Data Privacy Statement
PURPOSE OF THE STATEMENT
The purpose of this statement is to draw your attention to the type of data collected, from whom it is collected, what it is used for, and the treatment of the data collected thereafter.
By submitting your personal data, you are agreeing to the terms specified in this statement.
Should you disagree with this privacy statement, you are under no obligation to submit your personal data.
The Bank collects, processes and controls personal data that includes information that identifies you as a unique individual such as your name, age, date of birth, address, telephone number and any other information that is necessary or desirable for the Bank to offer its services. In some cases, special personal data may also be collected.
Special personal data includes personal information concerning the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health, sex life or biometric information of a data subject; or the criminal behaviour of a data subject to the extent that such information relates to the alleged commission by a data subject of any offence; or any proceedings in respect of any offence allegedly committed by a data subject or the disposal of such proceedings.
DATA COLLECTION METHODS
The Bank may collect personal information in writing, electronically by email, telephonically, online (website, internet banking, mobile wallet App or WhatsApp), video conferencing from the client and relevant third parties lawfully for the purpose of providing Bank services and products.
USE OF DATA COLLECTED
The purposes for collecting personal Data will include but are not limited to
- Establishing a relationship with you in the Bank system by which you will uniquely be identified for bank products and services.
- Understanding the reason/need for establishing the relationship with the Bank.
- Understanding your financial stand to help the Bank give suitable financial advice.
- Assessing your credit worthiness in the event it is the reason for the relationship.
- Understanding your profile as a bank client for the purpose of risk assessing you in the right manner.
- Assisting you return your statutory remittances as required by law.
- The Bank will use your data for purposes related to prevention of money laundering and crimes.
- In case of employment reasons, perform a background checks to help the Bank make an informed decision.
- For supplier related data, carry out suitable due diligence, risk assessment, administrative as well as payment reasons.
- For the purpose of marketing its products and services to you with your consent.
- Assessing and dealing with complaints for resolution purposes.
- Conducting market research and providing you with information about the Bank’s products or services from time to time via telephone or other means.
Your Personal Information may be shared within the Bank and with selected Data Processors who process the Data on the Bank’s behalf.
Your Personal Information will be shared with the Bank regulators even those in foreign jurisdictions should they request for it as required by law.
As a general rule, the Bank will retain your information in accordance with retention periods set out in Applicable Laws, unless it deems it necessary to retain it for longer for a lawful purpose (for example, for the purposes of complaints handling, legal processes, and proceedings).
PRIVACY AND INDEMNITY
The Bank responsibly treats your personal data and will only use it in accordance with this Policy and applicable data protection legislation.
You are required to take all necessary and appropriate steps to protect your Personal data yourself by use of secure passwords and access codes as the Bank has employed reasonable measures to keep your personal data secure.
You hereby indemnify the Bank from any loss, damages or injury that you may incur as a result of any security compromise of your Personal Information to unauthorized persons attributable to you or resulting from your acts or omissions during the provision of incorrect or incomplete Personal Information to the Bank.
You shall by written request to the Bank:
- Have access to your personal information that we hold, where applicable.
- Have the right to ask the Bank to change or correct details of any personal information held.
- Have the right to delete, object to processing of the personal Data provided to the Bank at any one time.
The Bank’s records are subject to regulatory retention periods, which means that we may not be able to delete or destroy your personal information immediately upon request.
You have a right to opt out of receiving electronic marketing communications such as SMS or email communications. You shall in writing request the Bank to delete you from the mailing list should you decide not to receive the Bank products marketing messages.
The Bank reserves the right to amend this privacy statement from time to time as and when it deems fit without prior notice to you and the current statement shall supersede the previous one.
A complaint can be filed with the Data Protection Officer with the address below
Attention: Data Protection Officer
BANK OF AFRICA – UGANDA Ltd
Plot 45 Jinja Road
- O. Box 2750,