Our Privacy Policies

Open Banking Limited (which we’re going to call the Open Banking Implementation Entity, or ‘OBIE‘ in this privacy policy) is committed to respecting the privacy of everyone who we interact with – whether that is because:

If you use the Payment Initiation Services or Account Information Services enabled by OBIE, we do not process your personal data. You can find out more about our role in our Customer FAQs. If you need further information about any of the terms in this privacy policy the Glossary is a great place to look.

If you work, or have worked, at OBIE and have a question about the use of data relating to you, or you would like to exercise your rights in respect of that data, please contact hr@openbanking.org.uk.

Open Banking Limited is a private company incorporated and registered in England with company number 10440081 whose registered office is at 2 Thomas More Square, London, United Kingdom, E1W 1YN. We collect and store the information detailed below and are responsible for how it is used. If you want to get in touch with us then please email privacy@openbanking.org.uk

These privacy policies explain how we use personal data. They may be amended from time to time so please check back on a regular basis.

Keeping you informed about Open Banking

You have the option of asking to be kept informed of OBIE’s activities by registering via this website. When you do this, we will send you updates about the Open Banking APIs and news about other activities of OBIE which we think may be of interest to you. We won’t provide data relating to you to anyone else, and if you’d like us to stop sending you email, then you just need to ask.

We may also use your information:

The use of this information is necessary to support the legitimate interests of OBIE to develop the Open Banking Ecosystem. We will retain your information until you ask us to no longer send you news and updates or participate in our activities.

Open Banking Directory

If you apply to enrol in the Open Banking Directory (the “Directory”) we will collect the name, job title, email address and phone number for your nominated Primary Business Contact and nominated Primary Technical Contact as well as any additional business and technical contacts you may add to the Directory. We require this information for each Participant in the Directory.

This information will be used by OBIE to communicate with you about your participation in the Directory. The technical contact and business contact information may also be made available to other enrolled Participants in the Directory to enable them to contact you directly about your participation in the Directory when necessary (e.g. when diagnosing technical connection problems between entities or when resolving payment service user enquiries or disputes).

In the course of processing your enrolment you will be asked to provide both a copy of your passport or national identity card, and a copy of a document showing your residential address. We will use this information to verify your identity which is necessary to prevent fraudulent use of the Directory.

We may collect the following information every time you interact with the Directory.

The use of this information is necessary to support the legitimate interests of OBIE to protect the operations, security and integrity of the Directory and for help in troubleshooting problems with the Directory.

Your information will be retained for six years as it may be required for establishment, exercise or defence of legal claims.

The Open Banking Dispute Management System

If you register with the Open Banking Dispute Management System (DMS) we will collect the name, email address and phone number of the nominated DMS Contact.

This information will be used by OBIE to communicate with you about your participation in the DMS. The use of this information is necessary to support the legitimate interests of OBIE to provide the DMS.

Participation in Open Banking Working Groups and Consultative Forums

If you participate in the work of Open Banking, your personal details, typically your name and the organisation you represent, may appear in agendas, minutes and reports. OBIE processes this data in accordance with its legal obligations under the CMA Order.

Journalists and Stakeholders

One of OBIE’s core missions is to explain how Open Banking works and our role in the payments and FinTech ecosystem. To facilitate this, the OBIE team members maintain contact information (name, email address, phone numbers) of journalists and stakeholders. Generally we have this information because you gave it to us. If you’d like us to stop talking to you about Open Banking then please let your contact know or alternatively email privacy@openbanking.org.uk and we’ll make sure this happens.

Sharing your information

We use a number of other companies to help us provide the Open Banking Services. These third parties act on our instructions and carry out services on our behalf (they are processors). Where we do this we require them not to use your information for any other purposes. Your information may be processed by the following third parties.

And if you enrol in the Directory, your data will also be processed by these third parties.

Where it is strictly necessary, we may also share your information:

Data export

Your information may sometimes be processed in other countries, including countries outside the EEA. The laws of such countries may not provide the same standard of protection to individuals in respect of their personal information. However we will take reasonable steps to put in place measures to protect your information. In some cases this is the participation of the third party in the Privacy Shield Framework and in other cases we make sure there are contractual provisions based on standard data protection clauses. If you would like further information in respect of a particular processing operation please contact privacy@openbanking.org.uk

Your rights

If you wish to access, correct or delete any of your personal information as held by us, object or restrict the processing of data relating to you, or if you have any questions or concerns about our Privacy Policies or information we hold about you please contact privacy@openbanking.org.uk.

You also have the right to complain to the Information Commissioner. You can contact the Information Commissioner at https://ico.org.uk/concerns/ or call the ICO helpline on +44 (0)303 123 1113.