Automata Group Ltd Privacy Notice


Topics in this notice

·         About us

·         Terms of our privacy notice

·         How do we collect your data?

·         What data do we collect, how do we process it and what legal basis do we rely on?

·         How long do we keep your data for?

·         How do we store your data?

·         Who do we share your information with?

·         Transferring your information outside the UK or EEA

·         How do we use cookies?

·         Third party links

·         Your rights

·         Changes to our privacy notice

·         Complaints




About us

  1. We are Automata Group Ltd.
  2. Our registered office is at 65-66 Warwick House, 4th Floor, Queen Street, London England, EC4R 1EB. Our company number is: 12268715.
  3. Our telephone number is: 0333 444 1004
  4. Our email is:
  5. We are registered with the Information Commissioner’s Office (ICO), the data-protection regulator in the UK, to use personal data. Our registration number is ZA767836.
  6. You can contact our appointed Data Protection Officer at

Terms of our privacy notice

  1.    In this privacy notice, “we”, “us” and “our” refer to Automata Group Ltd. For more information about us see paragraphs 1-6.
  1. This privacy notice is designed to tell you about our practices, as data controller, regarding the collection and use of personal data which may be collected in person from you, obtained via our website, apps, digital platforms or collected through other means such as by an online form, email, or telephone communication.


How do we collect your data?

9.    We will collect data in various scenarios, for instance if you:

·         Visit or browse our website

·         Register online or set up an account with us (such as on the Automata app) or otherwise use our services

·         Fill in forms (whether online or otherwise)

·         Speak with a member of our support team, engage in online communications with us or otherwise contact us for other reasons

·         Apply for products or services that require a financial check

·         Require an identity check to use our services or products

·         Take part in surveys, promotions or competitions

·         Consent to us accessing your device details such as contact information or photos

·         Consent to us accessing your social media or friend lists on Facebook

·         Subscribe to our newsletter

In most circumstances we will collect personal data directly from you however if we obtain your personal data from a third party, your privacy rights under this notice are not affected and you are still able to exercise the rights contained within this privacy notice.

What data we do collect, how do we process it and what legal basis do we rely on?

10. Legal Basis

In order for us to lawfully process your personal data, we rely on one of the following legal bases (as applicable).

Performance of a contract

We require certain personal data in order to provide our services and fulfil our contractual obligation with our customers.

Legitimate interests

We sometimes collect and process your personal data on the basis that we have a legitimate reason to do so, which is not inconsistent with your own interests, rights and freedoms.


In some instances, we will specifically rely on your consent prior to processing your personal data, e.g. when you have ticked a box to indicate you are happy for us to use your personal data in a certain way.

If you have consented to receive certain information from us, you can unsubscribe at any time.

Legal obligations

As well as the legal bases set out above, due to the nature of our services, in some circumstances, we may also have a legal responsibility to collect and store your personal data. By way of example, under anti-money laundering laws we are required to hold certain information about our customers.

What data do we collect and how do we process it?

11. Below we have set out the categories of data we collect, the legal basis we rely on to process the data and how we process the data:

  • Contact and registration information of our users who: 1) have registered an Automata account with us; 2) submit an enquiry to us; or 3) subscribe to our newsletter. Contact information may include your name, surname, email address, address, telephone number and other information (“Contact Information”).

If you subscribe to a newsletter or other regular information we provide, we will process your Contact Information on the basis that you have consented to this and will only send our newsletter to you for as long as you continue to consent.

Otherwise, we process this information to provide our services and communicate with you (including with respect to customer care and support) on the basis of performing our contract with you or on the basis of our legitimate interest in providing our services to you.

  • Information which we hold because you are a client of ours (“Client Information”) and which we process during the course of providing our services to you. Client information may include relevant Contact Information, your date of birth, passport and other ID documentation (for relevant authentication and security purposes), information related to your Automata account including information you input while signed into your Automata account with us, your credit history etc.

We process this information on the basis of the performance of our contract with you or on the basis of our legitimate interest in providing our services to you.

  • Financial information which we hold in the context of providing our services to you (“Financial Information”) such as banking information, including credit or debit card information (e.g. Automata IBAN, sort code, account number, merchant details, etc.)

We process this information when we provide our services on the basis of the performance of our contract with you or on the basis of our legitimate interest in providing our services to you.

  • If you are a client of ours, we collect location information about your device whilst you are logged into your Automata account as well as in the background when you are not directly interacting with the services (“Location Information”). Once you delete your account, such information is anonymised and no longer constitutes personal data.

We may use your Location Information for purposes including fraud prevention or for providing you with currency exchange information for the country you are located in but will only process such information on the basis that you have consented to us having access to your Location Information and you may change your mind at any time by turning off location tracking either in your device settings or the app’s settings.

  • Information which we hold because you are a third party supplier relevant to the services we provide to our clients (you may for example be a professional adviser or marketing software provider) (“Supplier Information”).

We process this information on the basis of the performance of our contract with you or on the basis of our legitimate interest in providing our services to you.

  • Cookie & Analytics Information

Like most websites and mobile applications, we use cookies. Where applicable and necessary, we process cookie information on the basis that you have consented to this in order to improve or communicate with you about our services and/or to customise the website according to your personal interests. For more information on the cookies we use, please refer to paragraphs 19-24 below.

Otherwise we process other analytics technical information about your device (such as unique device identifier, IP address data, how you browse our website etc.), on the basis of our legitimate interest in providing our services to you.

  • Device Information

In certain circumstances, we may, as part of the provision of our services to you, process certain information stored on your device. By way of example, we may access contact information from your address book or your “friends/contact” lists from your Facebook and other online accounts – but we will only do this on the basis that you have consented to this.

  • We may hold information about you in order to provide information about our services. This may include names, email addresses, phone numbers, addresses, and other information (“Marketing Information”).

We process this information in order to improve our services, communicate with you about our services or for market research purposes on the basis that you have consented to receiving the information or in certain limited circumstances, on the basis of our legitimate interests in communicating with you about our services.



More examples of how we may use your data include:

  • Providing you with the relevant Automata services such as use of the Automata card to make and withdraw payments.
  • Verifying your identity (for example when you access your account with us or log in from another device) and carrying out credit checks.
  • We use your information to provide you a better service. For example, we also log and use information about any service errors or interruptions that you have experienced in order to help us create fixes and to make technical improvements to our website.
  • Providing you with details of our products and services which we think you may be interested in. We may also from time to time show you our partner’s promotions or offer however you can opt out of this by using the help service through the Automata app or by emailing our Data Protection Officer at the address given above.
  • From time to time we may contact you by your preferred mode of communication in relation to your account or services and any other issues we deem relevant.
  • If we have your permission we may also send you newsletters or emails about our events, subscription benefits or offers.
  • We also use your personal data to contact you by phone and provide you with customer support services. We may record these calls, but only for internal training and quality-control purposes.
  • We may also check your credit history to help us develop and offer credit products that are tailored to you. Credit-reference agencies will not store any of your information that we send them when we use their services for this purpose.
  • These checks of your credit history (credit insights) mean that when you apply for credit products, or we suggest credit products to you through the Automata app, we can better understand your financial circumstances and repayment history and can tailor our credit products to your needs. These credit insights do not leave any ‘footprint’ (trace) whatsoever on your credit record held by the credit-reference agency. If you do not want us to carry out credit insights, please contact us through the Automata app or by emailing
  • Some of the searches we make when you apply for a credit product leave a ‘soft footprint’ on your credit history. This means that the search will be registered on your credit file but will not be visible to others if they search your credit history. (Basically, you will be able to see this footprint, but other people won’t.) A soft footprint will not affect your credit rating. If you apply for credit, we will provide more information about this in the application form.
  • Some of our third-party providers, such as fraud-prevention agencies, may also use credit-reference agencies to help us check your identity and prevent fraud. These searches also only leave a soft footprint credit history.
  • We do not accept joint account holders, but credit-reference agencies may sometimes link your credit record with that of anyone else who is financially connected to you.
  • Due to the international nature of our services, we use credit-reference agencies and fraud-prevention agencies in the UK and overseas.
  • Sometimes you may have a right to see your personal records held by credit-reference and fraud-prevention agencies. If you would like details of the credit-reference and fraud-prevention agencies we use, please contact us through the Automata app or by sending an email to
  • You can withdraw your permission for credit checks by contacting us through the Automata app.
  • We’ll let you know if any of your contacts who are Automata customers have used our products, upgrades or features or are in the same area as you (if they have location services switched on).
  • We may use your data so you can easily make payments to your contacts using the Automata app.

How do we store your data?

  1. We will take all reasonable steps to ensure that appropriate technical and organisational measures are carried out in order to safeguard the information we collect from you and protect against unlawful access and accidental loss or damage. These measures may include (as necessary):
  • protecting our servers by both hardware and software firewalls;
  • locating our data processing storage facilities in secure locations;
  • encrypting all data stored on our server with an industry standard encryption method that encrypts the data between your computer and our server so that in the event of your network being insecure no data is passed in a format that could easily be deciphered;
  • when necessary, disposing of or deleting your data so it is done so securely;
  • regularly backing up and encrypting all data we hold.
  1. In addition, any payment transactions carried out by us or our payment-processing providers will be encrypted using Secured Sockets Layer technology or a secure virtual private network.
  2. Although we will do our best to protect your personal data as set out in paragraphs 13-14, we cannot guarantee that all information you provide through the Automata app, our website or otherwise whilst using our services will be completely secure.

Who do we share your information with?

  1. On occasions we share your information with third parties. Here are some examples of why we do this:
  • We may share your personal data within the Automata group of companies in order to provide you with the best service. For example, we may share your information with Automata Wealth Management, in order to provide you with wealth management services (for example when you switch on the wealth management function) or Automata Pay.
  • In order to carry out our services we may share your data with external suppliers and data processors such as, service technology providers and banking and financial partners (e.g. Amazon Web Services, Visa and MasterCard, and manufacturing and delivery companies (to create and deliver your Automata card)).
  • We share data with our product delivery team to help us provide better and more focused products to cater to your needs.
  • We share data with communication providers so that we can send you emails or push notifications about matters regarding your account or new products and services you might be interested in.
  • We share data with law enforcers, credit reference agencies and credit writers to help us identify and report fraud and check your eligibility for our services and products.
  • We may need to share your personal data with other third-party organisations if i) we have to do so under any law or regulation or in connection with legal claims (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime); ii) as part of a sale of some or all of our business and assets to any third party; iii) as part of any business restructuring or reorganisation; or iv) to protect our rights, property and safety, or the rights, property and safety of our users or other third parties (this includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
  • We may your information to marketers on an anonymous basis such as “600 females under 35” clicked on this advert however we do NOT provide your personally identifiable information in these instanced. We also share analytics to help improve our own services such as our website or app, to make them more relevant for our customers.
  • We may share data with social-media platforms and other partners for advertising and marketing purposes who can then check if you also hold an account with them. If you do, the partner may the send you Automata products or services that you may be interested in.

If we do supply your personal data to a third party we will take steps to ensure that your privacy rights are protected.

Transferring your information outside the UK or EEA

  1. We will not transfer your personal data in a systematic way outside of the UK or European Economic Area (EEA) but there may be circumstances in which certain personal data is transferred outside of the UK or EEA, in particular:
  • From time to time, some of our data processors may be based outside of the UK or EEA. In that case, we will ensure we have an agreement in place with such processors to provide adequate safeguards and a copy of such safeguards will be available on request.
  • If you use our services while you are outside the UK or EEA, your information may be transferred outside the UK or EEA in order to provide you with our services or communicate with you.
  • We may communicate with individuals or organisations outside of the UK or EEA in providing our services. Those communications may include personal data (such as contact information).
  • From time to time your information may be stored in devices which are used by our staff outside of the UK or EEA (but such staff will be subject to our cyber-security policies).
  1. If we transfer your information outside of the UK or EEA, and the third country or international organisation in question has not been deemed by the EU Commission to have adequate data protection laws, we will provide appropriate safeguards and we will be responsible for ensuring your privacy rights continue to be protected as outlined in this notice.

How long do we keep your information for?

  1. Our current data retention policy is to delete or destroy (to the extent we are able to) personal data after the following periods:
  • Following an enquiry with us, we will remove your Contact Information and Communication Information from our systems after a period of 3 years unless you subsequently subscribe to our services with us.
  • In respect of records relating to a contract with us – 6 years from either the end of your contract with us or from the time your account with us is closed (whichever is later). This is on the basis you have the right to redeem (ask us to return) your e-money for up to six years after your Automata account is closed.
  • In respect of Location Information and Cookie & Analytics Information (save for any essential cookies) – such data is removed after 14 months. After such period, only aggregated data (from which all personal data has been removed) is stored by us.
  • In respect of Marketing Information – such data is removed 3 years after the last date on which you have interacted with us.

For any category of personal data not specifically defined in this notice, and unless otherwise specified by applicable law, the required retention period for any personal data will be deemed to be 6 years from the date of receipt by us of that data. The retention periods stated in this notice can be prolonged or shortened as may be required (for example, in the event that legal proceedings apply to the data or if there is an on-going investigation into the data).

We review the personal data (and the categories of personal data) we are holding on a regular basis to ensure the data is still relevant to our business and is accurate. If we discover that certain data we are holding is no longer necessary or accurate, we will take reasonable steps to correct or securely delete this data as may be required.

How do we use cookies?

What are cookies?

  1. Cookies are test files placed on your computer or other electronic device to collect certain information such as internet log information and web user behaviours. When you visit our website, apps or digital platforms, we may collect certain of your data from you through cookies.

Types of cookies we use

  1. “Necessary cookies”. We need to use these cookies to make our website work, For example, when you log in, cookies help to recognise you and keep you logged in as you browse the website, as well as for security and authentication purposes. We also call these strictly necessary cookies.
  2. “Analytics, functionality and advertising cookies”. These allow us to do things such as recognise and count the number of visitors to our website, understand how visitors use our website so we can improve it where necessary, as well as see what pages and links you have visited so we can provide more relevant adverts. These cookies are all session cookies, which means that they will stop tracking your activity on the website when you close your website browser.

Can I change my cookie preferences?

  1. You can change the way your browser handles cookies if you wish. You could accept or reject them by default or be notified when a website is trying to set or update cookies. Exactly how you disable cookies depends on the browser or device you are using. The help feature on most browsers will tell you how you can manage and/or disable cookies. If you disable cookies on your browser, certain features or parts of our service may not function correctly or you may have a degraded experience.
  2. On your first visit to our site from your browser we will display a notice to notify you that we are using cookies but we will not load any cookies, except for Necessary Cookies, until you have provided your consent by clicking the “Accept” If you click the “Accept” button on our cookies notice, the analytics, functionality and advertising cookies will also be loaded.
  3. Below is a list of the cookies currently set by us:

Third party links

  1. Our website may contain links to other sites that are not operated by us. This privacy notice applies to our services only so if you click on a third-party link, we strongly advise you to review that site’s privacy policy.
  2. We have no control over and are not responsible or liable for the content, privacy policies or practices of any third-party sites or services, including the way in which they use cookies.

Your rights

  1. Automata would like to make sure you are fully aware of all of your data protection rights. On this basis and with respect to your personal data, you have the:
  • Right to be informed – you have a right to know about our personal data protection and processing activities, details of which are contained in this privacy notice.
  • Right of access– you have the right to request a copy of the data that we hold about you.
  • Right of rectification– you have the right to request a correction to the data that we hold about you that is inaccurate or incomplete.
  • Right to erasure – you have the right to request that the data we hold about you is erased from our records.
  • Right to restrict processing– you have the right to request that we restrict the way in which we process your data.
  • Right to object to processing – you have the right to object to our processing of your data.
  • Right to data portability– you have the right to request that the data we hold about you is transferred or exported to another organisation.
  • Right to withdraw your consent– you have the right to withdraw your consent you have given us to process your personal data at any time.
  • Rights in relation to automated decision making and profiling, namely:

– The right not to be subject to automated decision-making (including profiling) when those decisions have a legal (or similarly significant effect) on you.

– The right to request that your personal data will not be used to contact you for direct marketing purposes.

Please note that these rights are not absolute and certain exemptions may apply. As always if you have any questions about your data or how we process it please contact our Data Protection Officer at

Changes to our privacy notice

  1. Automata Group Ltd keeps its privacy notice under regular review and may update it from time to time. Accordingly, you should check this page regularly for any updates. Changes to this notice are effective when they are posted on this page.
  2. This privacy notice was last updated on the 15th September 2020.


  1. Should you be unsatisfied with the way we have processed your data or that we have not addressed your concerns you may contact the Information Commissioners Office through their website