Who We Are

Progressive Building Society (“Progressive”, “the Society”, “we”, “us”) is committed to keeping your information secure and private. Both physical and electronic measures have been put in place to keep your data safe. This notice sets out the main points in relation to why we collect and process your personal data, the personal data we will process and hold about you and for how long we will keep the data before destroying it. This notice also provides information on your legal rights as a data subject, details of any third-party organisations which we may share your data with or may share data with us about you. Finally, this notice provides information about potential data transfers to other countries and the safeguards the Society ensures are in place. 

Purpose and basis for processing your personal data 

 

We collect and store information from you to help manage your accounts and to provide a service to you. This information is collected in various ways, including for example: 

 

  • In applications, email and letters, telephone calls and conversations in branch, when registering for services, in Member surveys, when you participate in competitions and promotions; 

  • Through Progressive Building Society websites, during mortgage and savings reviews and interviews; 

  • When you access our online portal, for example when opening or amending account(s), reviewing transactions, etc; 

  • From analysis (for example, the amount, frequency, location, origin and receipt) of payments and other transactions; 

  • Your use of services involving Progressive Building Society and what we know from operating your accounts; 

  • Information Progressive Building Society receives from other organisations such as credit reference agencies and fraud prevention agencies; 

  • From your employer, landlord, other lenders, HMRC, DWP, publicly available directories and information (e.g. telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organisations to assist in prevention and detection of crime, police and law enforcement agencies; 

  • From your professional financial or legal representatives 

 

Some of the personal information obtained from Credit Reference Agencies will have originated from publicly accessible sources. In particular, Credit Reference Agencies draw on court decisions, bankruptcy registers and the electoral register (also known as the electoral roll). Your information is used and stored for the following purposes: 

 

  • To administer and maintain your accounts 

  • To provide you with products and services and notifying you about important changes or developments to the features and operation of those products and services 

  • Updating, consolidating and improving the accuracy of our records 

  • Producing management information to help the Society understand how products are being used and understood by you to help us provide you with a good outcome. 

  • Crime detection, prevention and prosecution which includes checking your identity 

  • Administering offers, competitions and promotions 

  • Disclosing information to regulatory authorities in response to formal requests 

  • Disclosing information about you to the Society’s legal representatives for the purpose of collecting your debts to the Society 

  • Evaluating the effectiveness of marketing and for market research, training, statistical analysis and customer modelling with the aim of improving services 

  • Assessing lending applications and propositions 

  • Developing and identifying products and services which: 

  • We believe may be of interest to you 

  • Will help us manage our relationship with you 

  • Testing IT system functionality to provide a more efficient service. We will ensure that any testing is carried out in a secure and controlled environment 

  • To make automated decisions about you. 

 

The Society will rely on one of the following legal bases for processing your personal data: 

1. The processing is necessary for the performance of a contract with you or to take steps to enter into a contract. 

Processing includes everything we do with your personal information from its collection, right through to its destruction or deletion when we no longer need it. This includes for instance collecting it (from you), obtaining it (from other organisations), using, sharing, storing, retaining, deleting, destroying, transferring it overseas.  

  1. Administering and managing your account(s) and services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt where relevant; 

  1. Sharing your personal information with other payment services providers such as when you ask us to share information about your account with them; 

  1. All stages and activities relevant to managing your account(s) including enquiry, application, administration and management of accounts, illustrations, requests for transfers of equity, setting up/changing/removing guarantors where relevant; 

2. The processing is necessary for compliance with a legal obligation. 

  1. For compliance with laws that apply to us; 

  1. For establishment, defence and enforcement of our legal rights; 

  1. For activities relating to the prevention, detection and investigation of crime; 

  1. To carry out identity checks, anti-money laundering checks, and checks with Fraud Prevention Agencies pre-application, at the application stage, and periodically after that. Where you have been introduced to us by a broker or other intermediary, they may do these searches on our behalf. 

  1. To carry out monitoring and to keep records; 

  1. To deal with requests from you to exercise your rights under data protection laws; 

  1. To process information about a crime or offence and proceedings related to that (in practice this will be relevant if we know or suspect fraud); and 

  1. When we share your personal information with these other people or organisations: 

    • Your guarantor (if you have one); 

    • Joint account holders, Trustees and beneficiaries, and the person with power of attorney over your affairs; 

    • Other payment services providers such as when you ask us to share information about your account with them; 

    • Other account holders or individuals when we have to provide your information to them because some money paid to you by them should not be in your account; 

    • Fraud Prevention Agencies; 

    • Law enforcement agencies and governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner’s Office and under the Financial Services Compensation Scheme (depending on the circumstances of the sharing); and 

    • Courts and to other organisations where that is necessary for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations. 

3. The processing is necessary for the purposes of legitimate interests pursued by us or a third party. 

Legitimate interests reflect where the purpose is legitimate and is not outweighed by your interests, fundamental rights and freedoms. 

  1. Administering and managing your account(s) and services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt where relevant; 

  1. To inform you of updates, changes, enhancements, amendments, or similar, to the terms, conditions and/or makeup of our product range, but only where the interests of the data subject override those of the Society 

  1. To test the performance of our products, services and internal processes; 

  1. To adhere to guidance and best practice under the regimes of governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner’s Office and under the Financial Services Compensation Scheme; 

  1. For management and audit of our business operations including accounting; 

  1. To carry out searches at Credit Reference Agencies pre-application, at the application stage, and periodically after that. Where you have been introduced to us by a broker or other intermediary, they may do these searches on our behalf; 

  1. To carry out monitoring and to keep records; 

  1. To administer our good governance requirements such as internal reporting and compliance obligations or administration required for AGM processes; 

  1. For market research and analysis and developing statistics; 

  1. For direct marketing communications; and 

  1. When we share your personal information with these other people or organisations; 

    • Your guarantor (if relevant to you); 

    • Joint account holders, trustees and beneficiaries and any person with power of attorney over your affairs (in each case only if relevant to you); 

    • Other payment services providers such as when you ask us to share information about your account with them; 

    • Other account holders or individuals when we have to provide your information to them because some money paid to you by them should not be in your account; 

    • The broker or other intermediary who introduced you to us; 

    • Our legal and other professional advisers, auditors and actuaries; 

    • Financial institutions and trade associations; 

    • Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner’s Office and under the Financial Services Compensation Scheme; 

    • Tax authorities who are overseas for instance if you are subject to tax in another jurisdiction, we may share your personal information directly with relevant tax authorities overseas (instead of via HMRC); 

    • Other organisations and businesses who provide services to us such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back- office functions; 

    • Buyers and their professional representatives as part of any restructuring or sale of our business or assets; 

    • Credit Reference Agencies; and 

    • Market research organisations who help us to develop and improve our products and services. 

4. Processing with your consent. 

  1. When you request that we share your personal information with someone else and consent to that; 

  1. For direct marketing communications; 

5. Processing for a substantial public interest 

Such as: 

  1. Processing of your special categories of personal data such as about your health or if you are a vulnerable customer. 

  1. Processing that we need to do to fulfil our legal obligations and regulatory requirements. 

  1. When we share your personal information with other people and organisations if they need to know that you are a vulnerable customer and your relatives, social services, your carer, the person who has power of attorney over your affairs. 

6. Processing to protect your vital interest. 

Protecting the vital interests of a person also constitutes a lawful basis for data processing. This applies when someone’s life is in danger, and the processing is necessary in order to save it. 

Please note, the Society does not share or give any information to external companies for their own marketing purposes. Much of what we do with your personal information is not based on your consent, instead it is based on other legal grounds. 

 

For processing that is based on your consent, you have the right to take back that consent for future processing at any time. You can do this by contacting us using the details below. The consequence might be that we cannot send you some marketing communications or that we cannot take into account special categories of personal data such as about your health or if you are a vulnerable customer (but these outcomes will be relevant only in cases where we rely on explicit consent for this). 

 

To comply with payment services regulations, we have to share some of your personal information with other payment service providers in some circumstances such as when you ask us to share information about your account with them. Whilst those payment services regulations mention ‘consent’ for this, ‘consent’ in that context does not have the same meaning as ‘consent’ under data protection laws. The legal grounds which may be relevant to this are compliance with our legal obligations, performance of our contract with you, our legitimate interests, or a combination of these. This is why if you ask to withdraw consent from what we do with your personal information where we need to have it the payment services regulations, we may still have to hold and use your personal information. 

 

Should you not provide the Society with the personal data it legitimately requests it may not be possible to transact business with you. We would be unable to provide you with a mortgage or savings product or to process your application without having personal information about you. Your personal information is required before you can enter into the relevant contract with us, or it is required during the life of that contract, or it is required by laws that apply to us. 

Automated decisions  

 

The Society uses automated decision-making tools in certain circumstances. Specifically, automated decision making may be used by us to assess credit risk, ensure your suitability for a particular product, prevent money laundering, detect and prevent fraud and to evaluate the likelihood of default risk. We currently do not use automated decision making for marketing purposes.  

 

Automated decision making helps us ensure our decisions are quick, fair and accurate, based on the information provided to us. It can affect the products or services we offer you and is sometimes based on information that we have received from others (such as credit reference agencies).  

 

You have certain rights in respect of automated decision making. These are explained below under the heading “Your data protection rights”.   

Categories of Personal Data 

 

Personal Data 

Personal Information that we generally process in connection with all our products and services includes, but is not limited to: 

 

  • Your title, full name, your contact details, including for instance your email address, home and mobile telephone numbers; 

  • Your home address, correspondence address (where different from your home address) and address history; 

  • Your date of birth and/or age, e.g. to make sure that you are eligible to apply for the product and/or that it is suitable for you; 

  • Your nationality, if this is necessary for us to comply with our legal and regulatory requirements; 

  • Details about you proving your identity 

  • Records of how you have contacted us and, if you get in touch with us online, details such as your mobile phone location data, IP address and MAC address and details of when we contact you; 

  • Personal information which we obtain from Fraud Prevention Agencies; 

  • details of products with other providers that we may have sold to you or you have told us about; and 

  • Some special categories of personal data such as about your health or if you are a vulnerable customer (more details below). 

 

Additional Personal Information that we process in connection with a mortgage includes, but is not limited to: 

 

  • Your financial details e.g. your salary and details of other income, details of your savings, details of your expenditure, and details of account(s) held with other providers if you pay your mortgage from those account(s)]; 

  • Details about all of your existing borrowings and loans; 

  • Personal information about your credit history which we obtain from Credit Reference Agencies including data which originates from Royal Mail (UK postal addresses), local authorities (electoral roll), the insolvency service, Companies’ House, other lenders and providers of credit (who supply data to the CRAs), court judgments decrees and administration orders made publicly available through statutory public registers; 

  • Information about your employment status including whether you are employed, retired or receive benefits; 

  • Information about your occupier status, such as whether you are a tenant, live with parents or are an owner occupier of the property in which you live at the time of your application; 

  • Information which is relevant for your residency and/or citizenship status, such as your nationality, your length of residency in the UK and/or whether you have the permanent right to reside in UK; 

  • Your marital status, family, lifestyle or social circumstances if relevant to the mortgage product (e.g. the number of dependents you have or if you are a widow or widower); and 

  • Where relevant, information about any guarantor which you provide in any application. 

 

Additional Personal Information that we process in connection with a savings product includes, but is not limited to: 

 

  • Your financial details e.g. your job title, your salary range, details of your other savings, and details of account(s) held with other providers if you pay into your savings product from those other account(s); 

  • Where a person other than the savings account holder makes a withdrawal from the account, information about that person and the transaction; and 

  • Information about your tax position. 

 

Sensitive Personal Data 

On occasion it will be necessary to collect and process information which Data Protection Regulations define as “sensitive” (such as criminal convictions or health information). Criminal convictions will impact on the willingness of insurers to provide insurance and lenders to provide finance. In some circumstances you may wish to provide us with sensitive personal data to enable us to help you access and manage your accounts either permanently or temporarily. Where possible we will ask for your consent, but if you write to us, we will assume you are happy for us to record the information unless you tell us not to. If this information is provided by someone acting on your behalf, we will record what information has been provided and who gave it to us. 

Joint Applicants, Guarantors and Powers of Attorney 

 

If you make a joint application with your spouse, partner or family member, we will also collect the personal information mentioned above about that person. You must show this privacy notice to the other applicant and ensure they confirm that they know you will share it with us for the purposes described in it. If you look now at the legal basis for processing your personal data (above) you will see reference to consent and a description of some limited scenarios where it may be relevant to what we do with personal information. If we ask you to obtain consent from the joint applicant (such as for marketing) you should do that using the consent capture mechanism that we give or make available to you for that purpose. 

Recipients of your personal data 

 

Within the Society 

Information about you and any products you hold with us may be used within Progressive for all purposes necessary for performing our contract with you and for: 

 

  • making lending decisions 

  • tracing debtors and collecting debts 

  • assisting in verifying your identity 

  • assessing risks 

  • understanding your requirements 

  • developing, testing, researching and improving products and services 

  • training and business analysis 

  • legal and regulatory compliance 

  • preventing or detecting financial crime 

 

With other organisations 

The Society may disclose your personal information to other people or organisations if any of the following applies: 

 

  • The processing is necessary for the performance of a contract with you or to take steps to enter into a contract; 

  • The processing is necessary for compliance with a legal obligation; 

  • The processing is necessary for the purposes of legitimate interests pursued by us or a third party; 

  • We have your consent; 

  • For the purposes of them providing products or services, for example household insurance. Our arrangement with them will not allow them to use your information for any other purpose; 

  • For the purpose of them providing administrative, processing, analytical or other similar services to the Society to assist us in the provision of products and services to our customers (such as third party data analytics provider); 

  • For the purpose of verifying information you have given us for example verifying your income when assessing you for credit; 

  • For the purposes of improving our products, services and marketing communications, with specialist market research organisations who may contact you on our behalf and invite you to take part in market research, but who will not be allowed to use your information for anything else; 

  • Where you have opened an account or policy with another organisation, introduced to you by the Society, and you notify us of amendments to your personal details. You will also need to contact the other organisation to confirm the changes; 

  • Where we are required or permitted to do so by law or regulation. 

 

The Society does not share or give any information to external companies for their own marketing purposes. 

The Society may carry out additional fraud prevention checks using fraud prevention database services provided by third party organisations. If false or inaccurate information is provided, and fraud is identified, details will be passed to fraud prevention agencies. Law enforcement agencies and government agencies may access and use this information. 

 

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when: 

 

  • checking details on applications for credit and credit related or other facilities, such as additional loans 

  • managing credit and credit related accounts or facilities 

  • recovering debt 

  • checking details on proposals and claims for all types of insurance 

  • checking details of job applicants and employees 

 

With Credit Reference Agencies 

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”). Where you take financial services from us, we may also make periodic searches at CRAs to manage your account with us. To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.  We will use this information to: 

 

  • Assess your creditworthiness and whether you can afford to take the product; 

  • Verify the accuracy of the data you have provided to us; 

  • Prevent criminal activity, fraud and money laundering; 

  • Manage your account(s); 

  • Trace and recover debts; and 

  • Ensure any offers provided to you are appropriate to your circumstances. 

 

We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs. The identities of the CRAs, their role as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail separately. Here are links to the information notice for each of the three main Credit Reference Agencies: 

 

 

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. 

 

If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link. 

 

With Fraud Prevention Agencies 

The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by visiting www.cifas.org.uk/fpn. The organisations we share data with are: 

 

  • Registered Fraud Prevention Agencies (FPAs) 

  • Other agencies and bodies acting for the same purpose 

  • Industry databases used for this purpose 

  • Insurers 

 

Throughout our relationship with you, we and these organisations exchange data between us to help prevent, deter, detect and investigate fraud and money-laundering. We will use the information to: 

 

  • Confirm identities 

  • Help prevent fraud and / or money-laundering 

  • Fulfil any contracts you or your business has with us 

 

We or an FPA may allow law enforcement agencies to access your personal information. This is to support their duty to prevent, detect, investigate and prosecute crime. 

 

We look to prevent fraud by studying patterns in the data. We may find that an account is being used in ways that fraudsters work. Or we may notice that an account is being used in a way that is unusual for you. Either of these could indicate a risk that fraud or money-laundering may be being carried out. 

 

If we or an FPA decide there is a risk of fraud, we may stop activity on the accounts or block access to them. FPAs and cross-industry organisations may also keep a record of the risk that you or your business may pose. 

Data Privacy Notices from other organisations 

 

We have mentioned that we share your personal information with Fraud Prevention Agencies and Credit Reference Agencies. They require us to pass on to you information about how they will use your personal information to perform their services or functions as data controllers in their own right. These notices are separate to our own. Further details are provided separately. 

Transfers to third country and safeguards 

 

The Society and other organisations may access, and use from other countries, the information recorded by fraud prevention agencies. 

 

Data which is processed in the UK and Europe or other parts of the European Economic Area (EEA) is protected by European data protection standards The Society does not currently process data outside Europe so your data enjoys the protection provided by these standards. 

 

On occasion a third-party data processor may process personal information outside of the EEA for the purposes described in the “Purpose and basis for processing your personal data”, section above. 

 

Where personal information is processed in countries that do not have the same level of legislation protecting information as the UK, we will ensure your information is protected to the same level as the UK. Safeguards include contractual obligations imposed on the recipients of your personal information. Those obligations require the recipient to protect your personal information to the standard required in the European Economic Area. Safeguards also include requiring the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing and where the framework is the means of protection for the personal information. If you would like more information on the countries which may receive certain aspects of your personal data, please contact the Data Protection Officer. The contact details are shown below. 

Monitoring involving your personal data 

 

Monitoring means any listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person face to face meetings and other communications. 

We may monitor where permitted by law and we will do this where the law requires it. In particular, where we are required by the Financial Conduct Authority’s regulatory regime to record certain telephone lines (or in person meetings) (as relevant) we will do so. 

 

Some of our monitoring may be to comply with regulatory rules, self-regulatory practices or procedures relevant to our business, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures, to have a record of what we have discussed with you and actions agreed with you, to protect you and to provide security for you (such as in relation to fraud risks on your account) and for quality control and staff training purposes. 

 

Some of our monitoring may check for obscene or profane content in communications. 

 

We may conduct short term carefully controlled monitoring of your activities on your account(s) where this is necessary for our legitimate interests or to comply with our legal obligations. For instance, were we suspect fraud, money laundering or other crimes. 

 

Telephone calls, and/or in person meetings, between us and you in connection with your application and the mortgage product/savings product may be recorded to make sure that we have a record of what has been discussed and what your instructions are. We may also record these types of calls for quality control and staff training purposes. 

Retention period 

 

We will keep your information as long as permitted for our legitimate business purposes and for any retention period that we are legally required to meet. Our current practise is not to hold customer personal data beyond 10 years after a mortgage account relationship has ended or 6 years after a savings account relationship has ended. We may keep your data for longer than 10 or 6 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes. 

 

Personal data which the Society considers to be of less relevance to the performance of a contract, such as miscellaneous correspondence or telephony records, may be deleted earlier. 

Changes to your personal information 

 

If your personal information changes you should tell us without delay by contacting your local branch or Head Office, so that we can update our records. If you were introduced to us by a broker or other intermediary who is data controller in its own right, you should contact them separately. In some cases where you exercise rights against us under data protection laws, we may need to inform the broker or other intermediary but this will not always be the case. 

Your data protection rights 

 

The Right to be Informed 

This Privacy Notice provides you with information on the purpose for collecting and use of your personal data. 

 

The Right of Access 

You have the right to obtain: 

  • confirmation that your personal data is being processed; 

  • access to your personal data; and 

  • other supplementary information – (as provided in this privacy notice). 

 

The right to rectification 

The Society will rectify any personal data that is inaccurate or incomplete. If any inaccurate personal data has been disclosed to third parties, the Society will inform them of the rectification where possible. 

 

The right to erasure 

You have a right to have personal data erased and to prevent processing in specific circumstances: 

  • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed. 

  • When you withdraw consent. 

  • When you object to the processing and there is no overriding legitimate interest for continuing the processing. 

  • The personal data was unlawfully processed 

  • The personal data has to be erased in order to comply with a legal obligation. 

 

The Society may refuse to comply with a request for erasure where the personal data is processed for the following reasons: 

  • To comply with a legal obligation. 

  • The exercise or defence of legal claims. 

 

The right to restrict processing 

You can require the Society to restrict the processing of your personal data in the following circumstances: 

  • Where you contest the accuracy of the personal data, the Society will restrict the processing until the accuracy of the personal data has been verified. 

  • Where you have objected to the processing and the Society is considering whether its legitimate grounds override your rights. 

  • When processing is unlawful and you oppose erasure and request restriction instead. 

  • If the Society no longer needs the personal data but you require the data to establish, exercise or defend a legal claim. 

 

The right to data portability 

The right to data portability allows you to obtain and re-use your personal data for your own purposes across different services. 

 

The right to data portability only applies: 

  • to personal data you have provided to a us; 

  • where the processing is based on your consent or for the performance of a contract; and 

  • when processing is carried out by automated means. 

The Society will provide the personal data in a structured, commonly used and machine-readable form. Open formats include CSV files. The information will be provided free of charge. If the personal data concerns more than one customer, the Society will consider whether providing the information would prejudice the rights of any other customer. 

 

The right to object 

You have the right to object to processing based on legitimate interests where the processing is in respect of; 

  • direct marketing (including profiling); and 

  • processing for purposes of research and statistics. 

 

You must have an objection on grounds relating to your particular situation. The Society will stop processing the personal data unless: 

 

  • it can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms; or 

  • the processing is for the establishment, exercise or defence of legal claims. 

 

Rights in relation to automated decision making  

You have the right to object to automated decision making and request human intervention. If you wish to challenge an automated decision or request a human review, please contact us using the details provided below. 

Contact Details 

 

Progressive Building Society 

 

Data Protection Officer, Progressive Building Society 33-37 Wellington Place Belfast 

BT1 6HH 

Telephone: 02890244926 

The Society has an internal complaints procedure. Complaints that we cannot resolve may be referred to the Financial Ombudsman Service. 

The Information Commissioner 

 

If you wish to know more about your rights in respect of protection of personal data, you should write to the: 

 

Information Commissioner’s Office Wycliffe House Water Lane Wilmslow 

Cheshire SK9 5AF 

 

Or telephone: 0303 123 1113 

01625 545745 

Website: www.ico.org.uk 

E-mail: mail@ico.gsi.gov.uk