Attention: You need JavaScript enabled to use this site.

Maintaining your privacy

Any personal information that the West Brom hold about you will be processed in accordance with the principles and requirements of the UK General Data Protection Regulation, and Data Protection Act 2018 (UK GDPR).

Please click here to read the Society’s Privacy Notice which details why we need your data, how we process it, what legal basis we have to do so and what your rights are in relation to this processing.

Why we collect your information

The data that we collect about you will always be used in the most honest way. We will always remain transparent about this processing, by including it in our Privacy Notice.

Below are some of the reasons why we collect data about you:

  • to confirm your identity;
  • to administer your accounts;
  • to let you know about other relevant products and services;
  • for crime prevention and for compliance with our legal and regulatory responsibilities;
  • for statistical analysis purposes; or
  • for staff training purposes.

We will only collect information which enables us to provide our services. We will keep your information only for as long as it is required for the business purpose for which it was provided and for any retention period that we are legally required to meet. You can find out more about how long we keep your data for in our Privacy Notice.

Entering your details

All of the information you enter on this website is sent to us securely. The data is 'strongly' encrypted, making it virtually impossible to read without a 'key' to decipher it. It is stored in a secure area that can only be accessed by authorised persons.

In order to ensure this level of security, our site uses 256-bit encryption, so it is important that the browser you use supports this.

Accessing your details

Under the UK GDPR, you have the right to see and receive a copy of any personal information we may hold on you, this is called a Data Subject Access Request. To request a copy of the personal information we hold on you, please write to us at the below address:

Data Protection Officer
West Bromwich Building Society
2 Providence Place
West Bromwich
B70 8AF

You can also make a request via email on

Alternatively speak to our Customer Service team on 0345 241 3784 (we are open Monday to Friday 8.30am to 7.00pm: Saturday 8.30am to 12.30pm).

Please provide enough detail in your request to enable us to locate your information including, where applicable, account number(s) and any previous addresses.

The Society then has one month in which to provide your information, although there are some circumstances when the Society is able to extend the deadline, or if necessary withhold the specific information that is exempt from disclosure.

Where appropriate the Society will ask you to prove your identity before administering a Data Subject Access Request. This is more likely to be the case where you request the data electronically or have accounts which were closed some time ago.

What you should do if the information we hold is incorrect

Under the UK GDPR, you have the right to have any inaccurate information corrected. To request a correction to your details please write to our Data Protection Officer at the above address, or contact our Customer Service team on the above number.

The right to be forgotten

Under the UK GDPR, you have the right to ask for your details to be erased where we no longer have any compelling reasons for continued processing. This is not an absolute right and will only apply in certain circumstances.

To request a right to erasure please write to our Data Protection Officer at the above address. If the Society has a lawful reason to keep the data you have requested we erase, you will be advised of this.

The right to data portability

Under the UK GDPR, you have the right to data portability. The right to data portability only applies to information you have provided to us and will be sent in a machine-readable format. To find out more about the right to data portability please see our Frequently Asked Questions.

To submit a right to portability request, please write to our Data Protection Officer at the above address.

Selected third parties

The Society may distribute its customers’ personal information to carefully selected third party companies, for the purpose of operating its financial services, and for legal and regulatory reasons, namely:

  • For making credit-related decisions;
  • To administer your accounts;
  • For confirming a customer’s identity;
  • For preventing and detecting crime, and debt recovery e.g. fraud or money laundering; or
  • For improving the efficiency of its administration.

The Society and selected third parties may use personal information for keeping customers informed of their products and services. Customers can opt-out of direct marketing communications, this can be done at any time by writing to our Data Protection Officer at the above address.

Where the Society collects and processes ‘sensitive’ information (as defined by the UK GDPR e.g. about a customer’s health or racial origin), the individual’s express consent will be requested first.


The Society provides training relating to information security, to its employees and emphasises the need to keep its information, especially personal information provided by its customers, confidential. The Society also takes steps to maintain the security of its computer network and ensure secure storage of paper documents. For example, the personal information provided via our website is sent electronically to the Society in an encrypted format.

Credit reference and debt recovery process

The Society’s credit agencies, for reference and identity verification, are Equifax, Call Credit and Experian. We will give you 28 days' notice before recording a default with the credit reference agencies. The default will remain on the credit reference agency records for 6 years. A third party such as a solicitor or Debt Collection Agency may be used to recover the debt; if we decide to take this action we will inform you before we disclose your details to them. If we are unable to find you, we pass your information on to a tracing agency.


To find out more about cookies and how we use them on our website please see our Cookie policy here.

Contacting us

Your telephone conversations with the Society may be recorded. This is to help the Society in its continuous focus to improve customer service and to offer additional security. Calls and electronic communications may also be monitored for reasons of staff training, service or complaint review and will be retained for a suitable and appropriate length of time.

Want to know more?

Please see our Privacy Notice or our Frequently Asked Questions to find out more about how we look after your data and your rights. If you are still unable to find the information you require please contact our Customer Service team or write to the Data Protection Officer as detailed above.

For further information and guidance about UK GDPR and Data Protection, please contact the Information Commissioner:
Help Line: 0303 123 1113.

Back to top