square, London, EC2A 1PX, UK
The information we hold about you, and how we use it đ
Information you give us through the Monzo app
- Details you give when you sign up for a Monzo account, like your name, phone number, home address, date of birth (âbasic detailsâ), and ID, so we can set up an account for you.
- A âselfieâ video when you set up an account with us.
- The log-in credentials and settings you choose for your app and card, so we can give you the services you ask for safely.
- Your profile picture if you add one.
- Details about your financial circumstances, to work out if we can lend money to you.
- Details you give us when you sign up for a specific service, like your National Insurance number if you open an ISA.
- Details you give us which we pass to our partners when you let us know youâre interested in their services (like energy switching).
- Information you give us through Monzo chat so we can help you.
- Answers you give to surveys so we can improve our services.
Information we collect if you get in touch
If you use other ways to get in touch than Monzo chat, we collect the following information so we can answer your questions or take any action:
- The phone number youâre calling from and information you give us during the call (we record all calls).
- The email address you use and the contents of your email (and any attachments).
- Public details from your social media profile (like Facebook, Instagram or Twitter) if you reach out to us via these platforms, and the contents of your messages or posts to us.
Information we collect when you use the app and our services
We collect this information to give you services in a safe and lawful way, and to keep improving them. This includes:
- details about payments to and from your Monzo account, your savings activity (using Pots) and any overdrafts or loans you take out
- details about services from us and our partners that you express interest in
- details about how you use our app
Information we collect from your phone
- The mobile network and operating system you use, so we can analyse how our app works and solve bugs.
- Your IP address and device ID for security reasons (weâll link your mobile phone number with your device).
- Your mobile advertising ID, so we can share it with companies that help us with advertising online. You can reset this ID or limit tracking in âSettingsâ on your phone.
- Your location if youâve authorised tracking, so we can protect you against fraud.
- Your phone contacts who use Monzo, if you activate Payments with Friends, and they do too (we donât store your full address book).
Information we get from external sources
When you sign up, we search your record at:
- credit reference agencies to check if we can offer you an overdraft (this is a 'soft search' and wonât impact your credit score). If you ask for an arranged overdraft or a loan, we do a full search.
- fraud prevention agencies and KYC (Know Your Customer) and AML (Anti Money Laundering) service providers to fulfil our legal duties.
We may also collect information about you from public sources for AML reasons or market research. This includes:
- official public records, like the Electoral Register or Companiesâ House
- information published by the press or on social media.
If you sign up to a service from one of our partners through the Monzo app (like energy switching or remortgaging), they may share details with us about your deal.
Our reasons for using your information đ
European Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent. In this section we explain which one we rely on to use your data in a certain way.
We need to use your data for a contract we have with you, or to enter into a contract with you. We use details about you to:
- consider your application
- give you the services we agreed to in line with our terms and conditions
- send you messages about your account and other services you use if you get in touch, or we need to tell you about something
- exercise our rights under contracts weâve entered into with you, like managing, collecting and recovering money you owe us
- investigate and resolve complaints and other issues
We need to use your data to comply with the law. We:
- confirm your identity when you sign up or get in touch
- check your record at immigration and fraud prevention agencies
- prevent illegal activities like money laundering, tax evasion and fraud
- check your credit history and financial circumstances if you apply for an arranged overdraft or a loan so that we can make responsible lending decisions
- keep records of information we hold about you in line with legal requirements
- adhere to banking laws and regulations (these mean we sometimes need to share customer details with regulators, law enforcement or other third parties)
When itâs in our âlegitimate interestâ. We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third partyâs) interest and which doesn't involve overriding your privacy rights. We:
- check your record at credit reference agencies when you sign up to see if we can offer you an overdraft or a loan (this is a soft check)
- tell you about products and services through the app or other channels, like social media companies, based on how you use our products and services and other information we hold about you. We do this so that we can make sure our marketing is useful. We donât share any other identifying information about you with social media than your mobile advertising ID (unless youâve disabled it).
- show where you were when you bought something with Google maps (in the Monzo app) and send you travel reports when youâre abroad (we tell this from transaction data, not by tracking your phone).
- track, analyse and improve the services we give you and other customers and how you respond to ads we show. We may ask for feedback if youâve shown interest in a service. We do this so that we can make our products better and understand how to market them.
- protect the rights, property or safety of us, our customers or others
- carry out security and maintenance checks to make sure our app, website and other services run smoothly for you
- manage Monzoâs business and financial affairs and protect our customers and staff
- share information with credit bureaus so we can benefit from up-to-date information when we make lending decisions, and other companies so they can help us provide our services
Consent. Weâll ask for your consent to:
- record any issues you want us to know about, like a gambling addiction or information about your health, so we understand how to best support you
- tell you about our products and services, and those of our partners if we think theyâre of interest to you. You can unsubscribe from our emails by email or via the app. If you donât want to see lending promotions, you can opt out in your app âSettingsâ
- help protect you against fraud by tracking the location of your phone if youâve authorised it (iOS)
- show your profile picture in the app if you add one
- show your profile picture and name to Monzo contacts in their app if you turn on âPayments with Friendsâ, provided theyâve stored your phone number. (If you pay someone, theyâll see your name regardless of whether or not youâve turned on Payments with Friends. Itâs our legal duty to show this, so it isnât something you can opt out of.)
- share information about you with companies we work with when we need your permission (see âWho we share your data withâ below)
You donât have to share information about yourself if you donât want to. But if you donât, you may not be able to use some (or any) of our services.
Who we share your data with đ¤
Companies that give services to us. Here we mean companies that help us provide services you use, and need to process details about you for this reason. We share as little information as we can and encrypt and/or make it impossible for you to be identified by the recipient where possible (for instance by using a User ID rather than your name).
- companies that make our Monzo cards
- card producers and networks, like MasterCard
- Know Your Customer (KYC) and Anti-Money Laundering (AML) service providers that help us with identity verification or fraud checks like Jumio and Onfido
- credit reference agencies (for information on how they use data please read the Credit Reference Agency Information Notices of CallCredit and Experian)
- cloud computing power and storage providers like Amazon Web Services (AWS) and Google Cloud
- our business intelligence and analytics platform provider Looker
- companies that help us with functional analytics (to help us solve technical issues with the app for instance)
- companies that help us with marketing (but we wonât share identifiable personal data with third parties for their own direct marketing unless you give us permission, and you can opt out any time)
- software companies that we use for emailing you
- companies that help us with customer support (like our subsidiaries)
- companies that offer benefits or rewards through special programmes you sign up to via the app
- companies that print written statements and notices
- companies that manage our CCTV and security if you visit our offices
Anyone you give us permission to share it with. We tell you in the app when we need your consent to share your data with:
- companies that introduce their own services via the Monzo app, like energy switching, insurance or remortgaging
- other customers you want to set up joint Monzo accounts with
- other banks if you use account switching or aggregation services
- people youâve asked to represent you, like solicitors
Law enforcement and other external parties. We may share your details with:
- authorities that spot and stop financial crime, money laundering, terrorism and tax evasion if the law says we have to, or if itâs necessary for other reasons
- the police, courts or dispute resolution bodies if we have to
- other banks to help trace money if youâre a victim of fraud or other crimes or if thereâs a dispute about a payment
- any other third parties where necessary to meet our legal obligations
We may also share your details with people or companies if thereâs a corporate restructure, merger, acquisition or takeover.
Other Monzo Group companies. Our subsidiaries in the US help us with customer support. We may also share details about you with Monzo Inc for other lawful reasons if you open a US Monzo account (this is only available to US residents).
When we make automated decisions đ˛
We sometimes use computers to make decisions. We do this for things like deciding if we can give you an arranged overdraft or loan based on information we hold about you, and information we get from credit reference agencies. This includes details on whether youâve kept up to date with payments on any credit accounts, and if youâve been to court. You can ask for a member of the team to review a decision via Monzo Chat.
We also use automated checks to make decisions about applications for Monzo accounts. But we never reject an application unless a member of staff has reviewed it first.
How long we keep your information đ
We keep most of your data as long as youâre using Monzo, and for 6 years after that to comply with the law and if we face a legal challenge. In some circumstances, like cases of anti-money laundering or fraud, we may keep data longer if we need to (thatâs in our legitimate interest) and/or the law says we have to.
To work out how long we keep different categories of data, we consider why we hold it, how sensitive it is, how long the law says we need to keep it for, and what the risks are.
Your rights â
You have a right to:
- access the personal data we hold about you, or to get a copy of it
- ask for a copy of your personal data in a portable (machine-readable) format or make us send it to someone else
- make us correct inaccurate data
- ask us to delete, 'block' or suppress your data, though for legal reasons we might not always be able to do it
- say no to us using your data for direct marketing and in certain other âlegitimate interestâ circumstances
- withdraw any consent youâve given us
- ask a member of staff to review a computer-made (automated) decision
To do any of these things, please contact us through the app or by emailing help@monzo.com. EU data protection laws, like the GDPR, give us one month to respond.
Where we store or send your data đ
We may transfer and store the data we collect from you to organisations outside the European Economic Area (âEEAâ). When we do this, we make sure that your data is protected and that:
- the European Commission says the country or organisation has adequate data protection, or
- weâve agreed to standard data protection clauses approved by the European Commission with the organisation.
If youâd like a copy of the relevant data protection clauses, please get in touch via Monzo chat or send an email to help@monzo.com.
How to make a complaint đ
If you have a complaint about how we use your personal information, please contact us through the app or send an email to help@monzo.com and weâll do our best to fix the problem. You can also reach our Data Protection Officer in these ways.
If youâre still not happy, you can refer your complaint with a data protection supervisory authority in the EU country you live or work, or where you think a breach has happened. The UKâs supervisory authority is the Information Commissionerâs Office (ICO). For more details, you can visit their website at ico.org.uk.
Changes to this policy đ
Weâll post any changes we make to our privacy notice on this page and if theyâre significant changes weâll let you know by email.