This Privacy Notice was last updated on 1 September 2020.
|The purpose of this Privacy Notice is to explain
how Bank ABC (“Bank ABC”, “we”, “us” and “our”) and
the other members of the Bank ABC Group may process your personal data.|
ABC Group” includes Arab Banking Corporation (B.S.C.) and any entities
wholly or partially owned by it. For
more information about the Bank ABC Group, including who is a member of it, you
may visit www.bank-abc.com or contact your Coverage Relationship Manager.
A data controller determines
the purposes and means of the processing of your personal data.
Your data controller is Bank ABC B.S.C, Bank ABC
Tower, Diplomatic Area, P.O. Box 5698, Manama, Kingdom of Bahrain, with which
you have entered into a banking relationship, or with which you operate an
account, including through the use of our digital platforms.
You can find more details on how to contact us at
the end of this Privacy Notice.
For the purposes of this Privacy Notice "personal data" is information:
- that identifies or can be
used to identify you;
- that relates to,
describes, is reasonably capable of being associated with or could reasonably
be linked (directly or indirectly) with you;
- that can be used to
authenticate you or provide access to an account.
Where the customer of Bank ABC is a natural person, any reference to the “customer” and “you” will mean such natural person.
The term “you”
also refers to any individual whose personal data is provided to us by the
customer, or anyone acting on their behalf (a “connected person”).
customer of Bank ABC is a business customer, (i.e. they are organized as a
legal entity) any reference to “you” will mean any connected person and
a reference to the “customer” will mean the business customer of Bank
we collect as a result of transactions with a business customer is usually
limited to details on owners (direct, indirect and beneficial), officers, authorized
persons, and personal guarantors.
If you are a
senior manager, authorized signatory or beneficial owner of a business customer
of Bank ABC, or if you are a personal customer of Bank ABC, you must ensure
that every connected person receives a copy of this Privacy Notice before their
personal data is shared with Bank ABC.
|We will use your personal data where we have your
consent or when we have another lawful reason such as:|
- The need to process the data to enter into or carry out an agreement we
have with you;
- The need to pursue our own legitimate interests;
- The need to process the data to comply with a legal obligation (e.g.
compliance with our regulatory obligations under any applicable regimes
including without limitation sanctions due diligence checks, or to comply with
tax regulations that require us to report the tax status of our customers);
- The need to establish, exercise or defend our legal rights or those of
a member of Bank ABC Group or a third party employed by us; and
- When we believe the use of your data as described is in the public
reasons or purposes for which we may use your personal data include:
- To set up, maintain, fulfil and administer the contractual relationship
that we have with you;
- To provide you with products and services and to process the data to enter into or carry out an agreement we have with you;
- To enable you manage your account and transact with us;
- To make credit assessments and checks;
- To collect debt (which may involve passing your personal data to debt
- To assess the suitably of our products and services for your needs;
- To keep records of your instructions, transactions and communications
for any further required evidence, and to prevent or detect financial crime or
suspected financial crime, including (but not limited to) fraud, money
laundering and financing of terrorism;
- To test the performance of our products, services, and internal
- To administer our internal operational requirements (including credit,
compliance, and risk management, market research, system and product
development, staff training, quality control, accounting, and for audit
- To keep records of activities effected on our digital platforms,
websites or mobile applications, such as your connection’s timestamp and
- To process requests relating to the exercise of your rights under data
protection laws; and
- To develop statistics and for market research, surveys and analysis
including to develop and improve our products and services so that we can offer
new and enhanced products and services to you, which may include converting
your personal data into statistical or aggregated data which cannot be used to
|The personal data we collect includes data
provided by you when at the start of our relationship, or at any time
thereafter such as:|
- Personal data including full name, nationality, gender, date of birth,
country of birth, social status, names of relatives, employment status, photos
(including selfies), signature;
- Data about your identity including documents, biometric data,
details of ID cards, details of passports, national social security or
insurance number, driving license number;
- Contact details including residential address, email addresses,
telephone numbers, proof of address documents;
- Employer, employment status, job title, full name, email, address and telephone
number(s) used for work purposes;
- Financial data: income and source of income, source of wealth, average
account financial activity, and engagement data;
- Data about your tax status including a tax identification number, FATCA
forms, etc.; and
- Other data provided by you via completing forms and other means
including e-mail, electronic messages, recorded calls, live chat, chatbots and
The personal data that we collect or generate
during our business activities includes:
- Details of transactions done by you or by any of your connected
persons. Details include dates, amounts, currencies, payer and payee details;
- Data about your relationship with us, the channels you use and your
ways of interacting with us, the technology you use for this and your language
- Data about your ability to get and manage your credit;
- Data concerning complaints and disputes or about the instances where
you have exercised your legal rights related to the protection of your personal
- Market research data, e.g. opinions expressed by you when participating
to our market research campaigns or surveys;
- Risk rating information, e.g. credit risk rating, transactional behaviour
and underwriting information;
- Due diligence data, e.g. data required to comply with financial crime
regulations (anti-money laundering, anti-terrorism financing, etc.);
- Data used to identify you such as usernames, PIN codes, passwords,
signatures and biometric information (e.g. fingerprint, iris scan, voice, face
recognition) or a physical token (e.g. a debit, credit or prepaid card, a security token or electronic key) that are
required when using our products or services;
- Email address(es) and telephone number(s) used to receive digital
alerts (meaning an alert by SMS or email which we send to inform our customers
on certain types of transactions or to provide financial information);
- Information about your device or the software you use, e.g. its IP
address, technical specification and uniquely identifying data;
- Data about your geographic location, ATMs used and branches you visit;
- Data that we need to support our regulatory obligations, e.g.
information about transaction details, detection of any suspicious and unusual
activity and data about parties connected to you for these activities;
- We may record calls, email, text messages, social media messages and
other communications between you and employees of Bank ABC;
- Closed-circuit television (“CCTV”) videos, with or without audio
recording, used in and around our premises and ATM locations for the purpose of
physical security and crime prevention - therefore we may have images of you
captured by our CCTV cameras;
- Online Identifiers that may leave traces which, when combined with
unique identifiers and other data received by servers, may be used to identify
the user. Online Identifiers may include internet protocol addresses (IP
track individual users or to identify them). For more details about
- Data relating specifically to transactions carried out on our digital
platform by users. Whilst our banking relationship is with our customer,
we will be collecting data specific to transactions carried out by users.
For example, we will be able to inform our customer of details (such as dates,
amounts, currencies, payer and payee details) about transactions made on our
digital platforms and which user initiated the transactions. Some of this may
be personal data about the user.
| We collect your personal data from a number of
- Data provided by you when we set up, administer and manage our
relationship with you;
- Data we otherwise receive directly from you or from a person acting on
- Data we obtain from third parties such as brokers, credit reference,
debt recovery, fraud prevention or government agencies;
- Data that we gather from publicly available sources such as the
Internet and companies’ registries or other local trade registers;
- Data that we learn through your use of our services and products such
as when you use our digital platforms or mobile applications, when you visit
our websites or when you interact with us through a recorded channel (e.g. a
recorded telephone line, a chatbot etc.);
- Data that we identify through our fraud prevention controls;
- Data provided by other members of the Bank ABC Group; and
- Data we receive directly by your engagement with our social media platforms.
Bank ABC may record and keep track of your
conversations with it, including phone calls, face-to face meetings, letters,
emails, live chats, video chats and any other kinds of communication.
These recordings will be used to check your
instructions to us, assess, analyse and improve the quality of our services,
train our people, manage risk or to prevent and detect fraud and other crimes.
Bank ABC may also capture additional data about
these interactions, e.g. telephone numbers that you call us from and data about
the devices or software that are used.
We may perform credit and identity checks with one
or more credit reference agencies (“CRAs”) when you apply for a loan
(including overdraft facility, credit card limit, personal loan, mortgage, car
loan, etc.) or when we review such loans.
To do this, we have to share your personal data
with the CRAs including details about the credit application, your financial
situation and financial history. We will also inform the CRAs about your
We may use data received from the CRAs to:
- Assess if we can offer you credit and whether you can afford to take
the product you applied for;
- Verify the accuracy of the data you have provided to us;
- Prevent criminal activity, fraud and money laundering;
- Manage your account(s);
- Trace and recover debts; and
- Ensure any offers provided to you are appropriate to your
|We may use your data to inform you about products
and services offered by Bank ABC or other entities of the Bank ABC Group. |
You can, at any time, withdraw your consent for
this marketing purpose. For more information, refer to ‘Your right to data
protection’ section of this Notice.
Please note that Bank ABC will continue to use
your contact details to provide you with important information, such as changes
to our Terms & Conditions or when we have legitimate reasons to do so,
including compliance with our regulatory obligations.
|We are unable to enter into or administer the
relationship with you without some of your personal data. |
In cases where providing your personal data is
optional, we will make this clear, for instance by explaining in application
forms if certain data fields can be left blank. In particular, it is not
mandatory that you sign up for or transact on digital platforms operated by
us. If we are seeking a consent to justify our processing of your
personal information, we shall make this clear to you.
|You are responsible for ensuring that the data
that you provide is accurate.|
If any of the personal data you have given to us
should change, such as your contact details, please inform us without delay.
Similarly, if we have collected personal data
about you that you consider to be inaccurate, please inform us.
Kindly refer to the section on “How to contact
us” below for information on how Bank ABC can be reached for updating your
Bank ABC may share your
personal data with other parties where you have provided your explicit consent to
do that. For example, you may have instructed us to send your bank
statements to your accountant. Bank ABC
may also share your data with others where it is lawful to do so including
where we or they.
Bank ABC may share your
data with others where it is lawful to do so including where we or they:
- Need the data to provide you with products or services you have
- Have a public or legal duty to do so, e.g. to assist with detecting and
preventing fraud, tax evasion and financial crime;
- Need to in connection with regulatory reporting, litigation or
asserting or defending legal rights and interests;
- Have a legitimate business reason for doing so such as to manage risk,
verify your identity, enable another company to provide you with services you
have requested, or assess your suitability for products and services; and
- Have asked you for your permission to share it, and you have agreed.
Bank ABC may
share your data for the specific purposes below with other parties including:
- Anyone who provides instructions or operates any of your accounts on
your behalf, e.g. holders of a Power of
Attorney, solicitors, intermediaries, persons to whom you have granted security
over your account and anybody else that we have been instructed to share your
data with by either you, a joint account holder or anybody else who provides
instructions or operates any of your accounts on your behalf;
- Any joint account holders, trustees, beneficiaries or executors, your legal representative and their advisors and member of your family if you
die or suffer mental incapacity for the purposes of them making a payment on
- Parties who give guarantees or other security for any amounts you owe
- Parties you make payments to or receive payments from;
- Other Bank ABC Group companies (including their employees,
sub-contractors, service providers, directors and officers) and any of their
sub-contractors, agents or service providers such as for instance backup and
server hosting providers, IT software and maintenance providers, document
storage providers and suppliers of other processing and support services;
- Our legal and professional advisers such as auditors and external legal
- Other financial institutions, clearing houses, custodians,
counterparties, fund managers, lenders and holders of security over any
property you charge to us;
- Trade associations, credit reference or rating agencies, payment
service providers and debt recovery agents;
- Our business partners who we may have arranged to provide a service to
you and anybody party that provides marketing services to us;
- Parties involved in any disputes, law enforcement, government, courts,
dispute resolution bodies, our regulators, auditors and any party appointed or
requested by our regulators to carry out investigations or audits of our
- Agencies for the prevention of fraud and financial crime;
- Providers of card services, members of a credit card association or
merchants where we need to disclose in regard to the operation of cards we
supplied to you;
- Any introducing broker or other intermediary to whom we provide
instructions or referrals;
- With any party to a transaction acquiring risk in, or assuming risk in,
or in connection with, the products and services of Bank ABC or the Bank ABC
- Any governmental, banking, taxation or other regulatory authorities or
similar bodies with jurisdiction over any part of the Bank ABC Group, or under
the rules of a relevant stock exchange, including those which are based
- Any member of Bank ABC Group to allow you to access our products and
services including our Relationship Managers (if they are employed or engaged
by a member of the Bank ABC Group) and our IT support teams for digital
- Any potential or actual participant, sub participant, assignee,
transferee or novate (and their employees and advisors) in respect of any of
any of our obligations to you under any banking agreement; and
- The courts, and as may otherwise be necessary for the administration of
justice, to protect vital interests and to protect the security and integrity
of our business operations or those of the Bank ABC Group.
We may need to share any of the above data with
parties in different countries, when that is required to carry out our contract
with you, to fulfil a legal obligation, to protect the public interest and/or
for our own legitimate interests.
The parties that we may share your personal data
with may be located in countries that already have adequate protection for
personal data under their applicable laws. Where parties are located in countries that do
not have such data protection laws, Bank ABC will apply safeguards to maintain the
same level of protection as the country in which the products and services are
These safeguards may be contractual agreements
with the overseas recipient, or it may require the recipient to subscribe to
international data protection frameworks.
In this way your personal data may be transferred
outside the country of the Bank ABC office with which you have a relationship.
For more information about these safeguards, and
others as may be relevant from time to time, you can contact us as explained in
the ’How to contact us’ section of this Notice.
We keep your personal data for as long as
necessary to fulfil the purposes for which it was collected (as described
above). Even when you close your account
with us, we retain, as long as required, some of your personal data in
order to comply with legal and regulatory requirements or in case of claims or
in order to answer any of your queries.
Such personal data include:
- Activities and transactions carried out by users on the customer’s
account via our digital platforms;
- Username (used in our digital platforms) of a connected person who no
longer works for our customer.
Please reach out to us as per the “How to
contact us” section in this Notice if you want more information about the
retention of Personal Data.
We will continue to look after your personal data
securely and your rights listed in this Privacy Notice remain in place until
your personal data is safely deleted from our systems.
The criteria we use to determine data retention
periods for your personal data includes the following:
- Retention in case of queries. We will retain some of the data in case of
queries from you (for instance, if you submit an application for a product or
service and if that is unsuccessful);
- Retention in case of claims. We will retain some of the data for the period
in which a customer might legally bring claims against us; and
- Retention in accordance with legal and regulatory requirements. We will
retain some of the data after our agreement with the customer has come to an end and,
with respect to access to our digital platform, following the termination of
such access, based on our legal and regulatory requirements.
You have the following rights to data protection:
- The right to be informed about the processing of your personal data;
- The right to have your personal data corrected if it is inaccurate and
to have incomplete personal data completed;
- The right to object to the processing of your personal data;
- The right to restrict the processing of your personal data;
- The right to have your personal data erased (the right to be
- The right to request access to your personal data and to obtain
information about how we process it;
- The right to move, copy or transfer your personal data (data
- The right not to be subject to a decision based solely on automated processing,
- which produces
legal effects concerning you or similarly significantly affects you; and
- The right to withdraw your consent at any time (e.g. no longer be
included in our marketing campaigns).
Please note that these rights are not absolute and
do not apply in all circumstances. It is
understood that you will be entitled to any additional rights that would be
conferred by the applicable Laws and Regulations. If you wish to exercise any of these rights,
please write or mail to us.
Kindly refer to the section “How to contact us”
if you want to exercise any of your data protection rights.
In addition, you have the right to complain to the
relevant supervisory authority which has enforcement powers and can investigate
compliance with data protection laws.
The relevant Personal Data Protection Authority in
the Kingdom of Bahrain is the Ministry of Justice, Islamic Affairs and Waqf.
|There may be other terms and conditions in our agreements with the customer that will apply to our use of your personal data. Such terms and conditions must be read in conjunction with this Privacy Notice.|
|Please contact us in case you need a copy of this Notice in another format and we will seek to accommodate. |
Kindly refer to the section below for information on how such request can be made.
If you have any questions about this Privacy
Notice or the way Bank ABC B.S.C. handles personal data, please contact us at the address below:
- Bank ABC BSC, ABC Tower,
Diplomatic Area P.O., Box 5698, Manama, Kingdom of Bahrain for the attention of
the Data Protection Coordinator.
- E-mail : Privacy.firstname.lastname@example.org
|Bank ABC wins big at the Global Finance-World’s Best Treasury and Cash Management Banks 2022 awards|
|2022 Annual General Meeting|