Skip to Content
Skip to Content
Version 1.17

Customer Privacy Notice

25th January 2024

Who are we?

We're Monzo Bank Limited ('we', 'our', 'us') and operate under the name Monzo.

We're registered with the UK data protection authority (the Information Commissioner's Office or ICO) under number ZA108184.

This notice explains how and why we use your personal information when you open a current account and use our app, card, or services for account holders on monzo.com.

For information about what cookies are and how we use them, please read our Cookie Notice.

Getting in touch

For any questions, please contact us however you prefer:

  • chat with us through the app;

  • email help@monzo.com; or

  • write to us at Monzo, Broadwalk House, 5 Appold Street, London, EC2A 2DA, UK.

We'll respond within a month in line with data protection laws, like the UK GDPR.

If your application for a Monzo account was rejected and you want us to review that decision, please get in touch using the details above.

Your rights βœ…

You have a right to:

  • access the personal data we hold about you, or to get a copy of it;

  • ask for a copy of your personal data in a portable (machine-readable) format or make us send it to someone else;

  • make us correct inaccurate data;

  • ask us to delete your data, though for legal reasons we might not always be able to do it;

  • say no to us using your data for direct marketing and in certain circumstances 'legitimate interests', research and statistical reasons;

  • withdraw any consent you've given us; and

  • ask a member of staff to review an automated decision.

To do any of these things, please get in touch using the details above.

Where we store or send your data πŸ”’

We may store the data we collect from you outside the UK, or transfer it to organisations outside the UK. When we do this, we make sure that your data is protected and that:

  • the Information Commissioner (ICO) has deemed the country or organisation to provide an adequate level of protection for personal data; or

  • we've agreed specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

If you'd like more information on how we transfer your personal data out of the UK, please get in touch through in-app chat or by email help@monzo.com.

Where we store or send your data ⚠️

We use your data in line with our terms and conditions, which includes the potential consequences of third parties using your data. Please refer to "The information we hold about you, and how we use it πŸ‘€" section for further information.

How to make a complaint

If you have a complaint about how we use your personal information, please contact us through the app or send an email to help@monzo.com and we'll do our best to fix the problem. You can also reach our DPO at dpo@monzo.com.

If you're still not happy, you can refer your complaint to the ICO's Office, the UK regulator for data protection issues. For more details, visit their website.

Changes to this notice πŸ“

We'll post any changes to our privacy notice on this page and if they're significant changes we'll let you know by email or in the app.

Customer Accounts

The information we hold about you, and how we use it πŸ‘€

Information you give us through the Monzo app

When you sign up for a Monzo account

  • personal details like your name, date and place of birth;

  • contact details like your home address (and previous addresses), email and phone number;

  • information about your identity, such as a copy of your ID document, a short video of yourself;

  • information about your right to live in the UK and your tax residency; and

  • financial details, such as your employment status and the industry you work in, annual income, number of dependents, residential status and monthly housing costs.

When you sign up for, or use, our services

  • details you give us when you sign up for a specific service, like your National Insurance number if you open an Individual Savings Account (ISA);

  • if you apply for credit, we'll ask for details about your financial circumstances and reasons for borrowing;

  • details you give us which we pass to our partners when you let us know you're interested in their services (like energy switching);

  • information you give us through in-app chat, emails and in-app forms; and

  • answers you give to surveys about Monzo and our services.

Information we collect or generate if you get in touch

If you contact us another way (not using in-app chat), we collect the following information so we can help:

  • the phone number you're calling from and information you give us during the call (we record all calls);

  • the email address you use and the contents of your email (and any attachments); and

  • public details from your social media profile (like Facebook, Instagram or Twitter) if you reach out to us via these platforms, and the contents of your messages or posts to us.

Information we collect or generate when you use the app and our services

We collect information about how you use the app to help improve features. This includes:

  • details about payments to and from your Monzo account, your savings activity (using Pots) and any overdrafts, loans or Monzo Flex offers you use;

  • details about who you split a bill with (for example, the contact's name, email, phone number, and transaction details);

  • details about services from us and our partners that you show interest in;

  • details about how you use our app; and

  • all the countries you're a tax resident in and your Tax Identification Number for each one.

We may sometimes ask for information about transactions through our app to protect you and to help detect and prevent fraud and other suspicious activities.

Information we collect from your phone

We collect this information to keep your data safe and to improve features for you. This includes your:

  • mobile network and operating system, so we can analyse how our app works and fix any problems;

  • IP address and device ID (we'll link your mobile number with your device);

  • mobile advertising ID, so we can share it with companies that help us with advertising online (you can reset this ID or limit tracking in your phone 'Settings');

  • location if you've authorised tracking, so we can help protect you against fraud; and

  • phone contacts who use Monzo, if you have profile privacy settings turned on and they do too (we don't store your full contact list).

Information we get from external sources

If you provide your information to a Credit Broker that Monzo partners with, they will provide your information to us so that we can identify what Lending Monzo might be able to offer you. The details of which will get passed back to the Credit Broker. When using a Credit Broker service please make sure that you read their Privacy Notice to understand how they process your information.

When you sign up for a Monzo account, we search your record at:

  • credit reference agencies to verify your identity, check if we can offer you an overdraft and manage business risk (this is a 'soft search' and won't impact your credit score);

  • if you take out a loan, use Monzo Flex, or turn on your overdraft for the first time, we do a full search (which may impact your credit score). We also use this info to check you can continue to afford your loan; and

  • fraud prevention agencies, KYC (Know Your Customer) and AML (Anti Money Laundering) service providers to fulfil our legal duties.

For more information about data we collect from and share with credit reference agencies, see 'Who we share your data with'.

When you connect your mortgage in the Monzo app, we send your personal data, including your name, date of birth and address to Transunion so that we can fetch your full credit file. To find out how they use your information see their privacy notice here.

We may also collect information about you from public sources for AML reasons or market research.

This includes:

  • official public records, like the Electoral Register or Companies' House; and

  • information published by the press or on social media.

If you sign up to a service from one of our partners through the Monzo app (like energy switching), they may share details with us about your deal.

Our reasons for using your information πŸ”

Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply:

  • contractual or legal duty

  • legitimate interest

  • public interest

  • vital individual interest

  • consent

In this section we explain which one we rely on to use your data in a certain way.

We need to use your data for a contract we have with you, or to enter into a contract with you

We use details about you to:

  • consider your application;

  • give you the services we agreed to in line with our terms and conditions;

  • send you messages about your account and other services you use if you get in touch, or we need to tell you about something;

  • exercise our rights under contracts we've entered into with you, like managing, collecting and recovering money you owe us; and

  • investigate and fix complaints and other problems.

We need to use your data to comply with the law

We:

  • confirm your identity when you sign up or get in touch;

  • check your record at immigration and fraud prevention agencies;

  • prevent illegal activities like money laundering, tax evasion and fraud;

  • check your credit history and ask about your reasons for applying for an arranged overdraft, loan or Monzo Flex, and other details about your financial circumstances so that we can make responsible lending decisions;

  • keep records of information we hold about you in line with legal requirements;

  • adhere to banking laws and regulations (these mean we sometimes need to share customer details with regulators, tax authorities, law enforcement or other third parties);

  • compare information we hold about your account with your tax residency information to make sure we don't have a reason to doubt it.

When it's in our 'legitimate interest'

We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third party's) interest and which doesn't involve overriding your privacy rights.

Product development and marketing

We don't sell any of your information.

We:

  • check your record at credit reference agencies when you sign up to see if we can offer you an overdraft, a loan, or Monzo Flex (this is a soft check);

  • tell you about products and services through the app or other channels, like social media companies, based on how you use our products and services and other information we hold about you;

  • may also exclude ads on this basis. We do this so we can make sure our marketing is useful. That includes instructing platforms to show or not show Monzo adverts to existing customers;

  • share limited identifying information about you with social media companies, other communication platforms, and analytics and search engine providers, including your mobile advertising ID and hashed versions of the email address and phone number you give us;

  • may use the personal information you share with us to test third party services;

  • track, analyse and improve the services we give you and other customers and how you respond to ads we show;

  • may ask for feedback if you've shown interest in a service. We do this so that we can make our products better and understand how to market them;

  • use the personal information you share with us and data you create from using the app to suggest Monzo features or products you'd find useful. If you don't want us to do this, you can opt-out in the app; and

  • share insights with the public about spending, saving or borrowing trends based on data that doesn't personally identify you.

Special features

We:

  • show where you were when you bought something with Google maps (in the Monzo app) and send you travel reports when you're abroad (we do this using transaction data, not by tracking your phone);

  • give you reports on how you've spent and/or saved money using Monzo ('Spending Reports' and 'Trends'); and

  • personalise your visual experience in the Monzo app, like choosing a picture for your virtual card based on what you've told us you'll use the loan for.

Security and business management

We:

  • protect the rights, property or safety of us, our customers or others;

  • carry out security and maintenance checks to make sure our app, website and other services run smoothly for you;

  • manage Monzo's business risk and finances, and protect our customers and staff;

  • share information with credit bureaus and fraud prevention agencies so we can benefit from up-to-date information when we make decisions about accounts, loans or Monzo Flex. This helps us make responsible lending decisions and fight financial crime; and

  • share your name, title and account number with other banks and building societies, so that people paying you can confirm the name they have matches the name we hold in our records. This helps us fight financial crime.

Companies that give services to us

We share your information with companies so they can help us provide our services (see 'Who we share your data with').

We'll ask for your consent to:

  • record any issues you want us to know about so we understand how to best support you (if the information is sensitive, we need a second lawful basis, see 'Our reasons for using special category information');

  • tell you about our, or our partners, products and services by email or push notification if we think they're of interest to you. You can unsubscribe from these by email or in the app. (If you don't want to see lending promotions in the app, you can opt out in 'Settings');

  • help protect you against fraud by tracking the location of your phone if you've authorised it (iOS);

  • show your profile picture in the app if you add one;

  • show your profile picture and name to Monzo contacts in their app if you have not turned off your profile privacy settings.(If you pay someone, they'll see your name regardless.It's our legal duty to show this, so you can't opt out);

  • show your profile picture on monzo.me if someone uses this service to pay into your Monzo account; and

  • share information about you with companies we work with when we need your permission (see 'Who we share your data with').

  • fetch your full credit file from Transunion when you connect your mortgage in the Monzo app.

You don't have to share information about yourself. But if you don't, you may not be able to use some, or any, of our services.

Our reasons for using special category information

We may need to process sensitive information about customers that data protection laws call 'special category' data. This is information that can reveal a person's:

  • racial or ethnic origin

  • political opinions

  • religious or philosophical beliefs

  • trade union membership

  • genetic or biometric data (if used for identification purposes)

  • information concerning a person's health, sex life or sexual orientation

Data protection laws say we need a second lawful basis to use special category data. This can be: explicit consent, exercising legal rights in connection with an employment relationship, protecting vital interests, establishing, defending or exercising legal claims or reasons of substantial public interest. In this section we explain which lawful basis we rely on to use your special category data in a certain way.

It's necessary for reasons of substantial public interest

We:

  • use facial recognition technology to identify people who use our services in the Monzo app. We do this because it's necessary for reasons of substantial public interest to prevent or detect unlawful acts; and

  • record information about your health if it's necessary to protect your economic well-being if you're at risk, and seeking consent would be unreasonable or negatively impact our ability to help you.

It's necessary to protect your, or another person's, vital interests

We may share information about you externally (generally with law enforcement in an emergency), if it's necessary to protect your or another person's life and you cannot consent.

We record any issues you want us to know about relating to your health, so we understand how to best support you.

Who we share your data with

Companies that give services to us

Here we mean companies that help us provide services you use, and need to process details about you for this reason.

We share as little information as we can and encrypt and/or make it impossible for the recipient to identify you where possible (for example, by using a User ID rather than your name). These are:

  • companies that make our Monzo cards;

  • card producers and networks, like MasterCard;

  • card processing partners;

  • analytical, Know Your Customer (KYC) and cyber security service providers that help us with identity verification or fraud checks;

  • cloud computing power, storage and software providers;

  • our business intelligence and analytics platform provider;

  • companies that help us with functional analytics (to help us solve technical problems with the app, for example);

  • companies that help us with marketing (we won't share identifiable personal data with third parties for their own direct marketing unless you give us permission, and you can opt out any time);

  • software companies that we use to email you, or for processing and storing emails with you;

  • companies that help us with customer support;

  • companies that help us with fraud prevention;

  • companies that offer benefits or rewards through special programmes you sign up to in the app;

  • some merchants that we work with to offer you cashback, so they can confirm your purchase qualifies for cashback. To find out how each merchant handles your information, please read their privacy notices;

  • companies that print written statements and notices; and

  • companies that manage our CCTV and security if you visit our offices.

Credit reference agencies (CRAs)

CRAs give lenders information about borrowers to help them make responsible lending decisions. Banks share details about their customers to help CRAs maintain up-to-date information about people's financial status. We work with TransUnion, Experian and Equifax.

When you sign up, and for as long as you're a customer, we'll exchange details about you with CRAs. This includes:

  • your name, address and date of birth;

  • accounts you have, including when you opened them and money going into them (if you owe us money, we'll also share your balance);

  • credit applications you've made and limits you've turned on;

  • if you've borrowed, details of your loan (including through Monzo Flex) and repayments (like whether you repay in full and on time); and

  • fraud prevention information.

We'll use this information to comply with our legal duties and when it's in our 'legitimate interest' to:

  • verify your identity and make sure what you've told us is true;

  • help detect and prevent fraud and money laundering;

  • assess whether you can afford to make repayments if you borrow;

  • manage your account with us;

  • trace and recover debts; and

  • make sure our offers are relevant for you.

If you apply for a joint account with someone else, we and CRAs will link your records with theirs.

For more information about how the CRAs we work with use your data, read TransUnion, Equifax and Experian's CRA Information Notices.

Fraud prevention agencies (FPAs)

When you apply for an account, we check your record with FPAs like Cifas. During the application process and after you become a customer, we may share information about you with them to help prevent fraud and money laundering when it's in our 'legitimate interest'.

If we detect fraud, we may stop activity on your account or block access. Other organisations may use information we share with FPAs about fraud to refuse their services, finance or employment. For more information about the details we collect from and share with Cifas, and how they'll use your data, see Cifas' Fair Processing Notice.

Anyone you give us permission to share it with

We tell you in the app when we need your consent to share your data with:

  • companies that introduce their own services via the Monzo app, like energy switching, insurance or remortgaging;

  • other customers you want to set up joint Monzo accounts with;

  • other apps;

  • other banks if you use account switching or aggregation services; and

  • people you've asked to represent you, like solicitors and debt management companies.

Law enforcement and other external parties

We may share information about you with:

  • authorities that spot and stop financial crime, money laundering, terrorism and tax evasion if the law says we have to, or if it's necessary for other reasons;

  • the police, courts or dispute resolution bodies if we have to;

  • local health authorities, such as Adult Social Services, to safeguard your wellbeing;

  • other banks to help trace money if you're a victim of fraud or other crimes, or if there's a dispute about a payment; and

  • any other third parties where necessary to meet our legal obligations.

Debt Purchasers

If you default on any borrowing with us, we may share your contact details with debt purchasers who can help you manage your debt. Any debt purchasers we work with are regulated by the FCA.

Credit Brokers

If you use a Credit Broker service that Monzo partners with, we will share information about what Loan rates we might offer you. This is in line with the service you request from the Credit Broker.

Other Monzo Group companies

We may also share details about you with Monzo Inc for lawful reasons if you open a US Monzo account (this is only available to US residents).

We may share your details with people or companies if we change the structure of our group of companies, merge with another company, or get bought by another company.

Savings Accounts

Some of our savings accounts are provided with our selected partners, who are shown when you sign up for a savings account. Sometimes we may need to share your data with the provider to enable them to meet their obligations for holding Deposit Products on behalf of Monzo. The information we share is in line with our obligations with the Financial Services Compensation Scheme (FSCS).

Monzo Plus and Monzo Premium

If you sign up for Monzo Premium, we'll share your name and contact details with our insurance and airport lounge partners so they can provide the services you get through Monzo Premium.

We also share your account details, so insurance partners can pay you if you make a successful insurance claim. We share your payment details too, so we can collect payments you owe us for using lounge access benefits. Our legal basis for sharing your information for these reasons is 'contractual necessity: we need to use your data for a contract we have with you. To learn how our partners use your information, please read:

If you use the auto export feature to transfer transaction data into your Google Drive account, we'll share this information with the Google company that manages your account until you pause exports or remove access. We'll have access to your spreadsheet, but won't collect the information in it.

When we make automated decisions πŸ“²

We sometimes use computers to make decisions. We do this to decide if:

  • we can give you a Monzo account based on your age, residency, nationality, financial position and other circumstances, like the results of anti-money laundering and sanctions checks;

  • we can give you an arranged overdraft, loan, or offer you Monzo Flex based on information we hold about you, and information we get from credit reference agencies. This includes details on whether you've kept up-to-date with payments on any credit accounts, and if you've been to court;

  • we need to take action, like freezing a transaction or account because we suspect fraud or money-laundering against Monzo or a customer. Our computers decide this based on patterns in our data, like an account or policy being used in a way that fraudsters work;

  • you're eligible for our borrowing products;

  • we complete initial assessments for disputed transactions you raise through the app; and

  • our services and products, or those of companies we work with, are suitable for you so that we can tailor our marketing.

We'll tell you in the app once we've made these decisions. You can ask for a member of the team to review a decision through in-app chat. If your application for a Monzo account was rejected and you want us to review that decision, please get in touch using the details above.

How long we keep your information πŸ“

We keep most of your data as long as you're using Monzo, and for 6 years after that to comply with the law if we face a legal challenge. In some circumstances, like cases of anti-money laundering or fraud, we may keep data longer if we need to (that's in our legitimate interest) and/or the law says we have to.

To work out how long we keep different categories of data, we consider why we hold it, how sensitive it is, how long the law says we need to keep it for, and what the risks are.

Credit Tracker

The information we hold about you, and how we use it πŸ‘€

Information we share with TransUnion

We share the following details about you with TransUnion so they can check if you can access the information:

  • your name;

  • your date of birth; and

  • your address.

If you want to find out more about how TransUnion use your information, you can review their privacy notice.

Credit information is provided by TransUnion International UK Limited. Registered in England and Wales with company number: 3961870. Registered office: One Park Lane, Leeds, West Yorkshire, LS3 1EP. TransUnion International UK Limited, part of the TransUnion Information Group, is authorised and regulated by the Financial Conduct Authority under registration number 737740.

Information we get from TransUnion

If you pass TransUnion's authentication process, they'll give us the following information monthly for as long as you're using Credit Tracker:

  • your credit score;

  • information from your credit report that explains your credit score, and in some circumstances your full report; and

  • reasons why your score has changed, if there have been any changes since the previous month.

We'll share this information with you in the Monzo app for as long as you're using Credit Tracker, and let you know when we have new information to show you.

Our reasons for using your information πŸ”

Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent.

Our lawful basis for using your information for the Credit Tracker is 'contractual duty'. We need to use your details to check if you can use Credit Tracker, show you the information we've agreed in Credit Tracker and to help you if you get in touch about it.

Who we share your data with 🀝

We need to share your details with our cloud computing provider, storage and software providers so that they can help us show you Credit Tracker information in the Monzo app. We share as little information as we can and encrypt and/or make it impossible for them to identify you where possible (for example, by using a User ID rather than your name).

We may also share your Credit Tracker information with regulators, law enforcement or courts if necessary.

How long we keep your information πŸ“

We keep the information TransUnion gives us about you, and the reports we create for you, for as long as you're using Credit Tracker. If you turn it off, we delete your historic scores and reports. You can reactivate it at any time, but won't see historic data from before you turned it off.

We also get credit report data from TransUnion and other credit reference agencies for lending purposes. We store this type of information for as long as necessary for making decisions about who to lend to.

Seeing other accounts in Monzo

The information we hold about you, and how we use it πŸ‘€

Information we get from other banks

When you consent to us accessing details about other bank accounts you hold so we can show this information in your Monzo app, we collect:

  • your account name and status (open/closed);

  • your account number, sort code, IBAN and BIC;

  • the first 6 and last 4 digits of your card number (if the account comes with a card);

  • your account balance and any overdrafts or credit limits you have; and

  • details of transfers going in and out of your account (refreshed daily). This includes transaction amounts, currencies, exchange rates, merchants and information about people you've paid or who've paid you, as well as any joint account or other card holders who've made transactions.

Some account providers also give us extra information that we do not ask for or analyse. This can include details on whether you've turned on paperless billing, or the benefits and rewards that come with your account.

Information we already hold

To show your Monzo and non-Monzo account balances and transactions in the app, we also use:

  • your Monzo account balances and any overdrafts or credit limits you have with us; and

  • your Monzo account transaction history (including information about people you've paid or who've paid you).

Information we get when you use the 'Other accounts in Monzo service'

We collect analytics on how you use the service. For example, we check how often you view or refresh information about other accounts you've added.

Your Monzo transactions or transaction data from your other accounts can contain information that data protection laws call 'special category data'.

This is information that could reveal your or someone else's (like the person you share a joint account with):

  • racial or ethnic origin

  • political opinions

  • religious or philosophical beliefs

  • trade union membership

  • information concerning health, sex life or sexual orientation

If your transaction data includes 'special category data', we'll only use it to give you the 'Other accounts in Monzo' service, unless we have a legal duty to use it for another reason.

Our reasons for using your information πŸ”

Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent. In this section we explain which one we rely on to use your data in a certain way.

We need to use your data for a contract we have with you, or to enter into a contract with you

With your permission, we access specific details about accounts you hold with other banks so that we can show this information to you in the Monzo app. If you don't give us consent to access an account, we can't give you the service.

We'll also use details about other accounts you've added to the Monzo app to support you if you contact our customer support team.

We need to use your data to comply with the law

We may need to use your balance and transaction data from other accounts to investigate and fix complaints.

When it's in our 'legitimate interest'

We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third party's) interest and which doesn't involve overriding your privacy rights.

We may use your balance and transaction data from other accounts, together with other details we hold about you, to:

  • improve the 'Other accounts in Monzo' service. For example, we'll analyse aggregated data to understand what additional insights we could give other customers about their finances as part of the service;

  • develop our business strategy using aggregated data about how customers use Monzo, other accounts and engage with the 'Other accounts in Monzo' service. This helps us make sure we develop the right products and make the right business decisions to make sure Monzo is successful;

  • investigate suspected criminal activity to help keep our customers and Monzo safe, and to meet our legal obligations. We may share your information with law enforcement if authorised by law; and

  • to store backup copies in case we face a legal claim about the information.

Who we share your data with 🀝

Companies that give services to us

Here we mean companies that help us provide the 'Other accounts in Monzo' service and need to process details about you for this reason. We share as little information as we can and encrypt and/or make it impossible for you to be identified where possible (for example, by using a User ID instead of your name).

Companies that give services to us for 'Other accounts in Monzo' are:

  • cloud computing power and storage providers;

  • our business intelligence and analytics platform provider;

  • companies that help us with functional analytics (for example, to help us solve technical problems with the app); and

  • companies that help us with customer support.

Law enforcement and other external parties

We may share your details with:

  • authorities that spot and stop financial crime, money laundering, terrorism and tax evasion if the law says we have to, or if it's necessary for other reasons;

  • the police, courts or dispute resolution bodies if we have to;

  • other banks, to help trace money if you're a victim of fraud or other crimes, or if there's a dispute about a payment; and

  • any other third parties where necessary to meet our legal obligations.

Other Monzo Group companies

We may share details about you with Monzo Inc for lawful reasons if you open a US Monzo account (this is only available to US residents).

We may share your details with people or companies if we change the structure of our group of companies, merge with another company, or get bought by another company.

How long we keep your information πŸ“

We hold the information we get about non-Monzo accounts you've added to the 'Other Accounts in Monzo' service on live systems until you cancel Monzo Plus or Monzo Premium, or remove all your non-Monzo accounts.

Open Banking

The information we hold about you, and how we use it πŸ‘€

Information we get from other banks

When you give us consent to access details about accounts you hold with other banks so we can make lending decisions, we collect:

  • full legal name of any account holders and status (open/closed);

  • your account number, sort code;

  • your account balance; and

  • details of transfers in the last 13 calendar months. This includes transaction amounts, currencies, exchange rates, merchants and information about people who've paid you.

Our reasons for using your information πŸ”

Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent.

With your permission, we access specific details about accounts you hold with other banks to help us make lending decisions. If you don't give us consent to access an account, we may not be able to offer you the service.

We need to use your data for a contract we have with you, or to enter into a contract with you

We use details about you to:

  • consider your application;

  • give you the services we agreed to in line with our terms and conditions; and

  • exercise our rights under contracts we've entered into with you, like managing, collecting and recovering money you owe us.

We need to use your data to comply with the law

We may need to use your transaction data from other accounts to investigate and fix complaints.

When it's in our 'legitimate interest'

We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third party's) interest and which doesn't involve overriding your privacy rights.

We may use your balance and transaction data from other accounts together with other details we hold about you to:

  • improve our decision making

  • develop our business strategy, using aggregated data about how customers use Monzo and engage with the Open Banking service. This helps us make sure we make the right products and decisions to make sure Monzo is successful; and

  • to store backup copies in case we face a legal claim about the information.

Who we share your data with 🀝

Companies that give services to us

Here we mean companies that help us provide the Open Banking service and need to process details about you for this reason. We share as little information as we can and encrypt and/or make it difficult for you to be identified where possible (for example, by using a User ID instead of your name).

Companies that give services to us for Open Banking in Monzo are:

  • cloud computing power and storage providers;

  • our business intelligence and analytics platform provider;

  • companies that help us with functional analytics (for example, to help us solve technical problems with the app); and

  • companies that help us with customer support.

Law enforcement and other external parties

We may share your details with:

  • authorities that spot and stop financial crime, money laundering, terrorism and tax evasion if the law says we have to, or if it's necessary for other reasons;

  • the police, courts or dispute resolution bodies if we have to;

  • other banks to help trace money if you're a victim of fraud or other crimes or if there's a dispute about a payment; and

  • any other third parties where necessary to meet our legal obligations.

Other Monzo Group companies

We may share details about you with Monzo Inc for lawful reasons if you open a US Monzo account (this is only available to US residents).

We may share your details with people or companies if we change the structure of our group of companies, merge with another company, or get bought by another company.

How long we keep your information πŸ“

We consider the information we get about non-Monzo accounts you've connected with valid for 30 days. After that we'll keep a backup copy for 6 years in case we need to respond to a legal claim. In some circumstances, like cases of anti-money laundering or fraud, we may keep data longer if we need to (that's in our legitimate interest) and/or the law says we have to.

Investments

The information we hold about you, and how we use it πŸ‘€

Information you give us when you sign up for Monzo Investments

When you're signing up for Monzo Investments, you give us:

  • personal details like your name, date and place of birth;

  • contact details like your home address (and previous addresses), email and phone number;

  • information about your right to live in the UK and your tax residency, including your National Insurance number;

  • financial details, such as your employment status and the industry you work in, annual income, residential status and monthly housing costs;

  • details about your financial circumstances and about your spending and savings habits;

  • additional details you give us which we pass to our partners to set up your investment account;

  • information you give us through in-app chat and emails; and

  • answers you give to surveys about Monzo and our services.

You should make sure you read how our partners use your data too - you can find this in the terms and conditions for their services, which we'll give you when you sign up.

Information we collect or generate when you use the app and our services

We collect information about how you use the app to help improve features. This includes:

  • details about payments to and from your Monzo account, your investment activity, your savings and investing activity (using Pots) and any overdrafts, loans or Monzo Flex offers you use;

  • details about services from us and our partners that you show interest in;

  • details about how you use our app; and

  • all the countries you're a tax resident in and your Tax Identification Number for each one; and

  • crash analytics.

Information we collect from your phone

We collect this information to keep your data safe and to improve features for you. This includes your:

  • mobile network and operating system, so we can analyse how our app works and fix any problems;

  • IP address and device ID (we'll link your mobile number with your device);

  • mobile advertising ID, so we can share it with companies that help us with advertising online (you can reset this ID or limit tracking in your phone 'Settings');

  • location if you've authorised tracking, so we can help protect you against fraud; and

  • phone contacts who use Monzo, if you activate Profile Discoverability, and they do too (we don't store your full contact list).

Information you give us when you get in touch

If you contact us another way (not using in-app chat), for us to help you, we collect the following information so we can help:

  • the phone number you're calling from and information you give us during the call, including any information in relation to transactions in investments, if you use Monzo's investment services (we record all calls);

  • the email address you use and the contents of your email (and any attachments); and

  • public details from your social media profile (like Facebook, Instagram or Twitter) if you reach out to us via these platforms, and the contents of your messages or posts to us.

Information we get from external sources

When you sign up for a Monzo account, we search your record at:

  • credit reference agencies to verify your identity, check if we can offer you an overdraft and manage business risk (this is a 'soft search' and won't impact your credit score); and

  • fraud prevention agencies, KYC (Know Your Customer) and AML (Anti Money Laundering) service providers to fulfil our legal duties.

For more information about data we collect from and share with credit reference agencies, see 'Who we share your data with'.

We may also collect information about you from public sources for AML reasons or market research.

This includes:

  • official public records, like the Electoral Register or Companies' House; and

  • information published by the press or on social media.

Our reasons for using your information πŸ”

Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent.

Consent

  • To keep you up to date with the Monzo platform, including waiting lists.

We need to use your data for a contract we have with you, or to enter into a contract with you.

We use details about you to:

  • consider your application;

  • give you the services we agreed to in line with our terms and conditions; and

  • exercise our rights under contracts we've entered into with you, like managing, collecting and recovering money you owe us.

We need to use your data to comply with the law.

  • confirm your identity when you sign up or get in touch;

  • check your record at immigration and fraud prevention agencies;

  • prevent illegal activities like money laundering, tax evasion and fraud;

  • check your credit history and ask about your reasons for applying for an investment account and make appropriate investing decisions;

  • keep records of information we hold about you in line with legal requirements;

  • adhere to laws and regulations for banking and investments (these mean we sometimes need to share customer details with regulators, tax authorities, law enforcement or other third parties); and

  • compare information we hold about your account with your tax residency information to make sure we don't have a reason to doubt it.

We may also need to use your investing data to investigate and resolve complaints.

When it's in our 'legitimate interest'.

We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third party's) interest and which doesn't involve overriding your privacy rights.

We may use your balance and transaction data from other accounts together with other details we hold about you to:

  • improve our decision making. For example, we'll analyse data to make improvements to the decisions we make;

  • develop our business strategy, using aggregated data about how customers use Monzo, and engage with the Investment service. This helps us make sure we develop the right products and make the right business decisions to make sure Monzo is successful; and

  • to store backup copies in case we face a legal claim about the information.

Who we share your data with 🀝

Companies that give services to us

Here we mean companies that help us provide investment services to you that need to process details about you for this reason. We share as little information as we can and encrypt and/or make it difficult for you to be identified where possible (for example by using a user ID instead of your name).

Companies that give services to us for Investments in Monzo are:

  • our investment services partner who provides certain services to Monzo and you in connection with our investments offering;

  • our fund manager;

  • cloud computing power and storage providers;

  • companies that help us with functional analytics (for example, to help us solve technical issues with the app); and

  • companies that help us with customer support.

Law enforcement and other external parties

We may share your details with:

  • authorities that spot and stop financial crime, money laundering, terrorism and tax evasion if the law says we have to, or if it's necessary for other reasons;

  • the police, courts or dispute resolution bodies if we have to;

  • other banks to help trace money if you're a victim of fraud or other crimes or if there's a dispute about a payment; and

  • any other third parties where necessary to meet our legal obligations.

Other Monzo Group companies

We may share details about you with Monzo Inc for lawful reasons.

We may also share your details with people or companies if there's a corporate restructure, merger, acquisition or takeover.

How long we keep your information πŸ“

We will keep information about your investments and how you've interacted with them for a minimum of 6 years after your relationship has ended with Monzo, in case we need to respond to a legal claim. In some circumstances, like cases of anti-money laundering or fraud, we may keep data longer if we need to (that's in our legitimate interest) and/or the law says we have to.

Non-Monzo customers

The information we hold about you, and how we use it πŸ‘€

Information you give us through monzo.me

When you pay a Monzo customer through monzo.me, we collect your:

  • name

  • email address

  • payment card details

  • reference message (if you send one with the payment transaction)

Information we collect when you start signing up for an account on our website

  • name

  • email address

Information we collect for product development and marketing

We don't sell any of your information.

When you begin sign-up with us, we may:

  • share hashed versions of your email address with social media companies to show relevant ads to you and people like you

  • use limited information you share with us, including your email address, to create lookalike audiences by sharing hashed versions of this data with social media companies

Our reasons for using your information πŸ”

Data protection laws say we need to have a lawful basis for using your personal data. At least one of the following must apply: contractual or legal duty, legitimate interest, public interest, vital individual interest or consent.

We need to use your data to comply with the law/contract

We need to use your payment card details to help pay the Monzo customer.

When it's in our 'legitimate interest'

We need to use your data for our legitimate interests, or those of a third party. This means using data in a way that you might expect us to, for a reason which is in your and/or our (or a third party's) interest and which doesn't involve overriding your privacy rights.

We use your email address data to:

  • send you a receipt of your payment

  • analyse how you use monzo.me and if you go on to become a Monzo customer

  • start our account sign-up process

  • send you an email to follow up on incomplete sign-up

  • show you and people like you Monzo ads on social media platforms if you have started the sign-up processcreate lookalike audiences based on hashed email information that you share with us via our website

Who we share your data with 🀝

Companies that give services to us

Here we mean companies that help us provide services you use and need to process details about you for this reason. We share as little information as we can and encrypt and/or make it impossible for you to be identified by the recipient where possible (for example, by using a User ID rather than your name).

  • cloud computing power, storage and software providers;

  • our business intelligence and analytics platform provider;

  • companies that help us with functional analytics (to help us solve technical problems with the app, for example);

  • software companies that we use for emailing you, or for processing and storing email communications with you;

  • companies that help us with customer support if you reached out to Monzo; and

  • companies that help us with fraud prevention.

Social media companies

We may share hashed versions of the email address you give us limited identifying information about you with social media companies, other communication platforms, and analytics and search engine providers, including your mobile advertising ID and hashed versions of the email address and phone number you give us.

Other Monzo Group companies

We may share details about you with Monzo Inc for lawful reasons if you open a US Monzo account (this is only available to US residents).

We may share your details with people or companies if we change the structure of our group of companies,Β  merge with another company, or get bought by another company.

How long we keep your information πŸ“

We'll keep your information for 6 years in case we need to respond to a legal claim. In some circumstances, like cases of anti-money laundering or fraud, we may keep data longer if we need to (that's in our legitimate interest) and/or the law says we have to.

To work out how long we keep different categories of data, we consider why we hold it, how sensitive it is, how long the law says we need to keep it for, and what the risks are.