The “Bank ABC Group” includes Arab Banking Corporation (B.S.C.) and any entities wholly or partially owned by it.  For more information about the Bank ABC Group, including who is a member of it, you may visit www.bank-abc.com or contact your Coverage Relationship Manager. 

• Personal data including full name, nationality, gender, date of birth, country of birth, social status, names of relatives, employment status, photos (including selfies), signature;
• Data about your identity including documents, biometric data, details of ID cards, details of passports, national social security or insurance number, driving license number;
• Contact details including residential address, email addresses, telephone numbers, proof of address documents;
• Employer, employment status, job title, full name, email, address and telephone number(s) used for work purposes;
• Financial data: income and source of income, source of wealth, average account financial activity, and engagement data;
• Data about your tax status including a tax identification number, FATCA forms, etc.; and
• Other data provided by you via completing forms and other means including e-mail, electronic messages, recorded calls, live chat, chatbots and face-to-face contact.

The personal data that we collect or generate during our business activities includes: 

• Details of transactions done by you or by any of your connected persons. Details include dates, amounts, currencies, payer and payee details;
• Data about your relationship with us, the channels you use and your ways of interacting with us, the technology you use for this and your language preferences;
• Data about your ability to get and manage your credit;
• Data concerning complaints and disputes or about the instances where you have exercised your legal rights related to the protection of your personal data;
• Market research data, e.g. opinions expressed by you when participating to our market research campaigns or surveys;
• Risk rating information, e.g. credit risk rating, transactional behaviour and underwriting information;
• Due diligence data, e.g. data required to comply with financial crime regulations (anti-money laundering, anti-terrorism financing, etc.);
• Data used to identify you such as usernames, PIN codes, passwords, signatures and biometric information (e.g. fingerprint, iris scan, voice, face recognition) or a physical token (e.g. a debit, credit or prepaid card,  a security token or electronic key) that are required when using our products or services;
• Email address(es) and telephone number(s) used to receive digital alerts (meaning an alert by SMS or email which we send to inform our customers on certain types of transactions or to provide financial information);
• Information about your device or the software you use, e.g. its IP address, technical specification and uniquely identifying data;
• Data about your geographic location, ATMs used and branches you visit;
• Data that we need to support our regulatory obligations, e.g. information about transaction details, detection of any suspicious and unusual activity and data about parties connected to you for these activities;
• We may record calls, email, text messages, social media messages and other communications between you and employees of Bank ABC; 
• Closed-circuit television (“CCTV”) videos, with or without audio recording, used in and around our premises and ATM locations for the purpose of physical security and crime prevention - therefore we may have images of you captured by our CCTV cameras;
• Online Identifiers that may leave traces which, when combined with unique identifiers and other data received by servers, may be used to identify the user.  Online Identifiers may include internet protocol addresses (IP addresses) and cookie identifiers (although we do not usually use cookies to track individual users or to identify them). For more details about cookies, see our online Cookie Policy; and
• Data relating specifically to transactions carried out on our digital platform by users.  Whilst our banking relationship is with our customer, we will be collecting data specific to transactions carried out by users.  For example, we will be able to inform our customer of details (such as dates, amounts, currencies, payer and payee details) about transactions made on our digital platforms and which user initiated the transactions. Some of this may be personal data about the user. 

Bank ABC may record and keep track of your conversations with it, including phone calls, face-to face meetings, letters, emails, live chats, video chats and any other kinds of communication. 

These recordings will be used to check your instructions to us, assess, analyse and improve the quality of our services, train our people, manage risk or to prevent and detect fraud and other crimes. 

Bank ABC may also capture additional data about these interactions, e.g. telephone numbers that you call us from and data about the devices or software that are used.

We may perform credit and identity checks with one or more credit reference agencies (“CRAs”) when you apply for a loan (including overdraft facility, credit card limit, personal loan, mortgage, car loan, etc.) or when we review such loans.

To do this, we have to share your personal data with the CRAs including details about the credit application, your financial situation and financial history. We will also inform the CRAs about your repayment history.

We may use data received from the CRAs to:

• ​Assess if we can offer you credit and whether you can afford to take the product you applied for;
• Verify the accuracy of the data you have provided to us;
• Prevent criminal activity, fraud and money laundering;
• Manage your account(s);
• Trace and recover debts; and
• Ensure any offers provided to you are appropriate to your circumstances.

You can, at any time, withdraw your consent for this marketing purpose. For more information, refer to ‘Your right to data protection’ section of this Notice. 

Please note that Bank ABC will continue to use your contact details to provide you with important information, such as changes to our Terms & Conditions or when we have legitimate reasons to do so, including compliance with our regulatory obligations.

In cases where providing your personal data is optional, we will make this clear, for instance by explaining in application forms if certain data fields can be left blank.  In particular, it is not mandatory that you sign up for or transact on digital platforms operated by us.  If we are seeking a consent to justify our processing of your personal information, we shall make this clear to you.

If any of the personal data you have given to us should change, such as your contact details, please inform us without delay.

Similarly, if we have collected personal data about you that you consider to be inaccurate, please inform us.

Kindly refer to the section on “How to contact us” below for information on how Bank ABC can be reached for updating your information.

Bank ABC may share your personal data with other parties where you have provided your explicit consent to do that.  For example, you may have instructed us to send your bank statements to your accountant.  Bank ABC may also share your data with others where it is lawful to do so including where we or they.

Bank ABC may share your data with others where it is lawful to do so including where we or they:

• Need the data to provide you with products or services you have requested;
• Have a public or legal duty to do so, e.g. to assist with detecting and preventing fraud, tax evasion and financial crime;
• Need to in connection with regulatory reporting, litigation or asserting or defending legal rights and interests; 
• Have a legitimate business reason for doing so such as to manage risk, verify your identity, enable another company to provide you with services you have requested, or assess your suitability for products and services; and
• Have asked you for your permission to share it, and you have agreed.

Bank ABC may share your data for the specific purposes below with other parties including: 

• Anyone who provides instructions or operates any of your accounts on your behalf, e.g. holders of a  Power of Attorney, solicitors, intermediaries, persons to whom you have granted security over your account and anybody else that we have been instructed to share your data with by either you, a joint account holder or anybody else who provides instructions or operates any of your accounts on your behalf;
• Any joint account holders, trustees, beneficiaries or executors, your legal representative and their advisors and member of your family if you die or suffer mental incapacity for the purposes of them making a payment on your account;
• Parties who give guarantees or other security for any amounts you owe us;
• Parties you make payments to or receive payments from;
• Other Bank ABC Group companies (including their employees, sub-contractors, service providers, directors and officers) and any of their sub-contractors, agents or service providers such as for instance backup and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other processing and support services;
• Our legal and professional advisers such as auditors and external legal counsel;
• Other financial institutions, clearing houses, custodians, counterparties, fund managers, lenders and holders of security over any property you charge to us;
• Trade associations, credit reference or rating agencies, payment service providers and debt recovery agents;
• Our business partners who we may have arranged to provide a service to you and anybody party that provides marketing services to us;
• Parties involved in any disputes, law enforcement, government, courts, dispute resolution bodies, our regulators, auditors and any party appointed or requested by our regulators to carry out investigations or audits of our activities;
• Agencies for the prevention of fraud and financial crime;
• Providers of card services, members of a credit card association or merchants where we need to disclose in regard to the operation of cards we supplied to you;
• Any introducing broker or other intermediary to whom we provide instructions or referrals;
• With any party to a transaction acquiring risk in, or assuming risk in, or in connection with, the products and services of Bank ABC or the Bank ABC Group;
• Any governmental, banking, taxation or other regulatory authorities or similar bodies with jurisdiction over any part of the Bank ABC Group, or under the rules of a relevant stock exchange, including those which are based overseas;
• Any member of Bank ABC Group to allow you to access our products and services including our Relationship Managers (if they are employed or engaged by a member of the Bank ABC Group) and our IT support teams for digital platform services;
• Any potential or actual participant, sub participant, assignee, transferee or novate (and their employees and advisors) in respect of any of any of our obligations to you under any banking agreement; and
• The courts, and as may otherwise be necessary for the administration of justice, to protect vital interests and to protect the security and integrity of our business operations or those of the Bank ABC Group.

We may need to share any of the above data with parties in different countries, when that is required to carry out our contract with you, to fulfil a legal obligation, to protect the public interest and/or for our own legitimate interests. 

The parties that we may share your personal data with may be located in countries that already have adequate protection for personal data under their applicable laws.  Where parties are located in countries that do not have such data protection laws, Bank ABC will apply safeguards to maintain the same level of protection as the country in which the products and services are supplied. 

These safeguards may be contractual agreements with the overseas recipient, or it may require the recipient to subscribe to international data protection frameworks. 

In this way your personal data may be transferred outside the country of the Bank ABC office with which you have a relationship. 

For more information about these safeguards, and others as may be relevant from time to time, you can contact us as explained in the ’How to contact us’ section of this Notice.

We keep your personal data for as long as necessary to fulfil the purposes for which it was collected (as described above).  Even when you close your account with us, we retain, as long as required, some of your personal data in order to comply with legal and regulatory requirements or in case of claims or in order to answer any of your queries.

Such personal data include:

• Activities and transactions carried out by users on the customer’s account via our digital platforms;
• Username (used in our digital platforms) of a connected person who no longer works for our customer.

Please reach out to us as per the “How to contact us” section in this Notice if you want more information about the retention of Personal Data.

We will continue to look after your personal data securely and your rights listed in this Privacy Notice remain in place until your personal data is safely deleted from our systems.

The criteria we use to determine data retention periods for your personal data includes the following:

• Retention in case of queries. We will retain some of the data in case of queries from you (for instance, if you submit an application for a product or service and if that is unsuccessful);
• Retention in case of claims. We will retain some of the data for the period in which a customer might legally bring claims against us; and
• Retention in accordance with legal and regulatory requirements. We will retain some of the data after our agreement with the customer has come to an end and, with respect to access to our digital platform, following the termination of such access, based on our legal and regulatory requirements.

If you have any questions about this Privacy Notice or the way Bank ABC B.S.C. handles personal data, please contact us at the address below:

• Bank ABC BSC, ABC Tower, Diplomatic Area P.O., Box 5698, Manama, Kingdom of Bahrain for the attention of the Data Protection Coordinator.  
• E-mail : [email protected]