ROCBF Privacy Policy

Robert Owen Community Banking Fund Ltd (ROCBF) is committed to protecting your privacy. This Privacy Policy sets out details of the information that we may collect from you and how we may use that information.

Who are we?

In this Privacy Policy, references to “we” or “us” are to:

Robert Owen Community Banking Fund Ltd. Authorised by the Financial Conduct Authority FRN 726281. Company Number 5832750.

Our registered office is at Royal Welsh Warehouse, 3rd Floor, 17 Old Kerry Road, Newtown, Powys, SY16 1BH.

We are registered on the Data Protection Register under registration number Z1116968.

We are a data controller for the purposes of the General Data Protection Regulation (GDPR) which came into force on 25th May 2018. This means we are responsible for how we hold and use the personal information we hold about individuals.

What is personal data?

Personal data is any information relating directly or indirectly to any living person

What data do we collect and hold about you?

We only collect and hold information that is necessary to enable us to provide the services you request. You may provide this information in person or by post, telephone, fax, e-mail, SMS. In particular we may collect the following data from you which are defined as ‘personal data’.

Identity Data includes your name, gender, date of birth, National Insurance number, marital status, title, number of dependants, driving licence, marriage certificate, passport, Inland Revenue notice of coding, utility bills, tenancy agreements, and mortgage statements

Contact Data includes e-mail address, postal address telephone numbers, work address and emergency contact details.

Financial Data includes job details, financial details, salary slips, bank statements and any other information you provide to us in connection with your loan application or for monitoring purposes.

Marketing and communications data. We will never share your data with third parties for marketing purposes. We want to be able to contact you in the future to update you on our products and services and for this reason we ask you to provide your communications preferences.

Third party Data. We may receive information about you from third parties (such as credit reference agencies (see below) who are legally entitled to disclose that information.

Finally, when your visit our website, we may collect details of your computer’s internet protocol address, which is automatically collected by our web server, and other information about your use of the website, such as log-in, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We also collect standard internet log information and details of visitor behaviour patterns, in order to find out things such as the number of visitors to the various parts of the site and we study these patterns in a way which does not identify anyone.

Special Categories of Personal Data

We may also collect special category personal data such as physical and mental health details, or information relating to your racial or ethnic origin. We will only collect this information with your explicit consent.

Credit Reference Agencies (CRAs) and Fraud Prevention Agencies (FPAs)

By applying for a loan with ROCBF, you agree that we may use your personal information to make credit reference checks and for fraud checking and prevention purposes.

In order to process your application, we will supply your personal information to the CRA and it will give us information about you. This will include information from your credit application and about your financial situation and financial history. We do this to assess creditworthiness and product suitability, verify the accuracy of the data you have provided to us, check your identity, manage your account, trace and recover debts and prevent criminal activity (including fraud and money laundering), and ensure that any offers provided to you are appropriate to your circumstances.

Our search will create “a search footprint”. CRAs provide us with both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information. They will add to their record about you, details of our search and your application. This will be seen by other organisations that make searches and, together with other information about you and those with whom you are linked financially, may be used to make credit decisions about you and those with whom you are linked financially.

It is important that you provide us with accurate information. We may check your details with FPAs. If false or inaccurate information is provided and fraud is identified, details will be passed to FPAs and other organisations to prevent fraud and money laundering. These records will be shared with other organisations and may be used and searched by us and them, for example, to consider applications for credit and credit related services, or other facilities, for you and any associated person; check details on proposals and claims for all types of insurance; trace debtors, recover debts and manage your account(s); check details of job applicants and employees. Law enforcement agencies may access and use this information. We may make periodic searches at CRAs and FPAs to manage your account with us. We and other organisations from other countries may access and use the information recorded by CRAs and FPAs.

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail here.

What are the legal grounds for processing your personal information?

Under data protection laws we can only process your personal data for certain reasons (including when we share it with other organisations). We have set out in the table below a description of all the ways we plan to use your personal data and which of the legal bases we rely on to do so. We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data.



Purpose/Activity Type of data Lawful basis for processing
To identify you Identity Data.

Third Party Data

Contractual. Legitimate Interests
To assess your ability or the ability of a company under your control to repay a loan from ROCBF Identity Data. Financial Data. Contractual. Legitimate Interests
To pay the loan funds to you and collect loan repayments Identity Data. Financial Data Contractual. Legitimate Interests
To send you periodic statements for your loan account Identity Data Contractual
To contact you to advise you of missed loan repayments and other repayment issues Identity Data Contractual
Updating our records to reflect a change in your circumstances Identity Data. Financial Data. Third Party Data Contractual. Legitimate Interests
Monitoring of anonymised statistical information Racial/ethnic origin. Physical and mental health details Your consent which you can withdraw at any time by contacting us using the contact details above


Do you have to provide your personal information to us?

We are unable to provide you with a loan without having personal information about you. Your personal information is required:

  1. Before you can enter into a loan contract with us
  2. To help us give you personalised debt advice
  3. During the life of your loan if you default on loan repayments
  4. To satisfy legal requirements

If we already hold some of the personal information that we need, for instance if you are already a customer, we will not need to collect it again when you make a new application for a loan or ask for help manage your debts. In cases where providing some information is optional, we will make this clear during the application process.

Is your personal information transferred outside the UK or EEA?

No. All our processing is undertaken within the UK. If the situation should change, we would ensure that suitable safeguards were in place to provide the same level of protection for your data.

Is your information safe?

We take the security of your data very seriously. We will ensure that all information provided to us is kept secure using appropriate technical and organisational measures and we have procedures in place to minimise the effects of any data breach. In the event of a data breach, we will liaise with you and the ICO as necessary.

What are your rights under the GDPR?

You have several rights under the GDPR which can be exercised in certain circumstances. These include:

  • The right to be informed about the collection and use of your data.
  • The right of access to your data
  • The right to request correction of inaccurate personal data.
  • The right to request erasure of your data in certain circumstances
  • The right to request that processing of your data is restricted or supressed in certain circumstances
  • The right to data portability
  • The right to object to data processing carried out on the basis of our or a third party’s legitimate interests.
  • Rights in relation to automated decision making and profiling
  • Right to withdraw any consent given

If you have any queries I respect of any of your rights please let us know. Further information is also available at the Information Commissioner’s website.

How to get a copy of your personal information (Data Subject Access Request)

You can obtain a copy of the personal information held by us by writing to us at Royal Welsh Warehouse, 17 Old Kerry Road, Newtown, Powys, SY16 1BH. We will ask you to provide verification of your identity before we release the information to you. We will respond to your request as quickly as possible but in no more than 30 days.

Contact Details

If you have any queries or concerns about this privacy notice or how we handle the personal information referred to in it please contact our Data Protection Officer, John Waters on 01686 626234 or by e mail at If you have any complaints about the processing of personal data referred to in this privacy notice, you have the right to make a formal complaint to the Information Commissioners Office (ICO). Further information can be found at