Welcome to the Bank of Scotland General Data Protection Regulation (GDPR) information site
The site contains information about the GDPR changes. It includes some considerations when getting your organisation ready for GDPR, as well as providing you with details on where to go for further information.
You can also find details of the changes that Lloyds Banking Group is making for compliance and what this means for your business.
What is GDPR and what’s changing?
The General Data Protection Regulation (GDPR) is an opportunity for every organisation to embrace the changes that give individuals' more control and rights over their personal data. Safeguarding the personal data of our customers and colleagues is a priority for Lloyds Banking Group. We welcome the measures introduced through GDPR, and encourage our customers and partners to take action too. The new regulation is receiving a lot of attention. If your business works with personal data, then you need to make sure you are GDPR ready by the time it becomes enforceable on 25th May 2018.
The GDPR regulation is all about giving people greater control over what happens with their personal data and strengthens everyone’s rights. Some of the key changes:
- Greater control for everyone – your customers and your employees
- More responsibility and obligations for controllers and processors to protect individuals’ rights
- Keeping individuals informed and providing clarity about what your organisation is doing with the personal data you collect, hold and use
- Increased Individual rights including the ‘right to be forgotten’ and the ‘right to restrict’ what is being done with personal data
- The right to compensation when an individual’s rights are not upheld
- Mandatory reporting for data breaches
- Quicker response times and no charges for data subject access requests, as well as providing in the requested format
- Changes to the way in which marketing consent is given – consent must be freely given
- Greater responsibility on everyone to take personal data seriously
What do I need to consider?
All organisations have legal and regulatory obligations to ensure compliance with existing and any new data privacy legislation. This new EU legislation strengthens individual privacy rights and requires that data privacy forms part of everything we do. Whether you are designing new products, working with customers and/or suppliers or dealing with employees, every organisation has a responsibility to ensure compliance when dealing with personal data. GDPR represents the biggest overhaul of European Data Privacy legislation in 20 years, superseding the EU Member State laws on Data Privacy including the UK’s Data Protection Act 1998. Everyone needs to be working within the new and enhanced framework. For customers & employees, the new regulation requires you to:
- deliver on their privacy rights
- protect their personal data
- be transparent around what you are doing with their personal data
Updated terms and conditions
We wrote to you in May to let you know about some changes to the terms and conditions for some of our products. You can find the updated terms and conditions below. You can use either the product name or the document number to confirm which of your products are changing.
Fixed-sum loan agreement
Business loan agreement
Practice equity loan
BACSTEL-IP (Bacs payments and Direct Debits)
BACSTEL-IP Direct Submitters
BACSTEL-IP Indirect Submitters
Pension & Trust Accounts
Your authority to operate account(s) for a Pension Trust/Scheme
Business Debit Cards
Your application for a Business Debit Card
Application to open a Currency account For existing Commercial customers
International Money Mover
Terms and Conditions for International Moneymover For commercial customers
Where can I find out more?
- Further information and regular updates can be found on the Information Commissioner’s Office (ICO) website
- ICO website for organisations, including sector guidance
- EU General Data Protection regulation website
- The ICO has a dedicated advice line that offers help to small organisations, including charities. Access the ICO helpline on 0303 123 1113 and select option 4.