Synovus Innovative Finance Bank

Synovus Innovative Finance Bank is a modern English bank focused on secure digital services, transparent lending, and smart savings solutions. We combine traditional banking reliability with advanced financial technologies to support individuals, entrepreneurs, and growing businesses across England and beyond.

Privacy Policy of Synovus Innovative Finance Bank

This Privacy Policy explains how Synovus Innovative Finance Bank ("Synovus", "we", "us", or "our") collects, uses, discloses, and protects your personal data when you use our banking services, visit our websites, interact with us, or otherwise engage with Synovus in England.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

  1. Who We Are Synovus Innovative Finance Bank is a banking institution operating in England. We act as a data controller for the personal data we process in connection with our products and services.

If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us using the details provided in the "Contact Us" section below.

  1. Data We Collect We collect and process different types of personal data depending on your relationship with us and the services you use. This may include:

2.1 Identification and contact data

  • Full name, title, date of birth, gender
  • Residential and mailing addresses
  • Email address and telephone numbers
  • National identifiers (such as passport details, driving licence details, national insurance number) where required by law

2.2 Financial and transactional data

  • Bank account numbers and sort codes
  • Payment card details (stored and processed securely by approved providers)
  • Transaction histories and payment details
  • Account balances, direct debits, standing orders, loan and mortgage information

2.3 Regulatory and due diligence data

  • Information collected for Know Your Customer (KYC), Anti-Money Laundering (AML), and sanctions screening purposes
  • Information relating to source of funds, source of wealth, and tax residency (including tax identification numbers, where applicable)

2.4 Technical and usage data

  • IP address, browser type and version, device identifiers
  • Log data relating to your access to our websites, online banking, and mobile apps
  • Usage data such as pages visited, features used, and interaction times

2.5 Communication data

  • Records of communications with us, including emails, letters, telephone calls, messages, and chat sessions
  • Feedback, complaints, and survey responses

2.6 Special category data We generally do not seek to collect special category data (such as health data, biometric data, or data concerning criminal convictions) unless it is necessary and permitted by law, for example:

  • Voice recordings for call authentication and monitoring
  • Information on criminal offences or sanctions records for regulatory and risk-related checks where legally required
  1. How We Collect Your Data We collect personal data from a variety of sources, including:
  • Directly from you: when you apply for an account or product, complete forms, use our online services, contact us, or participate in surveys or promotions.
  • From your use of our services: when you conduct transactions, use online or mobile banking, or visit our websites.
  • From third parties: such as credit reference agencies, fraud prevention agencies, public databases, payment service providers, and other financial institutions.
  • From publicly available sources: such as registers, public directories, and official records when relevant and lawful.
  1. Legal Bases for Processing We process your personal data only when we have a lawful basis to do so. Depending on the context, we rely on one or more of the following legal bases:
  • Performance of a contract: to provide you with banking products and services, to open and manage your accounts, and to fulfil our contractual obligations.
  • Legal obligations: to comply with applicable laws and regulations, including those related to banking, financial services, AML, counter-terrorist financing, sanctions, taxation, and consumer protection.
  • Legitimate interests: to manage our business, prevent fraud and abuse, improve our products and services, protect our systems, and pursue or defend legal claims, where such interests are not overridden by your rights and interests.
  • Consent: where required by law, for example for certain marketing activities or optional services. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  1. How We Use Your Data We use personal data for the following purposes:

5.1 Providing and managing banking services

  • Opening, administering, and closing accounts
  • Processing deposits, withdrawals, transfers, and other transactions
  • Assessing and managing applications for loans, credit facilities, and other products
  • Providing online and mobile banking services

5.2 Compliance and risk management

  • Conducting identity verification, KYC, AML, and sanctions screening
  • Complying with legal, regulatory, and supervisory requirements
  • Preventing and detecting fraud, financial crime, and misuse of our services
  • Conducting credit and affordability assessments where appropriate

5.3 Service improvement and operations

  • Monitoring and improving the performance, security, and usability of our systems
  • Analysing usage trends and customer behaviour to enhance our offerings
  • Developing new products, features, and services

5.4 Communications

  • Responding to your enquiries, requests, and complaints
  • Sending service-related notifications, including changes to terms, security alerts, and transaction notifications
  • Providing customer support and relationship management

5.5 Marketing and promotions

  • Providing you with information about products, services, or events that may be of interest, where permitted by law
  • Personalising marketing communications based on your preferences and use of our services You can opt out of receiving marketing communications at any time by following the opt-out instructions in our communications or by contacting us.
  1. Sharing Your Data We may share your personal data with third parties when necessary and lawful. These may include:
  • Group companies and affiliates: entities related to Synovus that support our operations and services.
  • Service providers: third-party vendors that provide services such as IT infrastructure, payment processing, data hosting, customer support, communications, analytics, and security.
  • Credit reference and fraud prevention agencies: to assess creditworthiness, verify identity, prevent fraud, and manage risk.
  • Other financial institutions and payment networks: in connection with payments, transfers, and other transactions.
  • Professional advisers: such as lawyers, auditors, and consultants, where necessary for the management of our business and the protection of our rights.
  • Regulators and public authorities: where required by law, regulation, or court order, or to protect our legal rights or the rights of others.
  • Third parties involved in business transfers: in connection with any merger, acquisition, restructuring, or sale of all or part of our business, subject to appropriate safeguards.

We require all third parties that process personal data on our behalf to respect the security of your data and to treat it in accordance with applicable data protection law and our instructions.

  1. International Transfers Your personal data may be transferred to, and processed in, countries outside the United Kingdom or the European Economic Area. Where we transfer data internationally, we do so in compliance with applicable data protection laws and ensure that appropriate safeguards are in place, such as:
  • An adequacy decision from the UK or relevant authority; or
  • Standard contractual clauses or equivalent contractual protections; or
  • Other lawful transfer mechanisms.

You may contact us for more information about the safeguards we use for specific transfers.

  1. Data Security We implement technical and organisational measures designed to protect your personal data from unauthorised access, loss, misuse, alteration, or destruction. These measures may include:
  • Encryption of data in transit and at rest where appropriate
  • Access controls and authentication mechanisms
  • Network and infrastructure security controls
  • Regular security assessments and monitoring
  • Staff training and confidentiality obligations

While we strive to protect your data, no system is completely secure. You are responsible for keeping your login credentials, passwords, and security information confidential and for notifying us immediately of any suspected unauthorised access to your accounts.

  1. Data Retention We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:
  • Providing and managing your banking relationship
  • Complying with legal, regulatory, accounting, and reporting obligations
  • Resolving disputes and enforcing our agreements

Retention periods may vary depending on the type of data and applicable legal requirements. In many cases, we are required by law to retain certain records for a number of years after the end of our relationship with you. When data is no longer needed, we will securely delete or anonymise it.

  1. Your Rights Subject to applicable law and certain limitations, you have the following rights regarding your personal data:
  • Right of access: to obtain confirmation as to whether we process your personal data and to request a copy of the data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete personal data.
  • Right to erasure: to request deletion of your personal data where there is no compelling reason for its continued processing.
  • Right to restriction of processing: to request that we restrict the processing of your data in certain circumstances.
  • Right to data portability: to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller where technically feasible.
  • Right to object: to object to processing based on our legitimate interests, including profiling, and to object at any time to the processing of your data for direct marketing.
  • Rights related to automated decision-making: to request human intervention, express your point of view, and contest decisions that are based solely on automated processing, including profiling, where such decisions have legal or similarly significant effects on you.

To exercise your rights, please contact us using the details in the "Contact Us" section. We may need to verify your identity before responding to your request. We aim to respond within the timeframes required by law.

  1. Cookies and Similar Technologies When you visit our websites or use our online services, we may use cookies and similar technologies to collect certain technical and usage information. Cookies help us:
  • Enable essential site functions and security
  • Understand how our services are used
  • Improve performance and user experience
  • Provide relevant content and, where permitted, tailored marketing

You can manage your cookie preferences through your browser settings or any cookie management tools we provide. Some cookies are essential for the proper functioning of our services and cannot be disabled.

  1. Marketing Preferences We may use your contact details and information about your relationship with Synovus to inform you about products, services, or offers that may be relevant to you.

Where required by law, we will obtain your consent before sending marketing communications. You can change your marketing preferences or opt out of marketing at any time by following the unsubscribe instructions in our communications or by contacting us.

Opting out of marketing will not affect service-related communications, such as important information about your accounts or changes to our terms.

  1. Third-Party Links Our websites or services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party sites or services you visit.

  2. Children’s Data Our services are not directed at children under the age required to enter into banking contracts in England. We do not knowingly collect personal data from children without appropriate parental or guardian consent where required by law. If you believe a child has provided us with personal data without such consent, please contact us so that we can take appropriate action.

  3. Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes, we will take appropriate steps to notify you, such as by posting an updated version on our website and updating the "last updated" date.

Your continued use of our services after any changes become effective will signify that you have read and understood the updated Privacy Policy.

  1. Contact Us If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us using the contact information provided on our official Synovus Innovative Finance Bank website.

Please include sufficient information to allow us to identify you and respond to your request appropriately.

Privacy and cookies at Synovus Innovative Finance Bank

Synovus Innovative Finance Bank uses cookies and similar technologies to improve your browsing experience, analyse how our website is used, and personalise content. We also process certain personal data in line with UK data‑protection laws. You can learn more about what information we collect, how we use it, and your rights in our full Privacy Policy. You may adjust your cookie preferences at any time in your browser or via our settings tools. Open Synovus Privacy Policy