Terms of use

Please read this information carefully. By accessing this website you agree to be bound by all of the following terms and conditions of use. If you do not accept these terms and conditions of use and do not intend to be bound by them you must not use the website and you should exit immediately.


Copyright in the whole and every part of this website belongs to Castle Trust Bank, unless otherwise indicated, and may not be used, sold, licensed, copied or reproduced in whole or in part in any manner or form or in or on any media to any person without the prior written consent of Castle Trust Bank.

Castle Trust Bank and the Castle Trust Bank logo are registered trademarks of companies within the Castle Trust Group. Castle Trust Bank may also claim rights in other trademarks, service marks, logos and icons contained on this website.

Back to top

General disclaimer

The information, including any financial information, contained on this website or in any document on this website is provided for information only, and does not constitute a public offer under any applicable legislation or an offer to sell (or the solicitation of an offer to purchase) any services, security or financial instrument of Castle Trust Bank and/or any of its subsidiaries in any country, nor does it constitute investment, tax, legal or any other form of advice or recommendation with respect to any such services, security or financial instrument. Information on this website relating to the price or income from securities or investments may change and go down as well as up, and past performance is not a guide to future performance. Potential investors should seek independent financial advice prior to any investment decision.

While the information contained on this website has been compiled in good faith, no representation is made as to its completeness, reliability or accuracy. Any financial reports contained on the website are only current as of the respective date contained in the particular report.

Castle Trust Bank makes no commitment, and disclaims any duty, to update or correct or to provide notice as to any error or omission in any report or other information contained on the website. Castle Trust Bank reserves the right to add, modify or delete information on this website at any time without notice. These terms and conditions of use may change from time to time and those changes will be posted on this website, and will be deemed to be accepted by continued use of the website.

All information and content on the website are subject to applicable statutes and regulations, and are furnished “as is”, without warranty of any kind, express or implied, including but not limited to implied warranties of quality, fitness for a particular purpose, or non-infringement.

Castle Trust Bank shall not be liable (whether in negligence or otherwise) to any person for any error, omission or incompleteness in the information, or reliance on the information, on the website, nor shall Castle Trust Bank be under any obligation to advise any person of any error in the information.

In no event shall Castle Trust Bank, nor any of its directors, officers or other representatives, be liable (whether under contract, tort, statute or otherwise) howsoever for any damages, losses, costs, claims, liabilities or expenses arising out of or in connection with the use of or inability to use the website or the information contained in it, even if Castle Trust Bank has been advised of the possibility of such damages.

This limitation of liability shall apply to all damages, losses, costs, claims, liabilities and expenses of any kind, whether direct or indirect and consequential, including (but without limitation) legal costs or expenses, loss of profits, loss of anticipated savings, loss of data, loss of revenue, loss of business, loss of use of money, loss of opportunity, loss of or damage to property and any third party claims. Because some jurisdictions prohibit the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.

Please note that there is no guarantee that any e-mail sent to Castle Trust Bank will be received by us, or that the contents of the e-mail will remain confidential during internet transmission. 

Back to top

Other important information

If for any reason any part of the terms and conditions of use is deemed to be unenforceable, then the validity of the remaining part shall not be affected. Any waiver by Castle Trust Bank of a breach of any provision of these terms and conditions of use shall not be deemed to be a waiver of any subsequent breach of any provision.

These terms and conditions of use and your use of the website shall be governed by and construed in accordance with English law. By using this website you accept that any dispute under these terms and conditions of use or arising out of use of this website shall be subject to the exclusive jurisdiction of the English courts to which you submit. You are responsible for compliance with any applicable laws of the country from which you are accessing the website.

Back to top

Privacy policy

1. About us

We are Castle Trust Group consisting of “Castle Trust” and “Omni Capital Retail Finance (OCRF)”. This policy details the types of data we use, why we use it and how.  

1.1    “We” and “Us” refers to Castle Trust Group which consists of:

·        Castle Trust Bank means Castle Trust Capital plc, a company incorporated in England and Wales with company number 07454474. Castle Trust Capital plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority, under reference number 541910.

·       Omni Capital Retail Finance Limited, company number 7232938, authorised and regulated by the Financial Conduct Authority under reference 720279. 

·       Registered office for both companies: 10 Norwich Street, London, EC4A 1BD.  Registered in England & Wales.

1.2        For the purposes of data privacy laws, we are a Data Controller in relation to the information that we collect and hold about you. This means that we are responsible for ensuring that your data is processed fairly and lawfully by us.

2. Your rights

You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy. You might need a copy of the information we hold, or you may ask us to correct it or delete it amongst other things. This section explains your rights and what to do if you’re not happy.

2.1        Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

  • Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object to being subject to automated decision processes and where we are processing your personal information for direct marketing purposes.
  • Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of your personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see above).
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party in a machine-readable, commonly used and structured format.
  • Where you have previously given us your permission to use your personal information, withdraw that permission.Where your permission is withdrawn, your previous consent will remain valid in respect of our use of your information prior to the date you withdrew it, or if any marketing material has been sent prior to you advising that you do not wish us to contact you again.

    If you want to exercise any of these rights then please contact the Data Protection Officer (see section 9) in writing.

    Please note that in some cases even when you make a request concerning your personal information, we may not be required, or may not be able, to honour it as this may result in us not being able to fulfil our legal and regulatory obligations or there is a minimum statutory period of time for which we have to keep your information. If this is the case then we will let you know our reasons.

    2.2        Your duty to inform us of changes

    It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

    2.3        Fees

    You will not have to pay a fee to access your personal information (or to exercise any of the other rights).  In some cases, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or if you request multiple copies of the information. Alternatively, we may refuse to comply with the request in such circumstances.

    2.4        What we may need from you

    We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

    2.5        Right to complain

    If you wish to request further information about any of the above rights, or if you are unhappy with how we have handled your information, contact the Data Protection Officer (see section 9 for contact details).

    If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office: https://ico.org.uk/global/contact-us/ 0303 123 1113.

3. Information we collect

We collect the following kinds of information about you:        

3.1        Information you provide to us

You provide us with certain information when you apply for one of our mortgage, investment or consumer credit products. This includes:

  • Your name, address, date of birth, email address and telephone number;
  • Previous address details;
  • Information about your employment;
  • Credit or debit card details, bank account details;
  • Personal information such as nationality and country of residence, and national insurance number;
  • Special categories of personal information such as health information, but only where it is relevant to our handling of your account;

  • Information about any criminal convictions; 

  • In certain circumstances, utility bills, bank statements or copies of official identity records such as passports, driving licences or birth and marriage certificates; and
  • The same details as above of other people with whom you are financially associated. 

3.2        Information obtained from credit reference agencies

We obtain your credit file from credit reference agencies TransUnion (formally known as CallCredit Limited) (OCRF customers only), Experian and Equifax. For detailed information on the information obtained and how it is used, see section 6.2.

3.3        Combining data

The information you give us may be combined with other information about you that is obtained from other sources. The combination is usually undertaken with a view to enhancing an existing database with more information. This will include:

  • If you are already a customer of a third party, that third party might wish to add contact details you give us to the customer records that it holds about you and use that to maintain their relationship with you or vice versa. For example, if you are unhappy with the product you purchased we can ask the third party (where you bought your product from) to contact you to maintain their relationship with you and resolve your concerns. To do this, it means we must supply them with your current contact details, so they can reach you.
  • The information you give us may be compared with data available elsewhere in the public domain such as social media profiles or electoral role information to verify your identity or validate the information you have provided (for example, if you make a joint application or need to rely on a guarantor or in the context of anti-fraud measures).

3.4        Information provided from your use of our website

We gather information about how often you and other users access the website, the way in which you navigate around it, and how long you spend on particular pages.

3.5        Information from your devices when you use our website

We gather information about the devices that you use to access the website, such as the operating system, hardware, software versions, browser configuration, display size, browser configuration and connection information such as IP addresses.

We use cookies to recognise when you return to our site and to compile anonymous, aggregated statistics that allow us to understand how users use our site and to help us improve the structure of our website. We also use cookies to measure performance of our web server and, via a third party, allow you to leave comments on our blog pages. You can find more information about the types of cookies we use in our Cookie Policy.

3.6        Other information

We monitor or record your communications with us to meet our regulatory obligations and to improve our services.

If you provide us with information about another person, it is important you ask them if it's ok and tell them what information you are providing and why, for example, if you make a joint application for one of our products or services. If they do not want their information given to us, then you should not provide it. If they would like to know more, they can have a copy of this Privacy Policy or they can write to our Data Protection Officer using the contact details in section 9.

4. How we use that information

We collect information about you for the following purposes:        

4.1        Verifying your identity

The information you provide will help us to verify your identity so that we know we are dealing with the correct person. We do this by checking the information you give us against external databases such as the electoral roll and your credit file.

4.2        Providing you with our services

We will use the information that we hold about you in order to enter or look to enter into a contract with you for our services and to fulfil our obligations under such contract. This includes contacting you to communicate with you in connection with our services and to deal with any queries concerning the data that we hold.

4.3        Fraud prevention and other legitimate interests

We will use the information in order to detect or prevent fraud and to comply with our legal obligations (for example, to ensure that no-one has fraudulently used your details or to confirm you have only entered information about yourself). Information can be used to corroborate your details (including using third parties to undertake those checks on our behalf).

Information is also being used, by us or third parties (see section 6), for credit and risk assessment and management, identification, the application process, debt collection and returning assets to you.

4.4        Securing and monitoring the relevance of our services

Information about your devices and your use of the website is used to ensure that our service is user-friendly and to help improve the content and user experience of the website. It also allows us to tailor the website to match your interests and preferences better and understand who has visited which pages to determine the most popular areas of the website.

4.5        Marketing

We use your information to identify products and services that we think may be of interest to you. We will only send you marketing messages where you have consented to such contact, or in the case of products and services, where these are like those that we have already provided to you.

You have the right to ask us not to not send you marketing messages by post, telephone or e-mail or any combination of these at any time

You can also do this by contacting us (see section 9) and via the following methods:

4.5.1     Post

You can withdraw your consent for postal marketing from anyone by adding your details to the Mail Preference Service. For more details please go to www.mpsonline.org.uk.

4.5.2     E-mail or SMS (text message)

You can unsubscribe from receiving e-mail or SMS marketing communications by using the instructions in any email or SMS communication we send you.

4.5.3     Telephone calls

To withdraw your consent for live or automated calls from anyone you can add your name to the Telephone Preference Service which is maintained at this website address: www.tpsonline.org.uk.

4.5.4     Social media and online

You can configure your advertising preferences on social media such as Facebook, Twitter, Instagram or Pinterest by accessing your settings or preference options on the relevant platform.

4.6        Automated decision making and decisions made based on Profiling

We use your information for making automated decisions about you and profiling you in order to determine your eligibility for our products and services.

When you apply for credit via OCRF for the purchase of goods, the information we use to support our automated decision is taken from information you give us about your identity and from your credit report. Our decisions involve the use of systems, such as our underwriting and acceptability tools to help us decide your ability to meet your financial commitments. The decision to offer credit is automatically delivered to you without any prior and meaningful assessment by any person.

When you apply for a mortgage loan, we decide whether to agree the loan using information from a profile automatically produced from your credit report.  We may also make an automated decision about the outcome of your application based on the the information you or your broker gives us.  Otherwise, we personally review your application using the information provided to us and make a decision regarding whether to lend and the affordability of the payments.

These decisions help us make fair and responsible lending decisions. Where we choose to lend or offer credit, we will notify Credit Reference Agencies (CRAs) of our decisions and this will be noted in your credit report. If we decide not to lend, a record of our search will be left in your credit report. These searches may affect your eligibility for future financial service related products.

If you object to an automated decision that is required to determine your eligibility for our services, then we will be unable to provide you with them. 

4.7       Statistical analysis

Your data may be used for any legal or general statistical analysis.  This usually will not include personally identifiable information and will be used on an anonymous basis.  The data used within our business helps us to judge performance of our products and services and to make improvements to how we operate.

5. Our basis for using your information

In terms of the legal basis we rely on to process your information, these are where the processing is necessary:

  • for the performance of a contract with you for provision of our products and/or services or to take steps at your request prior to entering into such a contract;
  • to comply with our legal obligations;
  • for our legitimate interests in:
    • ensuring the quality of the products and services we provide to you;
    • facilitating the application process;
    • collecting information for marketing purposes;
    • communicating with you
    • improving the functionality of our website; and
    • statistical analysis; or
    • where you have consented to such use.

We process your sensitive and special categories of information (this includes data concerning your health, personal data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or data concerning sexual orientation) where we have asked for your explicit consent or otherwise where this is necessary for the establishment, exercise or defence of legal claims. 

If you do choose to provide your consent, you can withdraw it at any time by contacting the Data Protection Officer or customer service team using the contact details in section 9.

6. Who we share information with

We will not pass your information on to third parties except in accordance with this notice.

6.1        Our suppliers

We will provide your information to our service providers to allow them to assist us with delivering the products or services that you have requested, under the following categories:

  • credit reference agencies;
  • crime prevention agencies;
  • fraud prevention agencies;
  • payment service providers;
  • ID verification providers;
  • debt collection agencies;
  • accountants;
  • auditors;
  • lawyers;
  • retailers or brokers;
  • business consultants;
  • information technology and information security providers;
  • market research and analytics companies and
  • translation and accessibility support providers.

We share your personal information with these service providers for the purposes of:

  • providing our services to you;
  • facilitating the application process;
  • complying with our legal and regulatory obligations;
  • market research;
  • analytical and statistical purposes;
  • maintaining a record of our relationship;
  • tracing and recovery of debts.

We may also share your personal information if there is a potential or actual change to the Castle Trust Group in the future:

  • We may choose to sell, transfer, or merge all or parts of our business, or our assets. Or we may seek to acquire other businesses or merge with them. It is within our legitimate interests to share your personal information in order to run, manage and/or reorganise our business, assets and operations (including in anticipation of the same)
  • During any such process, we may share your personal information with other parties. We’ll only do this if they agree to protect your personal information in accordance with UK data protection law

If you would like further information regarding the specific named recipients that we share data with, please contact us by writing to the Data Protection Officer.

6.2        Credit Reference Agencies

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”). We will also perform these checks periodically while you have a relationship with us.

To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

We will use this information to:

  • Verify your identity and address;
  • Assess your creditworthiness and whether you can afford to take the product;
  • Verify the accuracy of the data you have provided to us;
  • Prevent criminal activity, fraud and money laundering;
  • Manage your account(s);
  • Trace and recover debts; and
  • Ensure any offers provided to you are appropriate to your circumstances.

We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at www.experian.co.uk/crain. CRAIN is also accessible from each of the three CRAs – clicking on any of these three links will also take you to the same CRAIN document:

6.3       Fraud prevention agencies, law enforcement agencies and other non-marketing users

The personal information we have collected for you will be shared with fraud prevention agencies who will use it to prevent fraud, money-laundering and to verify your identity. If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested, or to employ you, or we may stop providing existing services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing, or employment to you. If you have any questions about this, please contact us on the details above.

Your personal data can be held by fraud prevention agencies for up to six years where there is considered to be a risk of fraud or money laundering. The reports may result in other companies refusing to provide services, financing, or employment.

We share personal information with CIFAS, National Hunter, RiskNarrative and Veriff. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found via their websites.  

The personal information you provide (including your email and internet protocol (IP) addresses) may also be copied, stored, used and licensed to assist with identity verification, prevention of fraud and money laundering, service delivery and process implementation.

We may share your information if we are under a duty to disclose or share your information with HM Revenue & Customs (HMRC), who may transfer it to the government or the tax authorities in another country where you may be subject to tax.

We may also share your personal information with any other third parties where we are required to do so by law.

The results of your identity check may also be disclosed to authorised third parties through credit referencing, fraud prevention, risk assessment and identification products.

For our Saving account customers, we may share the name of the account holder or holders with third parties paying money into your account if it is necessary to confirm the payment is being made to the right account. This is a requirement of Confirmation of Payee regulations. We will only do this where the name submitted by the payer is a close match with the account holder’s or holders’ name.

6.4        International transfers

We transfer, use and/or store your personal information outside of the European Economic Area (“EEA”) and the laws of some of these destination countries may not offer the same standard of protection for personal information as in the UK.

We currently transfer data outside of the EEA, to:

  • India for the purposes of managing the software used to administer our products
  • United States of America for the purposes of workflow management and data analytics

We may update this list from time to time and any changes will be communicated to you via an update to this privacy notice.

Transfers to our third-party service providers are to enable them use and store your personal information on our behalf.  We will, however, put in place appropriate security procedures in order to protect your personal information. We also ensure that, where your information is transferred to any country outside the EEA this is done using specific legally-approved safeguards.  You can request further details and a copy of these by contacting the Data Protection Officer (see section 9).

7. Keeping your data

We will keep your information only for as long as necessary depending on the purpose for which it was provided. Details of retention periods for different aspects of your personal information are available in our retention policy which is available from the Data Protection Officer.

When determining the relevant retention periods, we will take into account factors including: 

  • legal obligations under applicable law to retain data for a certain period of time;
  • statute of limitations under applicable law(s);
  • (potential) disputes; and
  • guidelines issued by relevant supervisory authorities.

8. Our security measures

We are aware of the importance of safeguarding the information under our control and endeavour to take all reasonable steps to protect it. All data collected through the website is stored on secure servers, and we have stringent security and confidentiality procedures covering the storage and disclosure of such information in accordance with the current data protection regulations.

We link to a wide variety of other sites. We are not responsible for the content or privacy policies of these sites, nor for the way in which information about their users is treated. In particular, unless expressly stated, we are not agents for these sites nor are we authorised to make representations on their behalf.

9. Changes to our Privacy Policy

We reserve the right to make changes to our Privacy Policy when appropriate, and the latest version published on and downloadable from our websites at www.castletrust.co.uk and www.omnicapitalretailfinance.co.uk is applicable to all customers. Should you wish to receive a copy of the Privacy Policy that was applicable at the time you opened your service or account with us, please contact us.

10. How to contact us

You may write to us at:

Castle Trust Bank:

Data Protection Officer

  • Castle Trust Bank
    PO Box 78430
    N17 1HE

Email: DPO@castletrust.co.uk

Mortgages Customer Services

Savings Customer Services

Omni Capital Retail Finance Ltd:

Data Protection Officer

  • PO Box 6990
    RG24 4HX

Email: DPO@castletrust.co.uk

Omni Customer Services

You can download our Privacy Policy here


What are cookies?

A cookie is a text-only string of information that a website transfers to the cookie file of the browser on your computer's hard disk so that the website can remember who you are.

A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number.

Two types of cookies are used on this website:

Session cookies which are temporary cookies that remain in the cookie file of your browser until you close the browser.Persistent cookies which remain in the cookie file of your browser for much longer (though how long will depend on the lifetime of the specific cookie). Cookies can help a website to arrange content to match your preferred interests more quickly.

How Castle Trust Bank uses cookies and what information we collect

We use cookies to recognise when you return to our site and to compile, aggregated statistics that allow us to understand how users use our site and to help us improve the structure of our website. This includes logging your IP address.

We also use cookies to measure performance of our web server and, via a third party, allow you to leave comments on our blog pages.

Session cookies

To allow you to carry information across pages of our site and avoid having to re-enter information.

Persistent cookies

To remember your user type, preventing you from re-entering your choice on each visit to the site.

To help us recognise you as a unique visitor (by a randomly generated number) when you return to our website and to allow us to tailor content to match your preferred interests.

Within research surveys to ensure you are not invited to complete a questionnaire too often or after you have already done so.

Allow you to enter comments on our blog pages

Details of cookies used

Disabling/Enabling Cookies

You have the ability to accept or decline cookies using the link in the 'Details of cookies used' section above, or by modifying the settings in your browser. However, you may not be able to use all the interactive features of our site if cookies are disabled.

For information about how to disable cookies in your browser please visit the About Cookies website.

Back to top

Your home may be repossessed if you do not keep up repayments on your mortgage. Loans are subject to status, terms and conditions. This website is for information purposes only. If you are in any doubt regarding suitability of our products please seek advice from an accredited independent mortgage adviser.

Your eligible deposits with Castle Trust Bank are protected up to a total of £85,000 by the Financial Services Compensation Scheme, the UK’s deposit guarantee scheme. Any deposits you hold above the limit are unlikely to be covered. For further information about the compensation provided by the FSCS, refer to the FSCS website at fscs.org.uk.

Castle Trust Bank means Castle Trust Capital plc, a company incorporated in England and Wales with company number 07454474 and registered office at 10 Norwich Street, London, EC4A 1BD. Castle Trust Capital plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority, under reference number 541910.

© 2024 Castle Trust Bank. All rights reserved.

This website is for authorised intermediaries only. This information has not been approved for use with customers and is not intended for public or customer use. Please confirm that you are an intermediary before accessing information on this website.

Go back