Skip to main content

1. Introduction

As a personal or business banking customer, we take your privacy seriously. Here, you can learn more about your data protection rights and how we collect, use, share and store your personal info.

That includes info we already hold about you now and further personal info we might collect about you, either from you or someone else. How we use your personal info depends on the accounts and relationship you have with us.

Our Data Protection Officer (DPO) provides help and guidance to make sure we protect your personal info and we use it in the right way. If you have any questions, you can contact our DPO (see section 13 “Getting in touch”)

This Privacy Notice will replace any previous notice we’ve given you. If we make any important changes to it we’ll get in touch to let you know.

2. About the Virgin Money UK PLC Group

When we say ‘Group’ we mean Virgin Money UK PLC, Clydesdale Bank PLC, each subsidiary or holding company of Virgin Money UK PLC. You can find out more about the companies within the Group in the Legal and Privacy section here.

The following are the ‘data controllers’ within the Group that collect and use personal info. When we say ‘we’ or ‘us’ in this notice we are referring to:

  • Clydesdale Bank PLC
  • CYB Intermediaries Limited
  • CGF No 9 Limited
  • Clydesdale Bank Asset Finance Ltd
  • Clydesdale Covered Bonds No 2 LLP
  • Virgin Money UK PLC
  • CYB Investments Ltd
  • Virgin Money PLC
  • Virgin Money Unit Trust Managers Ltd
  • Virgin Money Personal Financial Service Ltd
  • Virgin Money Holdings (UK) PLC
  • Yorkshire Bank Home Loans Ltd

3. What info we will keep

By ‘info’, we mean all the personal and financial details we collect, use, share and store. The info we keep will change depending on the account and relationship you have with us. It can include but isn’t limited to:

  • Info about your identity and contact details (like your name, date of birth, home address, phone number, email address, current and previous countries of residence/citizenship, a copy of identification documents like passport or driving licence, for example – and info we need to check your identity).
  • Unique identifiers and reference numbers that we or others have allocated to you (like Companies House references, account numbers, online usernames, and your National Insurance number).
  • Your financial and payment info, including details of your income and how you spend it (if relevant), business accounting info, credit history info, bank details and transactions with us and others.
  • Info about you from resources, organisations, and regulatory bodies (like Financial Conduct Authority, Business Banking Resolution Service or Companies House).
  • Info about people you’re financially linked to (like your husband/wife/partner or financial associates) or who have an interest in or association with any of your accounts. (For example, an additional cardholder or where you’ve opened an account for a child).
  • How you access and use our website or other digital services (like your IP address, location and the device and software being used).
  • The profile info we create by analysing you, your business, and your behaviour. This could be through the way you use your account and from other sources – including info we get using artificial intelligence to look at combined data sets.
  • Your permission to share info from third parties.
  • Info that the law sees as being in a special category because it’s sensitive to you. We can only collect and use this info if you’ve given us permission, or it’s allowed by law. This sort of info includes:
    • Race or ethnicity.
    • Religious or philosophical beliefs.
    • Trade union membership.
    • Genetic and bio-metric data.
    • Health info and data (needed for some insurance products and to protect vulnerable customers).
    • Criminal convictions and offences (needed for lending decisions, preventing fraud, anti-money laundering and to meet our legal duties).

In section 6, there’s more on how we use this info.

Sometimes, we ask for your info as we need it to provide the product or service you’ve asked for or to do something the law requires us to do (like check you are who you say you are). Without that info we’ll not be able to provide some products or services requested.

For Credit Card Accounts, Loan Products and Mortgage Products, we need info on your finances. This includes:

  • Your income, how much you spend, accounts info, assets and liabilities, credit history and credit scoring, employment info, any criminal prosecutions and details of bankruptcy or County Court Judgements.

To provide Financial Management Services and products that include Travel Insurance, we may need to use any health info, which we will ask for.

4. Where we get the info from

We collect info directly from you and others.

We get info:

  • Directly from you – for example, in applications, emails, letters, phone calls and conversations in Store (including info given by someone else, like an employer, financial adviser or accountant).
  • Through you attending events in our Stores, entries into our competitions, surveys, promotions, and conversations with us on social media.
  • By looking at how you use our products and services, or those of other members of our Group. For example, from transactions and how you manage your accounts and services. This includes the use of artificial intelligence or machine learning to analyse aggregated/combined datasets, to make forecasts/projections of earnings and cash flow and improving a service or systems in terms of machine learning or analytics cookie use. Info will be used for the development and deployment of the machine learning.
  • From the type of device you're using and the list of installed apps you have on your device.
  • From others who know you – including joint account holders and people you’re linked to financially.
  • By looking at how you interact when using your device. This could be the use of your keyboard, mouse and/or the way you hold your device – this is called “Behavioural Biometrics”.
  • From your use of our websites or installed applications, including through cookies that collect info about your internet use.
  • From recorded images (like CCTV in our Stores) and calls. We’ll record or monitor phone calls with you for regulatory purposes and training, to improve our service, to make sure our colleagues and customers are safe and to sort out any issues. We also use CCTV on our premises for the safety and security of everyone.
  • From other third parties who you have chosen to connect to your Virgin Money credit card app (e.g. Virgin Red).
  • From anyone else with your permission, e.g. when you link an account from another financial service provider, or link Virgin Red to a Virgin Money app.
  • Credit reference agencies (like Experian) and fraud prevention agencies (for example, CIFAS).
  • Payment card networks, like Mastercard.
  • Price comparison websites.
  • Retailers.
  • Insurance companies.
  • Advertisers, Social media networks and companies that do market research and look at stats and analyse your behaviour (like Google and Facebook).
  • The Government and their agencies – for example, HM Revenue & Customs, Financial Conduct Authority, Business Banking Resolution Service, The British Business Bank and Companies House.
  • Public records (like the electoral roll) and other public sources, including internet searches.
  • Other companies that provide a service to us – for example, surveyors and lawyers.
  • Marketing Services Providers – these are companies that collect personal data from a number of sources for the purposes of creating profiles of customer groups.
  • Other third parties who are allowed to share info with us.
  • Other third parties who you have chosen to connect via a Virgin Money app (e.g. Virgin Red)
  • Anyone else with your permission, e.g. when you link an account from another financial service provider via Open Banking, or link Virgin Red to a Virgin Money app.

We’ll also look at and combine the info collected (sometimes automatically) to understand how you use your account and our services. It also helps us understand what you may like and do. We may create a profile of you to help us predict your financial behaviour and what you prefer before offering services to you (‘profile info’).

Some of our products and services need you to allow third parties to share info with us. This may be combined with other info we hold and have analysed so we can provide that product or service. Please check out section 5 “Why we need the info and what we use it for” for more details.

5. Why we need the info and what we use it for

Data Protection law means we need to have one or more of the following reasons for using your info:

  1. ‘Contract performance’ – where we’ll use your info to provide you with your account, product or service (for example, we’ll use your name and address to post an account statement to you).
  2. ‘Legal obligation’ – this is where we must process your info by law (for example checking you are who you say you are).
  3. ‘Legitimate interest’ – we’re allowed to use your info where, on balance, the benefits are reasonable and not outweighed by your interests or legal rights – for example, we have an interest in knowing what our customers like and don’t like so we can offer better products and services.
  4. ‘Consent’ – sometimes, we may ask you for your consent or permission to use info in a certain way or where the law states we must get your permission. For example, if you agree to us recording something about your health so we can improve the way we communicate with you. Whenever permission is the only reason for us using the info, you have the right to change your mind. To do this, just contact us – head to section 13 to find out how.

Using your info

These are the main ways we'll use your info and the reasons for doing so.

By law, we must review applications and monitor accounts. This helps us tackle threats from terrorists, money-laundering and other financial crimes. We also have a legitimate interest in avoiding losses caused by financial crime like fraud. We may share info with law enforcement agencies and other official bodies or government departments to comply with our legal obligations (like tax and immigration authorities).

We may also check and share info we’ve got about you – like your contact details and financial info – with fraud prevention agencies, credit reference agencies, law enforcement, other government agencies, different banks and regulators. This is to help stop financial crime and terrorism funding. To do that, we’ll use any info you’ve provided, as well as info we’ve got from a third party. We’ll also see how you use our services for more info.

This includes your name, address, date of birth, every country of residence/citizenship, personal identification (which may include passport or driving license number), your IP address and details of any criminal convictions. This might also include info about your location, which helps prevent crime and fraud.

We use your info in this way because it is necessary to perform our contract with you. It is also in our legitimate interest to recover any debts that are owed to us if there isn’t a plan in place to pay it back.

We’ll use your contact details and info we’ve got from seeing how you’ve used our services (including info about your location that we may find from reviewing your accounts). We’ll also use info available within the Group about how you’ve used services from other Group members.

To get a debt paid back, we’ll share info with and receive info from third parties where we have to. This might even include legal proceedings. Examples of third parties include other banks, debt recovery agents, solicitors, credit reference agencies and sheriff officer or bailiff services.

This might also include sharing info about you with a third party who we’ve moved your debt to e.g., securitisation. We’ll tell you who they are and they’ll contact you directly to collect that debt.

The range of products and services we offer, including those from companies outside the Virgin Money UK PLC Group, changes all the time.

We have a legitimate interest in telling you about products, services and any new developments we think may interest you, where we’re allowed to. For some of our marketing, including letting you know about the products and services of other companies, we’ll ask for your permission first.

We don’t want to send on too much info or anything that’s not right for you, so we’ll use the info we already have, particularly profile info, to decide what we talk to you about. This includes telling business customers who meet certain scores that they may be able to apply for Sustainability Linked Loans.

You have the right to tell us at any time if you don’t want us to use your info in this way.

We’ll only get in touch in the ways you’ve said we can. For example, a phone call, text message or post. If you’ve said you don’t want to see any marketing, you won’t. You can opt in or out at any time to marketing by contacting us in the usual way (see section 13 for our contact details).

If you are happy to receive marketing, we want you to see the things that are right for you, at the right time. The best way for us to do this is to use automated processes to create a profile for you for marketing purposes. We do this by using:

  • The info you’ve given us.
  • Details about how you’ve used other products and services you have with us or the Group.
  • Any feedback you’ve given us.
  • Info we’ve got from credit reference agencies (including, but not limited to, those set out in Appendix 1).
  • Info from other companies we’re partnering with (including, but not limited to, those shown in Appendix 3).

We might get info about you from a third party to help us market our products and services to you. But we’ll only do this if you’ve given them permission to share your info with us.

We might also ask you for permission to show marketing from Virgin Red as part of your Virgin Money app, both inside the app and in push notifications.

We may also get your name and address from other companies to help us offer services that are right for you. Our manual or automated processes analyse this info to decide what products and services to offer to you and to prioritise the marketing messages you receive.

We do this by:

  • Working out which products and services you can have.
  • Seeing if they’ll be useful to you.
  • Deciding how likely you are to reply.

We may also get info telling us if you’ve opened or clicked on an email, the type of device you’re using and your general location when you opened the email.

Our service providers will help us with these marketing activities. The partners we give your info to might use it for marketing profiling.

Sometimes we work with other companies to offer you the best products and services. We’ll sometimes share your information with our partners, and get info about you too, to make sure that we give you the best, most relevant offers when we market to you (if you have given permission).

See Appendix 3 for a list of our partners and Appendix 4 for the types of suppliers we use.

We’ll give info to and get info from third party independent financial advisers and mortgage brokers who’ve introduced you to us.

This is so we can provide products and services to you and manage our relationships with those third parties, including paying any fees.

To do this, we’ll use info about the general nature of the products and services, as well as info about the value of those products and services

To provide you with mortgage products and some insurance products, as well as the info already listed above, we’ll need to use extra info about your needs and situation. This is to make sure the products and services are right for you.

For mortgages, this’ll include info about your income and spending, assets and liabilities and your planned retirement age.

For life and critical illness, this’ll include your date of birth, if you smoke or not and details of current policies. Plus, info about how you’ve used other products and services offered by us or other Group members. This will include previous claims under any current policies you have with us, as well as with other providers.

We might share all the info we use with third parties who help us to give the best advice possible. These third parties include credit checking and fraud prevention agencies and our insurance provider partners.

See Appendix 1 for a list of the credit reference and fraud prevention companies we use and Appendix 2 for a list of our insurance provider partners.

We use your info like this because it’s in both of our interests for you to get advice about the right products and services. It’s also so we stick to the rules of our regulators.

We sometimes use computers to make decisions. We do this when:

  • Assessing your eligibility for products and services. We’ll analyse and combine the info collected to create a profile of you to understand the way you use your account (or how we think you might use your account) and our services as well as what you might like and what you might do. We use this to decide whether to offer you certain products and services.
  • Deciding whether to lend money. We use credit scoring to help us make fair, responsible, and consistent decisions about lending money and managing your account(s). We use credit scoring to decide:
    • whether we provide a product or service to you;
    • whether to adjust products or services you have (like increasing or decreasing credit limits or interest rates);
    • to pre-approve future products or services for you;
    • to authorise overdraft limits;
    • to authorise payments from you; and
    • in some cases where we need to recover a debt from you
  • Evaluating your use of bank products and services. For example:
    • The types and volumes of transactions you make.
    • How often you use our digital services.
    • Which products or services you appear to prefer.
    This helps us to create profiles of you which we will use to manage our relationship, including how we communicate with you.
  • Creating a profile of you for marketing purposes (but only where you’re happy to be contacted with marketing). This helps us make sure you get the most relevant info about the products and services that will be the most beneficial to you, at the right time. It also helps us decide how likely you are to respond. To do this, we use:
    • info you give to us;
    • info about the types of retailers where you spend your money
    • details about how you have used other products and services you have with us or the Group;
    • any feedback you have given us;
    • publicly available data from a reputable institution that may give us an insight into economic circumstances that impact you or the area you live in. Example sources included but are not limited to: The Bank of England, The Office of National Statistics and academic institutions or research papers.
    • info we have obtained from credit reference agencies (including, but not limited to, those set out in Appendix 1); and
    • info from other companies we are partnering with (including, but not limited to, those set out in Appendix 3).
  • To assess payments to your account to identify any that look unusual and that are potentially fraudulent. We take into account various elements of the payment like billing address, IP location, issuer country, and velocity checks on how many times the card has been used globally and assign a score to each payment and where the score is above a certain threshold the payment will not be processed.

When we make automated decisions, we look at look at how you’re likely to run your account, using info from a range of sources (see section 4 “Where we collect info from”). Where we make automated decisions you can always ask for a member of the team to review the outcome.

6. What we use special categories of info and criminal info for

Special protection is given to special categories of info and criminal offence info.

We’ll only use special categories of info if we have one or more of the following additional reasons for using your info:

  1. ‘Explicit consent’ – where you have given us explicit consent to use the info.
  2. ‘Vital interests’ – where we need to protect your vital interests e.g. if you have a severe and immediate medical need whilst on our premises.
  3. ‘Public interest’ – where it is in the substantial public interest.

We’ll only use criminal offence info where the law allows us to for example for the purposes of preventing or detecting crime.

Using special categories info

We use the following special categories info for the reasons below:

  • If you apply for a health-related insurance product, we’ll need your info to provide you with services that are right for you.
  • If we identify that you have a health-related vulnerability, we’ll share that in our organisation to the extent needed to protect your interests and offer you services that are suitable for you.
  • If we need to provide you with urgent medical help when you’re on our premises.
  • To make sure you’re treated fairly if you come into financial difficulties because of a vulnerability.

Some of our accounts use facial and other biometric recognition technology to help customers prove their identity when opening accounts. We’ll ask for your permission when setting this up.

By observing how you interact when using your device for example, the use of your keyboard, mouse and/or the way in which you hold your device, this is called “behavioural biometrics”. We also use behavioural biometrics to confirm your identity when you shop online with your debit or credit card. Behavioural biometrics is the use of machine learning to analyse patterns. This helps us stop fraud by making sure the person using the card is who they say they are.

We may ask you about your racial and ethnic background as we need to make sure everything is fair and equal when it comes to the service we offer.

We may use info about criminal proceedings relating to you when deciding to lend money to you, to help us prevent and detect financial crime and to fulfil our legal/regulatory obligations.

Sometimes the transactions in your bank accounts will reveal special categories info (like your political opinions, health status, religious beliefs and trade union membership), depending on payments you make and receive. This info may be processed by us to provide account payment services to you and will not be used for any other purpose.

7. Who we share info with

We treat all the info we hold as confidential. We may share your info with other people or companies, who are also required to keep the info confidential, safe and secure. For example:

  • Companies in the Virgin Money UK PLC Group.
  • Other companies, commercial partners, agents and professionals who offer products, services and admin support to us – for example, our IT Suppliers.
  • The relevant business customer connected to you.
  • Companies, organisations and professionals who also offer you services.
  • Anyone we may transfer our rights and duties under any arrangement to.
  • Anyone else with your permission, including for open banking (which allows you to ask for data to be shared between financial services providers to give you a wider choice of products and services).
  • Anyone else where you have asked us to connect their service via a Virgin Money app (e.g. Virgin Red)

We may also share your details with the following types of organisations:

  • Credit reference agencies.
  • Fraud prevention agencies.
  • UK and overseas regulators, authorities and their service providers (for example, the Financial Conduct Authority, Business Banking Resolution Service, the British Business Bank or Companies House).
  • UK and overseas tax authorities (like HM Revenue & Customs).
  • UK and overseas law enforcement agencies – for example, the National Crime Agency.

How we work with credit reference and fraud prevention agencies

To assess an application for a product or service we’ll perform identity checks on you with one or more credit reference agencies (CRAs). Where you apply for credit, we’ll also perform credit checks on you with the CRAs. We may also make periodic checks with CRAs to manage your account with us.

To do this we’ll pass your information to CRAs and they’ll give us information about you. The information we’ll supply includes information from your application and your financial situation and history. CRAs will also supply us with public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

We’ll continue to exchange info about you with CRAs while you have a relationship with us. We’ll also let them know about any accounts you’ve since paid off. If you don’t pay back your credit in full and on time, CRAs will record the debt. They may also let other organisations know.

When CRAs do a credit search they’ll place a footprint on your credit file that may be seen by other lenders and may affect your ability to borrow from them. If you’re making a joint application, or you tell us that you have a spouse or financial associate, we’ll link your records together, so you should make sure that they know what you’re doing and share this info with them before applying. For joint applications with a spouse or financial associate, CRAs will also link your records together. If you want to break this link, you’ll need to talk directly to the CRAs.

The identities of the CRAs, their role as fraud prevention agencies, the data they hold, the ways in which they use and share info, data retention periods and your data protection rights with the CRAs are explained in more detail in the CRA Information Notice (CRAIN).

You can find out more about CRAs here:

We may also use TransUnion’s services for other reasons not mentioned in the CRA Information Notice (CRAIN). This is to help us with identification, verification and fraud prevention as well as other purposes.

You can learn how your data is used at https://www.transunion.co.uk/legal/privacy-centre/pc-bureau

The CRAs also work as fraud prevention agencies (FPAs). Just so you know, we’re also a member of CIFAS and National Hunter, which are both FPAs.

Before offering you a product or service, we may run some checks with the FPAs to help prevent and detect fraud and money laundering.

We’ll do this by giving FPAs your info, who’ll then give us info about you. This includes details in your application or info from third parties.

If we or an FPA believe you’re a fraud or money laundering risk, we may not offer you a new product or service. We might also stop the product or service you’re already using and share any info we get from a FPA with the CRAs.

A record of any fraud or money laundering risks will be kept by the FPAs. This may mean other companies won’t offer you services, finance or employment.

We and FPAs may also let law enforcement agencies use your info to detect, investigate and stop crime. For more details, please ask a member of staff or visit:

8. Using info outside the UK

We may need to share your info outside the UK and EEA with others. This can include Group companies, service providers, agents, subcontractors and regulatory authorities in countries where data protection laws may not offer the same protection as in the UK and European Economic Area e.g. USA.

For example, if you have a credit or debit card with us, we’ll share what you’ve spent with the payment network e.g. Mastercard, who may use this info worldwide. In these cases, we’ll do everything we can to make sure your info is protected to UK standards.

This could be by only letting transfers take place with countries the EU Commission thinks offer enough protection for your info (an adequacy decision) or, we’ve put our own measures in place to make sure there’s enough security as set out by data protection law.

These measures include having recognised safeguards in place with our commercial partners, like carrying out strict security checks on our overseas partners and suppliers, backed by strong contractual undertakings approved by the relevant regulators like the EU style model clauses or where our commercial partner is a signatory to a recognised and binding code of conduct. For more info about standard contractual clauses as shown by the ICO, check out ico.org.uk and search for ‘International Transfers’.

To learn more about how your info is used in countries outside the EEA, the adequacy decision for that country or the measures we’ve put in place, please get in touch with our Data Protection Officer.

The United Kingdom left the European Union on 31 January 2020. So, we’ll need to transfer your personal info to the UK and other areas outside of the EEA, so you can continue to use our products and services.

Moving your personal data from the EU to the UK will take place based on an adequacy decision by the European Commission in favour of the UK, or on the basis of protections which comply with EU GDPR. We’ll also need to continue to act in line with EU GDPR when we process your personal data.

We’ll continue to keep your data secure, but if you’ve got any questions about how we use your info or your data rights and our obligations as a Data Controller, you can speak to our EU representative. If you want to write, the address is The Data Warehouse at Keizersgracht 482, 1017EG, Amsterdam, Netherlands. You can also email them at helpdesk@tdwico.com.

If you’d like more info, you can contact our Data Protection Officer (see section 13. Getting in touch).

9. How long we hold info

9. How long we hold info

How long we keep your info for depends on what products and services you have with us. Just so you know, we won’t keep it any longer than we need to (see section 5 Why we need the info and what we use it for and section 6 Why we need special categories info and what we use it for).

This means we’ll continue to hold some info for a while after your account has closed or our relationship has ended. For example, where we need to for the regulator, for active or potential legal proceedings, to resolve or defend claims or for making remediation payments.

If you’d like more info, you can contact our Data Protection Officer (see section 13. Getting in touch).

10. Keeping you up to date

We’ll get in touch with you about products and services we are delivering using the contact details you’ve given us. This might be by post, email, text message, social media and notifications on our app or website.

Where you have given us permission to send you marketing, you can cancel it and update your marketing choices in Store, by calling us, via online banking or through the Virgin Money app.

You can also update your contact preferences in Store, by calling us or through the Virgin Money app.

Head to uk.virginmoney.com/contact for all the contact info you’ll need.

11. What you do online

We use cookies to track how you use our website. If you’ve given us permission, we may also use cookies to tailor marketing messages when you’re logged in. For more info about how we use cookies, visit https://uk.virginmoney.com/cookies/.

12. Your Data Protection Rights

The law guarantees you rights about how we use your info.

You can object to how we use your info. When this happens, we have up to one month to get back to you.

We’ll stop using the info unless there’s a good legal reason to do so (we’ll always tell you what that reason is).

Remember, you can stop getting marketing communications at any time. Just get in touch in the usual way to let us know.

You always have the right to ask whether we hold info about you. If we do, you have the right to know:

  • What the info is.
  • Why we’ve got it.
  • The ways it’s used.
  • Who we share it with.
  • How long we keep it for.
  • Whether it’s been used for any automated decision making.

You’re also allowed a free copy of the info. We can give it to you in person, online, over the phone, by email or by post.

We always want the info we have for you to be absolutely spot on (up to date and accurate). If any of it is wrong or out of date, let us know and we’ll fix it.

You can ask us to delete your info if you think we don’t need it anymore. This might be because:

  • It’s not needed for the reason we collected it (see section 5 Why we need the info and what we use it for and section 6 Why we need special categories info and what we use it for).
  • We held and used the info because we had your permission, which you’ve now taken back.
  • You’ve already objected to the way we’re using your info.
  • We’ve been using the info unlawfully.
  • There’s a legal requirement for us to delete the info.

When you ask for info to be deleted, we have up to one month to get back to you. If we don’t go ahead and do it, we’ll tell you why.

You have the right to get some of the info you gave us in a machine-readable format.

In certain situations, you can block or limit the use of info by us. This may happen where:

  • You’ve challenged the accuracy of the info is and we’re checking it.
  • You’ve objected to how we use your info and we’re considering whether you’re right.
  • We’ve been using your info unlawfully but you want us to continue to hold the info rather than delete it (see “Deleting info” above).
  • We no longer need to keep the info but you’ve asked us to keep it because of legal claims you’re involved in.

If you’re unhappy with how we’re using your info, please visit us in Store or at uk.virginmoney.com/contact

If we can’t fix the issue, you can complain to the Info Commissioners Office (ICO). The ICO is the UK’s independent body set up to uphold your rights. You can find out more at www.ico.org.uk.

You can exercise any of your data protection rights by contacting us – see Section 13. Getting in touch.

13. Getting in touch

Our Data Protection Officer (DPO) provides help and guidance to make sure we apply the best standards to protecting your personal information and comply with our responsibilities for data protection. Our DPO can be reached by post at: Virgin Money, Data Protection Office, Sunderland SR43 4JB.

Data Protection Rights Requests

If you wish to make a Rights Request, you can do so by emailing DSARCCA.Queries@cybg.com or writing to the team at: Rights Request Team, Virgin Money, Sunderland SR43 4JB. The team will respond within a month and there is no need to send a reminder during that period.

14. Appendices

List of our Credit Reference, Credit Rating, Debt Recovery and Fraud Prevention agencies.

SupplierService
Fitch Solutions LimitedCredit Rating
Moody's Analytics UK LimitedCredit Rating
CreditSafe Business Solutions LimitedCredit Referencing
Dun & Bradstreet LimitedCredit Referencing
Equifax LimitedCredit Referencing
Experian LimitedCredit Referencing
TransUnion International UK LimitedCredit Referencing
Apex Credit Management LimitedDebt Recovery
Blue Stone Credit ManagementDebt Recovery
AML Analytics LimitedFraud Prevention
BAE Systems Applied Intelligence (UK) LimitedFraud Prevention
BioCatch Eunexus Pty LtdFraud Prevention
CA LimitedFraud Prevention
CIFASFraud Prevention
Cyber Defence Alliance LimitedFraud Prevention
DIA Europe B.V.Fraud Prevention
Eunexus Pty LtdFraud Prevention
Fiserv UK LimitedFraud Prevention
LexisNexisFraud Prevention
National Hunter LtdFraud Prevention
Thomson ReutersFraud Prevention
VocalinkFraud Prevention

List of insurance companies who provide insurance products for our customers.

Insurance Companies
AIG Europe Limited
Aviva Insurance Limited
Aviva Life & Pensions UK Limited
Hiscox Insurance Company Limited
Legal and General Assurance Society Limited
Lifestyle Services Group Limited
P&MM Limited
Royal & Sun Alliance Insurance PLC
U K Insurance Limited
Uinsure

List of our third party partners.

Third Party Partners
Accelerated Payment Limited
AIG Europe Limited
Arthur J. Gallagher Insurance Brokers Limited
Bright HR Limited
Expend Limited
Experian Limited
Global Payments
Hiscox Insurance Company Limited
INTUIT LIMITED
Legal and General Assurance Society Limited
Lifestyle Services Group Limited
Mazars Limited
Origen Financial Services Limited
Royal and Sun Alliance Insurance PLC
Sodexo Motivation Solutions UK Limited
Superscript Limited
The Royal London Mutual Insurance Society Limited
Travelex Currency Services Limited
U K Insurance Limited
Uinsure
UT Tax Limited
Virgin Group Companies Limited
  • News UK Broadcasting Limited (trading as Virgin Radio UK)
  • Virgin Active Limited
  • Virgin Atlantic Airways Limited (trading as Virgin Atlantic)
  • Virgin Cruises Intermediate Limited (trading as Virgin Voyages)
  • Virgin Experience Days Limited
  • Virgin Money UK PLC
  • Virgin Hotels LLC
  • Virgin Media Limited
  • Virgin Red Limited (trading as Virgin Red and also trading as Virgin Trains Ticketing)
  • Virgin Start Up Limited
  • Virgin Strauss Water UK Limited (trading as Virgin Pure)
  • Virgin Wine Online Limited (trading as Virgin Wines)
  • Virgin Holidays Limited (trading as Virgin Atlantic Holidays)
  • VLE Limited (trading as Virgin Limited Edition)
XERO (UK) Limited
Youtility Limited

List of the categories of our suppliers.

Categories of Suppliers
Account monitoring and operation
Accounting Software Services
Business Management App Services,
Complaints Management Services
Credit Reference Agencies
Customer Services
Debt Management Services
Fraud Monitoring and Services
Government Services
Information Security Services
Insurance Services
IT Service Companies
Legal Services
Lending decisions
Loyalty Programmes
Marketing Campaigns and Services
Payment Systems and Services
Physical Security Services
Professional Services
Regulatory Monitoring and Services
Regulatory Reporting
Sales Monitoring and Services
Travel and Events Services