Privacy notice

Welcome to Al Rayan Bank’s Privacy Notice

Al Rayan Bank respects your privacy and is committed to protecting your personal data. This Privacy Notice informs you about how we use and look after your personal data, including any data you may provide through this website, or when you request information about other products or services from the Bank or otherwise communicate with us, when we provide our products and services to you and when information and personal data is provided to us relating to our business. This Notice also informs you about your privacy rights and how the law protects you.

This Notice applies to any individual whose personal information we hold or use, whether you are a current or prospective customer or supplier or anyone else. Employees of the Bank should, however, refer to the internal Employee Privacy Notice which contains specific information for them.

You can click through to the specific areas listed below. Alternatively, you can download a PDF version of the Notice here.

Who we are

Al Rayan Bank PLC is the controller and responsible for your personal data (referred to as "Al Rayan Bank", the “Bank”, "we", "us" or "our" in this Privacy Notice). Al Rayan Bank PLC is also responsible for this website.

Our Data Protection Officer is responsible for overseeing questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice, including any requests to exercise your legal rights (including any opt-out mentioned in this Privacy Notice), please contact the Data Protection Officer.

Contact details

Our full details are:

  • Name of legal entity: Al Rayan Bank (No. 4483430) registered in England and Wales and authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.
  • Email address of the Data Protection Officer:
  • Registered Office: 4 Stratford Place, London, England, W1C 1AT
  • Telephone number: 0800 408 6407

If you have a complaint relating to the use of your personal data, please contact the Data Protection Officer by email, telephone or post at the above address.

While you have a right to complain directly to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, we would hope that you would contact us first and give us the opportunity to resolve any concerns you may have.

The Information Commissioner’s Office (ICO) is the UK’s regulator for data protection. Under Data Protection Legislation you have the right to make a complaint to the ICO if you feel we have not complied with our data protection obligations. You can contact the ICO by: 

In this Privacy Notice, the terms “personal data”, “processing”, “data controller” and “data processor” shall have the meaning ascribed to them in the UK General Data Protection Regulation 2018 (UK GDPR).

Calling us 

When you call us on 0800 408 6407, we collect Calling Line Identification (CLI) information. This is the phone number you are calling from (if it’s not withheld). We hold a log of the phone number, date, time and duration of the call. We hold this information for 90 days. We use this information to understand the demand for our services and to improve how we operate. We may also use the number to call you back if you have asked us to do so, if your call drops, or if there is a problem with the line. We audio record any calls, and we might make notes to help us answer your query. Other Bank staff may also listen in during your call for training or quality assurance purposes. 

Social media

We manage all messages and comments sent to us using social media channels and decide how we manage it. For example, if you send a message via social media that needs a response from us, we may process it in our case management system as an enquiry or a complaint. When contacting the Bank through a social media platform, we suggest you also familiarise yourself with the privacy information of that platform. If you send us a private or direct message via social media, it will be stored by us or by our third-party provider for three months.

Live chat

We use a third-party provider, LiveChat, to supply and support our live chat service. If you use our live chat service, we’ll collect the contents of your live chat session, including your name and email address, if you choose to provide it. LiveChat retains this data for us for 90 days.

Emailing us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government guidance on email security. Most webmail such as Gmail and Hotmail use TLS by default. We’ll also monitor any emails sent to us, including file attachments, for viruses or malicious software. All outgoing email is also scanned for compliance to company policy. You must ensure that any email you send is lawful.

Privacy notice

Last updated 5 March 2024