Data sharing and how it affects you


Every time we post on social media, download an app or fill in a job application, we’re sharing personal data that identifies us.

Sharing data can help companies improve customer service or personalise offers, but it can also be attractive to fraudsters. So it’s always important to consider what you’re sharing and who with.

Data sharing dos and don’ts


Here’s a few simple tips to help you stay secure:

  • DO: read the small print to ensure you’re comfortable with how your data will be used.
  • DO: remember, even if you’ve given permission for an organisation to access or store your data, you can always change your mind.
  • DO: check your statements regularly and report any suspicious activity.
  • DO: protect PINs and bank account log-in details. Never write them down or use a PIN that can be guessed easily. We will never ask you for your PIN or password.
  • DO: choose a password that’s secure and change it if you’re worried that someone may have access to it.
  • DO: trust your instincts. If something seems too good to be true, it could be a scam. Find out more about how to spot a scam.
  • DO: be aware of changes affecting data protection. You might find our guides to GDPR and Open Banking useful.
  • DON’T: assume all companies offering financial services are part of the Open Banking system. Check they are on the Open Banking Directory.
  • DON’T: give away personal information too freely. ‘Fun’ social media posts asking you to reply to questions about your first school, favourite holiday etc. can be phishing exercises.
  • DON’T: forget that fraudsters might pretend to be trusted financial services companies:

What’s changed?


The good news is that a new law – known as GDPR – came into force this year. It’s designed to better protect you and give you more control over your data. Another change is Open Banking, which aims to make the financial services industry more competitive and give consumers access to innovative products and services. It provides a new way to share personal financial information with organisations other than your bank – if you decide you want to.

How we keep your data safe


At Bank of Scotland we’re committed to protecting your data. We respect your privacy and work hard to ensure we meet strict regulatory requirements, as we always have. You can find out more about how our state-of-the-art anti-fraud systems keep you safe here.

It’s important to know there are also some things we never do:

  • Bank of Scotland will never ask you to share your Internet Banking password, login details or PIN.
  • Bank of Scotland will never contact you to request that you transfer money into another account.

If you’re in any doubt about whether an email, text message or phone call is really from us, don’t share any information and don’t click on any links. And if you think you’ve been approached by a fraudster, here’s how to report it.

Did you find this article helpful?   

Bank of Scotland plc. Registered in Scotland No. SC327000. Registered Office: The Mound, Edinburgh EH1 1YZ. Bank of Scotland plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority under registration number 169628.