State Bank of India (UK) Limited ("We") respects your privacy and is committed to protecting the privacy of our website visitors and service users.

This Privacy Policy will inform you as to how we look after any personal information and tell you about your privacy rights and how the law protects you.

This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

By submitting your information to this website (the Site) whether during the registration process or when posting your own content or otherwise using our on-line services, you are consenting to the processing of your information by us in accordance with this Policy.

The content or services mentioned on our Site may be changed in the future and consequently this Privacy Policy may also change. Any changes we may make to this Privacy Policy in the future will be posted on this page and where appropriate, notified to you by email. We recommend that you re-visit this page regularly to see any updates or changes to our Privacy Policy.

This Policy is set out in a layered format with the below headings.

1. IMPORTANT INFORMATION AND WHO WE ARE

Purpose of this Privacy Policy

1.1 This Privacy Policy aims to give you information on how State Bank of India (UK) Limited (SBIUK) collects and processes your personal data through your use of this Site, including any data you may provide when you register to use our services.

1.2 This Site is not intended for children.

1.3 It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

Controller

1.4 State Bank of India (UK) Limited (SBIUK) registered in England and Wales with company number 10436460 and registered office at 15 King Street, London, EC2V 8EA is the data controller for purposes of the personal information you have provided to us or we have collected from you. SBIUK is responsible for this Site.

1.5 SBIUK is part of the State Bank of India group of companies (SBI Group), which means our branches, subsidiaries, our ultimate holding company and its subsidiaries made up of different legal entities, Details of the SBI Group can be found here https://www.sbiuk.com/footer/about-sbi/about-us . Our information may be stored on a SBI Group database and may be used by us and any SBI Group company for the purposes set out in this Privacy Policy. Please refer to section 7 of this Privacy Policy for further details in relation to international transfers of data between the SBI Group.

1.6 We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

State Bank of India (UK) Limited
Data Protection Officer
15-17 King Street, London
EC2V 8EA
Or please email at customerservices.sbiuk@statebank.com marking the correspondence for the attention of the Data Protection Officer.

1.7 You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

This Site and third-party links

1.8 This Site may include links to third-party websites, advertisers and affiliates, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and we do not accept any responsibility or liability for these policies. When you leave our Site, we encourage you to read the Privacy Policy of every website you visit before you submit any personal information to these websites.

Your duty to inform us of changes

1.9 It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

2. INFORMATION WE MAY COLLECT FROM YOU

2.1 In this section 2 we set out, the different types of personal information we may collection from you.

2.2 We may collect, use, store and transfer different types (but not limited to) of personal information about you or that you provide to us about others associated with you (such as dependents, other family members and a joint Account holder) which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identity identifiers (including reference numbers we have allocated to identify you) marital status, title, date of birth and gender and job title.
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Enquiry Data – includes Identity, Contact and Financial Data contained in any enquiry you submit to us regarding services and products.
  • Financial Data includes bank accounts details, payment card details, salary and other income and assets details.
  • Regulatory Data includes personal data involving credit and identification checking and validation, money-laundering checks and information about criminal convictions and offences
  • Transaction Data includes details about payments to and from you and other details of services and products we provide to you such as the date, amount, currency and the name and type of supplier (for example, supermarket services, medical services, transactions in assets, retail services) and from the payments which are made to and from your Accounts with us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Site and the online services provided by us.
  • Profile Data includes your username and password, transactions made by you, your interests and preferences.
  • Usage Data includes information about how you use our Site and services, including but not limited to, traffic data, location data, web logs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Correspondence Data includes all of the above category groups of personal data which are contained in or relating to any communication with you (including telephone conversations whereby we will notify you if such conversations are recorded), which may also include the communication content and metadata associated with the communication.

2.3 We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.

2.4 Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

2.5 For Children's accounts: Privacy Policy applies to both the child and the trustee/ registered contact. Further details about how your personal data will be used are included in the relevant parts of this Policy.

3. HOW IS YOUR PERSONAL DATA COLLECTED

3.1 In this section 3, we set out how your personal data may be collection and the methods of such collection.

3.2 In order to provide you with bank accounts and other products and services we need to collect, use, share and store personal information about you and your transactions ("Your Information"). Personal data includes any information that directly or indirectly identifies you, including your, any photograph that we take of you, together with any signature we get from you for our account-opening process for the purpose of checking your identity or to provide products and services to you. Personal data does not include data where the identity has been removed (anonymous data).

3.3 We use different methods to collect data from and about you including through:

  • Direct interactions with you when:

    • you give us information during your application process for our services, including information you give us by filling in any forms on our Site and using our Site
    • you correspond with us e.g. emails, telephone calls, letters and conversations held with colleagues at our premises
  • Receiving information about you from third parties or publicly available sources such as:

    • information received by us from third parties, such as employers, joint Account holders, credit reference agencies, fraud prevention agencies or other organisations when you apply for an account with us or for any of our other products or services, or which you or they give to us at any other time
    • information received by third parties associated with you
    • information about you from publicly available sources such as social media sites and Government registers.
    • information that you provide us with on social media webpages we maintain including (but not limited to) Twitter, LinkedIn and YouTube
  • Automated technologies or interactions - As you interact with our Site, we may automatically collect technical data about your equipment, browsing actions and patterns. We may collect this personal data by using cookies, and other similar technologies. Please refer to section 11 (Cookies) for further details.
  • Analysis and management of your accounts and services for you – information we learn from the way in which your accounts with us are administered and managed, from the transactions made such as the date, amount, currency and the name and type of supplier (for example, supermarket services, medical services, transactions in assets, retail services) and from the payments which are made to and from your accounts with us.

3.4 Where you provide personal and financial information to us about others (such as dependents, other family members and a joint account holder) you confirm that you have their consent or are otherwise entitled to provide this information to us and for it to be used in accordance with this Privacy Policy.

4. HOW WE USE YOUR PERSONAL DATA

4.1 We have set out below, in a table format, a description of the ways we and other companies in the SBI Group will use Your Information, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

4.2 Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

4.3 In order to process and use your personal information, we generally rely on the following legal bases:

  • processing is necessary for the performance of the services and products we provide to you; or
  • processing is necessary for the purposes of the legitimate business interests pursued by SBI Group; or
  • you have given explicit consent to the processing of your personal information for one or more specified purposes.

4.4 We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target by displaying their advertisement to that target audience.

4.5 If you contact us on 0800 532 532 (24/7) when using any of our services, we will verify your identity by asking you a number of questions based on information known to us about you. We will let you know if we record your telephone conversation with us.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer including but not limited to process your application for and set up your accounts and to process your application to use our on-line services Identity Data
Enquiry Data
Contact Data
Financial Data
Profile Data
Correspondence Data
  • Performance of services and products we provide to you (or steps taken on your request prior to entering into a contract for the performance of services)
  • Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Site updated and relevant, to develop and run our business)
To verify your identity and make financial risk assessments including anti-money laundering checks and for crime and fraud prevention purposes. Identity Data
Contact Data
Enquiry Data
Regulatory Data
Financial Data
  • Performance of services and products we provide to you (or steps taken on your request prior to entering into a contract for the performance of services)
  • Necessary to comply with a legal obligation
  • (b) Necessary for our legitimate interests (for running our business, to ensure security, to prevent fraud, to meet our regulatory compliance and reporting obligations)

To deliver the services to you including:

  • to manage your accounts.
  • to give you statements and to provide you with services available through our Site including managing your accounts on- line.
  • to carry out our obligations in respect of the provision of your accounts and the provision of our on-line services.
  • to manage payments, fees and charges
  • to collect and recover money owed to us or to you
  • to provide content in line with your preferences
Identity Data
Enquiry Data
Contact Data
Transaction Data
Financial Data
Profile Data
Correspondence Data
Marketing and Communications Data
  • Performance of services and products we provide to you
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (for running our business, to ensure security, to meet our regulatory compliance and reporting obligations, to recover debts due to us)
  • Consent (to provide content and notifications in line with your preferences)

To manage develop and improve our relationship with you which will include:

  • notifying you about changes to our terms or privacy policy or our services
  • providing you with professional assistance as required
  • developing and improving our services to you
Identity Data
Enquiry Data Contact Data
Transaction Data
Financial Data
Profile Data
Correspondence Data
Marketing and Communications Data
  • Performance of a contract with you
  • Necessary to comply with a legal obligation
To administer and protect our business and this Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) Identity Data
Contact Data
Technical Data
Profile Data
Usage Data
  • Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
  • Necessary to comply with a legal obligation
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences Identity Data
Contact Data
Technical Data
Profile Data
Usage Data
Financial Data
Marketing and Communications Data
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Site updated and relevant, to develop our business and to inform our marketing strategy)
To enable us to carry out assessment and analysis (including credit and/or behaviour scoring, market and product analysis) Identity Data
Contact Data
Technical Data
Profile Data
Usage Data
Financial Data
Marketing and Communications Data
  • Performance of services and products we provide to you
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (for running the business, to define types of customers for our products and services, to develop our business and to inform our marketing strategy)
To enforce any of our rights against you Identity Data
Contact Data
Technical Data
Financial Data Correspondence Data
Regulatory Data
  • Performance of services and products we provide to you
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (for running the business, to meet our regulatory compliance and reporting obligations, to recover debts due to us)
To meet our regulatory compliance and reporting obligations including to prevent and detect fraud, money laundering and other crime and carry regulatory checks Identity Data
Contact Data
Technical Data
Financial Data Correspondence Data
Regulatory Data
  • Necessary to comply with a legal obligation
  • Necessary for our legitimate interests (for running the business, to meet our regulatory compliance and reporting obligations)
To provide you or permit selected third parties to provide you with information, products or services that you request from us or which we or they consider may be of interest to you, where you have consented to be contacted for such purposes. Identity Data
Contact Data
Marketing and Communications Data
  • Consent (to provide content and notifications in line with your preferences)

4.6 Any further uses of your information in future - If we determine that your personal data is to be used for a purpose not already notified to you we will provide you with further information prior to processing for that new purpose. We will tell you in writing about any changes and allow you 30 calendar days to raise any objections before we make any change. If you have not given your permission for the change to be made, please be aware that it may affect the services we can provide to you and in some instances we may need to close your account (or accounts).

5. USE OF YOUR INFORMATION FOR MARKETING

5.1 We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:

Promotional offers from us

5.2 We may use your Identity, Contact, Technical, Usage, Profile Data and Marketing and Communications Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

5.3 You will receive marketing communications from us if you have requested information from us or requested services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.

Opting-out

5.4 You can ask us or third parties to stop sending you marketing messages at any time by logging into the relevant website and checking or unchecking relevant boxes to adjust your marketing preferences, by selecting the unsubscribe options in email correspondence received, by following the opt-out links on any marketing message sent to you or by contacting us at any time.

5.5 Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service request, warranty registration, product/service experience or other transactions.

Third-party marketing

5.6 We will get your express opt-in consent before we share your personal data with any company outside the SBI Group of companies for marketing purposes.

6. DISCLOSURES OF YOUR PERSONAL DATA

6.1 We may share Your Information with:

  • any member of our Group, which means our subsidiaries, our ultimate holding company and its subsidiaries, insofar as is reasonably necessary for the purposes set out in this Policy
  • any prospective buyer of our business or assets, or any prospective seller of another business or business assets that we are interested in buying and we will ensure that the prospective seller or buyer treats Your Information as confidential.
  • our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance cover, managing risks, obtaining advice and managing legal disputes.
  • Our business partners, suppliers and sub-contractors and professional for the performance of any contract we enter into with them or you;
  • analytics and search engine providers that assist us in the improvement and optimisation of our Site;
  • third parties we use to process Your Information on our behalf, for example, third parties used to host the Site and to maintain our IT systems. Where we use third parties to process Your Information on our behalf we will ensure that they have provided appropriate safeguards required in relation to Your Information;
  • credit reference agencies for the purpose of to verifying your identity and suitability for an account and assessing your credit score where this is a condition of us entering into a contract with you (further details explaining how the personal data held by credit reference agencies may be used can be found at https://www.sbiuk.com/personal-banking/personal/credit-reference);
  • fraud detection and prevention organisations and law enforcement agencies for debt tracing and recovery, fraud and money laundering prevention purposes, making credit assessments and decisions about credit related services to enable us to manage and take decisions about your accounts (further details explaining how the personal data held by fraud detection and prevention agencies may be used can be found at https://www.sbiuk.com/personal-banking/personal/credit-reference);
  • identity and address verification agencies who may record and use Your Information and disclose it to other organisations for debt tracing, fraud and money laundering prevention purposes (further details can be found at https://www.sbiuk.com/personal-banking/personal/credit-reference);
  • HM Revenue & Customs;
  • UK and overseas financial regulators to meet our regulatory, compliance and reporting obligations;
  • external auditors and accountants as required to our regulatory, compliance and reporting obligations; and
  • other financial service organisations (lenders and operators of card schemes) both within the UK and abroad
  • other third parties if we are under a duty to disclose or share Your Information in order to comply with any legal or regulatory obligation, or as part of legal proceedings, or in order to enforce any of our rights against you under your contract with us or to protect the property, safety or vital interests of SBIUK, or of another natural person.
  • to other parties connected to your account i.e. joint accounts.
  • your advisers (including but not limited to accountants, lawyers or other professional advisors) where authorised by you
  • to carefully selected third parties for marketing purposes when you have consented to be contacted for such purposes
  • providers of Approved Third Party Service as set out in our General Terms and Conditions

6.2 Information held about you by the credit reference agencies may already be linked to records relating to your partner or members of your household where a financial "association" has been created. Any enquiry we make at a credit reference agency may be assessed with reference to any associated records. Another person’s record will be associated with yours when (i) you make a joint application, (ii) you advise us of a financial association with another person, or (iii) if the credit reference agencies have existing linked or "associate" records. This "association" will be taken into account in all future applications by either or both of you and shall continue until one of you applies to the credit reference agencies and is successful in filing a "disassociation".

6.3 Credit reference agencies keep a record of our enquiries and may record, use and give out information we give them to other financial institutions, insurers and other organisations. If false or inaccurate information is provided or fraud is suspected details may be passed to fraud prevention and credit reference agencies. Law enforcement agencies may access and use this information. The information recorded by fraud prevention agencies may be accessed and used by organisations in a number of countries including the UK. We can provide the names and addresses of the credit reference and fraud prevention agencies we use if you would like a copy of Your Information held by them. Please contact us at The Retail Credit Department, State Bank of India (UK) Limited UK, 15 King Street London EC2V 8EA if you want to receive details.

7. STORAGE AND INTERNATIONAL TRANSFERS

7.1 In this Section 7, we provide information about where Your Information may be stored and the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).

7.2 SBIUK’s databases are held by the State Bank of India in India. SBIUK has outsourced the storage of a large part of its customer data to State Bank of India in India. As we share Your Information with State Bank of India in India and the SBI Group, this will involve transferring your data outside the European Economic Area (EEA). We ensure Your Information is protected by requiring all our SBI Group companies to follow the same rules when processing Your Information and provide adequate safeguards by binding corporate rules (agreements governing transfers made between organisations within in a corporate group).

7.3 In connection with providing you our services or to comply with our regulatory and legal obligations, we may be required to send personal information to countries outside the EEA which have not been deemed to have adequate standards of data protection.

7.4 When we do so we aim to perform a risk assessment prior to the transfer and use EU recognised and enforceable specific contracts approved by the European Commission so that your information is protected in line with data protection laws, as applicable in the UK.

7.5 Instances where we will transfer your data outside of the EEA include:

  • processing international payments by international electronic transfer;
  • disclosures to foreign authorities, regulators and law enforcement agencies to reduce financial crime and terrorism;
  • picture based, human verified, identification checks for online account opening; or
  • the information generated by cookies about your use of our web application (including your IP address but no other personal information).

7.6 You acknowledge that personal data that you submit for publication through our Site or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

7.7 Where we process international payments outside the UK at your request, we do so through SWIFT (the international payments system). When we do this Your Information will be processed and stored abroad by other banks or financial institutions involved in completing the payment. Those banks and financial institutions may have to release the information to foreign authorities and other third parties, including those outside the EEA (in which case your personal information may not be protected in line with data protection laws).

7.8 Whenever we transfer Your Information out of the EEA and the contractual relationship is within our control, we aim to ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

8. DATA SECURITY

8.1 We have put in place appropriate security measures to prevent You Information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your Information on our instructions and they are subject to a duty of confidentiality.

8.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8.3 All information you provide to us is stored on our secure servers. Any payment transactions will be similarly secure. Where we have given you (or where you have chosen) a user name, passcode and memorable word which enables you to access certain parts of our Site, you are responsible for keeping this user name, passcode and memorable word confidential. You must not share these with anyone.

8.4 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect Your Information, we cannot guarantee the security of Your Information transmitted to our Site; any transmission is at your own risk. Once we have received Your Information, we will use strict procedures and security features to try to prevent unauthorised access.

8.5 If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

9. DATA RETENTION

9.1 We will keep your personal information while you have an account with us or we are providing products and/or services to you. At the end of your relationship with us (for example, if you decide to close your account) we will only retain your personal information for as long as necessary to:

  • fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements;
  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that we treated you fairly; and
  • to keep records required by law

9.2 Different retention periods apply for different types of personal information. Further details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us.

9.3 Generally to determine the appropriate retention period for the types of personal data we process, including Contact Data, Enquiry Data, Profile Data and Correspondence Data, Marketing and Communications Data, Financial and Transaction Data and Usage Data,we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. The period of retention also may be dependent on whether the retention is necessary for compliance with any legal, accounting, or reporting obligations to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. When it is no longer necessary to retain your personal information, we will delete or anonymise it.

9.4 In some circumstances you can ask us to delete your data: see Request erasure below for further information.

9.5 In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

10. YOUR RIGHTS

10.1 Under certain circumstances, you have rights under data protection laws in relation to your personal data.

10.2 You have the right to:

  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to exercise any of the rights set out above, please send your requests to the Data Protection Officer at State Bank of India (UK) Limited, 15-17 King Street, London, EC2V 8EA or email at customerservices.sbiuk@statebank.com marking it for the attention of the Data Protection Officer

No fee usually required

10.4 You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

What we may need from you

10.5 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

STATE BANK OF INDIA (UK) LIMITED

Effective from 25 May 2018

Branch locator

International network