Privacy Policy

Home › Privacy Policy

1. Who we are
2. Introduction
3. Contact us
4. Our principles
5. Customer information about data processing in accordance with UK GDPR
6. Which data is processed by us and the sources of data
7. Who we share your personal data with
8. For what purpose and on what legal basis do we process the personal data?
9. Your data subject rights
10. How we use cookies and tracking technology
11. International transfers
12. Our security technology
13. Data retention
14. Changes to Privacy Policy and your duty to inform us of changes

1. Who we are

Raisin UK is a trading name of Raisin Platforms Limited (registered no 11075085), whose registered office is at Cobden House, 12-16 Mosley Street, Manchester, M2 3AQ. Raisin Platforms Limited is authorised and regulated by the Financial Conduct Authority (FRNs 813894 and 978619) and is the entity responsible for the registration and management of customer data on the Raisin UK Platform. Where applicable, for certain savings products, Raisin UK may also act as your trustee in accordance with the Raisin Trust Terms and Conditions. You can determine whether a deposit is held under the Raisin Trust by reviewing the product description.

Raisin UK is the entity through which Raisin UK’s platform services operate. Raisin UK is both a data controller and data processor for the purposes specified in this Privacy Notice. Raisin UK is also registered as a data controller with the Information Commissioner’s Office under reference: ZA299777.

Any information you provide on our website/app/customer account/Raisin Trust is controlled by Raisin UK.

2. Introduction

Raisin UK provides information on its website, www.raisin.co.uk (“our website”) and via our app about deposits and investment products of selected partner banks. In addition, our customers can access the Online Banking System of our service bank.

This Privacy Notice explains how we handle the data we learn about you when you visit our website/app or utilise our services (e.g.customer account or Raisin Trust) and outlines your rights in relation to how we process this data.

This website/app may include links to third-party websites, plugins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy statements. When you leave our website/app, we encourage you to read the privacy policy of each website that you visit. This Privacy Notice only applies to Raisin UK and does not extend to other third-party websites accessed from this website/app.

When you visit our website/app you trust us with your information. By helping you understand our privacy practices, we want to show that we are committed to keeping that trust. This Privacy Notice (together with our Raisin UK Terms & Conditions and any other documents referred to in it and, where applicable, the Raisin Trust Terms and Conditions), describes how we collect and use your personal data in accordance with the Data Protection Legislation which is defined below.

It is important that you read this Privacy Notice in conjunction with any privacy notice which we may provide on specific occasions so that you are aware of how we are collecting and processing information about you and why we are using such information.

3. Contact us

If you have any questions about this privacy policy or our privacy practices, please contact us at:

Raisin Platforms Limited

Cobden House

12-16 Mosley Street

Manchester

M2 3AQ

Email: service@raisin.co.uk

Alternatively, for all questions in relation to data protection in connection with our products/services or the use of our website, you can also contact our Data Protection Officer at any time in the following ways:

Email: dpo@raisin.co.uk

Post: Data Protection Officer

Raisin UK

Cobden House

12-16 Mosley Street

Manchester

M2 3AQ

Please note that if you use this e-mail address, your communication will not be exclusively accessed by our data protection officer. If you wish to exchange confidential information, please therefore first contact us directly via the e-mail address provided above.

4. Our principles

• The protection of your privacy is very important to us
• We treat your data responsibly and only process it for specified purposes
• We are aware of the sensitivity of the data you have entrusted to us
• We do not process any personal data without a legal basis
• We will never pass on your data to third parties unless there is a lawful basis to do so
• We use state of the art measures to prevent any misuse of your data
• We follow the principle of data minimisation

5. Customer information about data processing in accordance with the UK GDPR

All personal data that you submit to us will be held in accordance with our responsibilities in compliance with the Data Protection Legislation; defined as, for the periods in which they are in force, the UK General Data Protection Regulation and all laws giving effect or purporting to give effect to the UK GDPR (such as the Data Protection Act 2018) or any equivalent legislation amending or replacing the UK GDPR.

We will collect and process the information provided by you when you do any of the following (not an exhaustive list):

• complete forms on our website/app including registrations for a customer account and applications for any of our savings products or any other services;
• visit our website/app including but not limited to traffic data, location data, web logs and other communication data, whether it is required for our own purposes or otherwise, as well as the resources that you access by using our website/app;
• provide information to help us investigate your report of any problem with our website/app;
• you request our assistance to help you navigate around our website/app;
• provide information upon request so we can respond to your correspondence; and,
• provide instructions for any transfer to and from your savings products.

We will also process your personal data where we obtain information from you or third parties, such as fraud prevention agencies, distribution partners or other organisations, when you register for an account with us or transfer funds into an account held with us, or apply for any of our savings products, or other services which you or they give to us at any time.

6. Which data is processed by us and the sources of data

Personal data is any information that directly or indirectly relates to you and which you provide to us as part of the application process for the purpose of opening and operating your Raisin UK account. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

• Identity data - includes name, username, similar identifier, marital status, title, date of birth, nationality, and gender;
• Contact data - includes address, email address and telephone numbers;
• Financial data - includes bank account information;
• Transaction data - includes details about payments to and from you and details of other products and services that you have entered into via the website/app;
• Technical data - includes IP address, login data, browser type and version, time zone setting and location, browser plug in types and versions, operating system and platform, and other technology on the devices you use to access the website/app;
• Profile data - includes your username and password, preferences, products and feedback and survey responses;
• Usage data - includes information about how you use our website/app, products and services; and
• Marketing and Communications data - includes your preferences in receiving marketing from us and any third parties and your communication preferences.

We also collect, use and share Aggregated data such as statistical or demographic data for any purpose. This could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. However, if we combine or connect Aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

The customer relationship begins with the initiation of a contract and includes the completion of the contract. You will need to provide us with your personal data if you want to enter into a customer relationship with Raisin UK. We also process personal data which is lawfully obtained from publicly available sources.

The principal purpose of collecting personal data from you through our website/app is to provide information or services specifically requested by you and so we can comply with our legal obligations. When you complete our online forms, we ask for your personal details and other selected information so that we can deal with your request as efficiently and effectively as possible. If you decide not to provide us with the personal data that we request from you then we may not be able to perform the contract we have or are trying to enter with you. In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

We will never sell, trade, or rent your personal data to others, however, we may share your personal data with selected third parties in the following instances:

• we sell or buy any business or assets, in which case we may disclose your information to the prospective seller or buyer of such business or assets. In such an event, we will ensure that the prospective seller or buyer treats your information as confidential.
• a third party acquires Raisin UK or substantially all of its assets, in which case information held by Raisin UK about its customers will be one of the transferred assets. In such an event, we will ensure that the third party treats your information as confidential.
• we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation, as part of legal proceedings, to enforce or apply our terms and conditions which apply to your savings products or to protect the rights, property, or safety of Raisin UK, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
• we change our service bank and as part of any service bank migration we may disclose your information to a replacement service bank provider.
• we change our deposit administration services provider and as part of any deposit administration services migration we may disclose your information to a replacement deposit administration services provider.

We may disclose your information to any member of our group, which means that we may disclose your information to our ultimate holding company and its subsidiaries.

We partner with a number of groups, suppliers and subcontractors in order to provide savings products and to manage your Raisin UK Account and we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation. In some cases, they may process personal data, for example, to provide an identity verification check.

We require all third-party service providers to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. In particular, we use the services of TransUnion to conduct various searches and checks on our customers and your data will, during the course of our relationship with you, be shared with or obtained from TransUnion. Please refer to their privacy notice which can be found here https://www.transunion.co.uk/legal-information/bureau-privacy-notice. More information about TransUnion’s activities are available at that location.

7. Who we share your personal data with

(a) Selected employees, consultants, and professional advisors, when your data is necessary for the management of the Raisin Trust;

(b) Group companies and subsidiaries of Raisin SE;

(c) provider(s) of Transaction Accounts;

(d) provider(s) of the Raisin Trust Bank Account;

(e) Partner Banks;

(f) Distribution Partners;

(g) Credit reference agencies;

(h) Deposit administrators;

(i) Compliance service providers;

(j) Regulators and compliance providers;

(k) Customer service providers;

(l) Information technology, communications and cloud computing providers;

(m) Contractors who provide a service to us or are acting as our agents, on the understanding that they will keep the personal data confidential and secure;

(n) Newsletter providers;

(o) Survey providers;

(p) Prize draw, competition providers; and

(q) Other third parties where we are under a legal obligation to do so, for example where we are required to share information under statute or because of a Court Order.

8. For what purposes and on what legal basis do we process the personal data?

1. To register you as a new customer - processing is necessary to perform a contract we have entered with you and/or for taking steps to comply with a request made by an individual with a view to entering into a contract (Article 6(1)(b) of the UK GDPR) Type of data: Identity, Contact. Lawful basis: performance of a contract with you.
2. To process and deliver a service - we process your personal data when you provide us with pre-contractual information at the point of registering with us. This allows us to carry out our obligations to provide services to you under the platform contract and also so we can carry out other relevant required activities. If it is necessary to enable us to perform our contract with you we may share your personal data with our business partners, suppliers and sub-contractors. Type of data: Identity, Contact. Lawful basis: performance of a contract with you.
3. To manage our relationship with you - we may process personal data for the purpose of fulfilling various legal obligations such as carrying out our obligations in respect of the provision of your savings products and the provision of our online services along with verification of your identity including anti-money laundering checks and the use of your personal data for crime and fraud prevention purposes. Where we act as your Trustee for certain savings products, we also process personal data to fulfill our responsibilities and obligations associated with our role as trustee. For further information please see the Raisin Trust Terms and Conditions. Type of data: Identity, Contact, Financial, Transaction, Marketing & Communications. Lawful basis: performance of a contract with you; necessary to comply with a legal obligation; necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services).
4. Where you have consented to the processing of your personal data for one or more specific purposes (Article 6(1)(a) of the UK GDPR). Lawful basis: Consent
5. To enable you to partake in a prize draw, competition or to complete a survey or to send you postal communications where we believe that the relevant campaign or marketing activity is of legitimate interest to you - Type of data Identity, Contact, Profile, Usage, Marketing & Communications. Lawful basis: Performance of a contract with you; Necessary for our legitimate interests (to study how customers use our products/services, to develop them to grow our business); Consent. In addition where you provide specific and informed ‘opt-in’ consent we will process your personal data for some marketing purposes so you can receive appropriate email communications from us. You may withdraw your consent at any time upon notification to us. There is no requirement upon you to communicate withdrawal of consent in any particular form, i.e. you could make the notification by email or by letter. Where you opt out of receiving marketing communications this will not apply to personal data provided to us as a result of a product or service.
6. To deliver relevant website/app content and advertisements to you and measure or understand the effectiveness of advertising and to administer and provide our service to you - circumstances may arise where we or a third party may need to process your personal data beyond the performance of our contract. This processing could include testing and optimisation of requirements analysis and direct customer approach; measures to manage the business, to improve services (by way of example, but not limited to the migration of service bank or deposit administration provider) and to recover customers and advertising or market and opinion research. If you decide to exercise your right to object to direct marketing in accordance with Article 21 of the UK GDPR at any time by unsubscribing via link on an email sent to you or by email addressed to service@raisin.co.uk. Types of data: Identity, Contact, Profile, Usage, Marketing & Communications, Technical. Lawful basis: Necessary for our legitimate interests to define types of customers, to keep our website/app updated and relevant, to develop and build our business and to inform our marketing strategy.
7. To use data analytics to improve our website/app, products/services, marketing, customer relationships and experiences - we may process your personal data to ensure content from our website/app is presented in the most effective manner for you and your device, so we can process your application for savings products and set up your Raisin UK Account to use our online services, manage your savings products through your Raisin UK Account, provide you with statements and services available through our Raisin UK website/app, including the service which enables you to manage your savings products online, meet our regulatory and reporting obligations, enforce any of our rights against you and also so we can develop and improve our services to you and notify you about changes to our services. Type of data: Technical, Usage. Lawful basis: Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website/app updated and relevant, to develop our business to inform our marketing strategy).
8. Where you provide it to us, we may also process sensitive or special category data in relation to you. We treat this information securely and process it lawfully under the UK GDPR and DPA 2018. Lawful basis: Consent; performance of a contract with you; necessary to comply with a legal obligation; necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services).

We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

9. Data subject rights

In the UK, the relevant Data Protection Supervisory Authority is the Information Commissioner’s Office (ICO). You have the right to make a complaint at any time to the ICO. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us via dpo@raisin.co.uk in the first instance. You can contact the ICO through their website: www.ico.org.uk.

If you have a query or complaint about how we process your personal data please contact the Data Protection Officer using the above contact details. We will investigate your concerns and take all reasonable steps to resolve the matter promptly.

1. Right of information: You can request a copy of the personal data that we hold about you and further information about how we process your personal data. This is known as a ‘Data Subject Access Request’.
2. Right to rectification: If your information is no longer correct you have the right to request that we rectify it. We take reasonable steps to keep your information accurate, complete and current. Please remember that it is your responsibility to tell us about any updates to your information. We may need to verify the accuracy of the new data that you provide to us. You may also edit your details at any time by logging into your Raisin UK Account or by contacting our Customer Services team.
3. Right to erasure: In certain circumstances, you have the right to ask us to delete your personal data, for example; if your personal data is no longer necessary for the purpose(s) it was collected for. There are legitimate reasons that we must retain some of your personal data after you have requested its deletion, including compliance with legal or regulatory obligations to which we are subject, or for the establishment, exercise of defence of legal claims. We will notify you of any decision to retain or erase your personal data.
4. Right to restrict processing: You can request that we restrict our processing of your personal data in specific circumstances. Where a restriction is in place, we can continue to store your information, but we will only process it with your consent, for the establishment, exercise or defence of legal claims, to protect the rights of another individual or legal entity or for important public interest reasons. We will inform you prior to the lifting of any restriction.
5. Right to object: You can request that we stop processing your personal data where the purpose(s) is based on a ‘legitimate interest’ and/or the ‘public interest’. We can continue to process your personal data for the establishment, exercise or defence of legal claims if there are compelling legitimate grounds which override your interests, rights or freedoms.
6. Right to data portability: You have the right to request that we provide your personal data to you in a portable format and also upon request to transmit your personal data to another data controller. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
7. Right to complain: If you believe we are processing your personal data in breach of UK data protection law you have the right to complain to the ICO.
8. Right to withdraw your consent.
9. Rights related to automated decision making including profiling: Raisin UK does not use automated decision making in the course of its business relationship.

10. How we use cookies and tracking technology

When you visit our website/app, use our services or access our website/app through certain intermediary partners (e.g. affiliates, publishers, distributors) we and our partners may use cookies and other tracking technologies (collectively, “Cookies”) to recognise you, collect statistics, customise your online experiences, provide other online content and advertising, in order to measure the effectiveness of promotions and perform analytics.

We may collect information about your computer for system administration, including where available your IP address, operating system and browser type. This information is statistical data about our users’ browsing actions and patterns and does not identify any individual.

You can set your browser to refuse all or some browser Cookies or to alert you when websites set or access Cookies. If you disable or refuse Cookies, please note that some parts of websites may become inaccessible or not function properly.

For more information on how we use cookies, please visit our Cookie policy page.

11. International Transfers

We may share your personal data within the Raisin Group or external third parties. This may involve transferring your data outside of the UK.

Whenever we transfer your data out of the UK, we ensure at least an equal degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data;
• Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection as it has in the UK

Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular your specific consent or the necessity of the transfer for the fulfilment of the contract or for the implementation of pre-contractual measures.

If a transfer to a third country is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence agencies) may gain access to the transferred data in order to collect and analyse it, and that the enforceability of your data subject rights cannot be guaranteed. If your specific consent is obtained, you will also be informed of this.

12. Information security

As part of our obligation to protect your personal data we have put in place appropriate technical and organisational measures to protect your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. These measures include pseudonymisation, encryption, firewalls and access controls. Our security measures are regularly reviewed and updated to comply with technological developments.

13. Data retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including the purpose of satisfying any legal, regulatory, tax, accounting or reporting requirements.

We are required to keep basic information about our customers (including Contact, Identity, Financial and Transaction data) for at least 5 years after they cease being customers. In some circumstances, you can ask us to delete your data: see your legal rights above for further information. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research and statistical purposes in which case we may use this information indefinitely without further notice to you.

14. Changes to Privacy Policy

We keep our Privacy Policy under review and, if necessary, we will adjust this privacy information. If this occurs, we will contact you and give you any notices in connection with this Privacy Notice by using the email address you have given us.

Version 2 / Last review: 07.03.2025