Privacy notice
Europe Arab Bank PRIVACY NOTICE
(Includes Mobile Banking Application & Website usage)
At Europe Arab Bank plc (EAB), we understand how important it is to our customers that their personal information is kept confidential and secure. We are dedicated to protecting your privacy and providing you with the highest level of service. This Privacy Notice outlines how we collect, use, and protect the security of your information.
In this Privacy Notice, where we say "we", "us", "our", "EAB" and the "Bank", we mean Europe Arab Bank plc. Where we say "our Website", we mean eabplc.com. Where we say " our App", we mean our mobile banking application. Where we say "you", we also mean:
- anyone who is authorised to deal with us for you (e.g. a trustee, executor or other personal representative, or an attorney under a Power of Attorney);
- where the customer is not an individual but a legal entity, any individual acting for that legal entity;
- anyone standing as a personal guarantor for a customer.
We will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.
Who we are
We are Europe Arab Bank plc, a company incorporated in England with company number 05575857. We act as a data controller in respect of your personal data. Our address is:
Europe Arab Bank plc
35 Park Lane, Mayfair
London
W1K 1RB
Data Protection Officer
The Bank has a designated Data Protection Officer who can assist if you have queries about this Privacy Notice or wish to exercise any of the rights mentioned in it. Either write directly to the above address or use the contact details below:
E-mail: DPO@eabplc.com
Information We Collect – General
When you request to use our services or products, such as opening an account or applying for a mortgage, we will ask you to provide us with information about yourself for security, identification verification and account management purposes.
We process your personal information to meet our legal, statutory and contractual obligations and to provide you with our products and services. EAB cannot provide products and services to our clients without this information being provided.
We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.
The personal data that we may process includes the following categories of information about you (the examples provided within each category are not exhaustive):
- Personal Information – such as your name, address, date of birth, nationality, identity document details, occupation, contact details (e.g. your email address, home and mobile telephone numbers), and security information.
- Employment/Financial/Asset Details – such as your income information, assets owned, tax status, work contact details and ongoing commitments.
- Information from third parties and public sources - including fraud prevention agencies (such as Cifas) or government agencies, internet sites and local government registers. Product Information – details of products held and applied for including reasons for not proceeding where relevant and notes regarding contact made.
- Information captured to support customer services – including information relating to customer transactions (dates, currencies, branches, payer and payee details), photographs from consumer/PR events, closed circuit television (CCTV) images captured on branch premises for security and crime prevention. We may also record calls, email, text messages, social media messages and other communications between you and the bank's employees.
The information we require from you will be explained by your Relationship Manager or a member or Bank staff at the time of opening an account or when information is updated.
Please note that we use software to recognise you and record your preferred settings and therefore you will see a cookie notice when you access our data on our Website. Any information you submit to our website is retained for 1 year and then deleted.
How We Collect Your Information
We will collect your information in the following ways:
- Completed application forms and supporting documentation;
- Correspondence received by us e.g. emails, telephone calls, letters and conversations held with staff in our branches or branches of EAB;
- Directly from you or intermediaries or others acting on your behalf;
- Via third parties such as government entities or fraud prevention agencies;
- Through publically available sources such as the Internet;
- Information provided by other members of Arab Banking Group;
- From information technology infrastructure including Private Banking online services or websites, as appropriate; this may include where we capture data in website cookies, firewalls (IP Addresses), or within emails where we communicate with you.
The Basis for Processing your Personal Information
We use your personal information for the following reasons:
Performance of Contract
We will process your personal information when that information is necessary to perform our contract with you or for taking steps prior to entering into the contract with us. We will do this for providing you with the product applied for and servicing that product during the life of the relationship. This could include:
- Notifying you about either important changes to the features and operation of the product;
- Responding to your enquiries and complaints;
- Updating the accuracy of our records.
Legitimate Interests
We will process your personal information where we consider that it is, on balance, when having considered your rights and freedoms, appropriate for us to do so for the following legitimate interests (for ourselves and in some cases other organisations as listed below):
- Processing personal information about you as an individual and you as a person associated with a corporate entity (or its subsidiaries) who is our customer – as relevant. For example a signatory, director, trustee, >25% shareholder, controller or where you hold Power of Attorney for a customer;
- To adhere to guidance and best practice under the regimes of governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Financial Ombudsman Service, the European Commission Online Dispute Resolution, the Information Commissioner's Office and under the Financial Services Compensation Scheme;
- Administering and managing your account and services relating to it;
- When we share your personal information with other people and organisations including joint account holders, your guarantor (where applicable) and any person with power of attorney over your affairs;
- For marketing communications from us and. Potentially, Arab Bank Group where we wish to inform you of products or services which may of interest. You can be removed from these lists at any time by getting in touch with your relationship manager or local branch;
- Our legal and professional advisers, auditors and actuaries; Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner's Office and under the Financial Services Compensation Scheme (in cases where we are not under a legal compulsion to provide the personal information but where we consider this necessary for legitimate interests).
Legal Obligations
We will process your personal information when it is necessary to comply with our legal obligations including:
- Checking your identity (this means you as an individual and/or you as a person associated with a corporate entity who is our customer – as relevant), anti-money laundering checks and checks with Fraud Prevention Agencies pre-application, at the application stage, and periodically after that;
- Crime detection, prevention, and prosecution;
- Regulatory reporting;
- When required by law and for compliance with laws that apply to us;
- To process information about a crime or offence, and proceedings related to these (in practice this is most likely to be relevant if we know of or suspect fraud);
- When we share your personal information with other people and organisations including joint account holders, your guarantor (where applicable) and any person with power of attorney over your affairs;
- Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Financial Ombudsman Service, the European Commission Online Dispute Resolution, the Information Commissioner's Office and under the Financial Services Compensation Scheme (in cases where we are under a legal compulsion to provide the personal information);
- Courts and to other organisations where that is necessary for the administration of justice and to protect our interests.
Who We Hold Information On
We hold information on customers, and where required by the product(s) applied for or by our legal obligations, we may also hold information on their associates, trustees, beneficial owners and guarantors.
If you apply for a product with a guarantor, that person will see this Privacy Notice when he/she submits his own personal information to us because he/she must necessarily provide his details and sign the application form.
If there is somebody who has power of attorney over your affairs, that person will see this Privacy Notice when we contact him/her directly.
Where the customer is a corporate entity, information will be held on the individual signatories, controllers, directors, trustees, and beneficial owners.
Sharing Your Information
We will only share your personal information where we are required to do so or where you have provided your consent; specifically, in the following instances:
- Allowed by our agreement;
- You provide explicit consent to share it with nominated intermediaries;
- It is needed by our agents, advisors or others involved in running accounts and services for you or collecting what you owe us (this would include solicitors, valuers and any supplier we have contracted with for back office/administration services);
- It is required by HMRC or other authorities;
- It is permitted or required by the law, regulatory bodies or the public interest;
- It is required by us or others to investigate or prevent crime;
- It is needed by any other parties connected with your account (including guarantors);
- It is required as part of our duty to protect your accounts, for example we are required to disclose your information to the Financial Services Compensation Scheme (FSCS).
Processing Personal Data Outside the UK or European Economic Area (EEA)
We are part of the Arab Bank Group which is headquartered in Amman, Jordan.
Being part of this international group means that we may share your personal data with members of the group, and also with other organisations located in countries outside the UK or EEA that may not offer the same levels of protection. When we do this, we will always ensure that the transfer is lawful and appropriate safeguards are in place before personal information is transferred.
Our parent, Arab Bank plc, processes personal data for us outside the UK and EEA under a specific form of contract approved by the European Commission which gives personal data the same protection as it has in the UK or EEA.
Please refer to our Data Protection Officer contact details if you would like to have more information about the safeguards that are applied, under 'How to Exercise Your Rights or Make a Complaint'.
Data Retention
We only retain your data for as long as is necessary and for the purpose specified in this notice.
If you would like further information about our data retention practices for specific types of data please contact our Data Protection Officer using the contact details provided in this notice.
Online Banking, Mobile Banking, and other mobile or online services
This section sets out some specific information pertaining to the use of either online or mobile banking. We'll use your information to allow us to provide you with access to our online platforms and mobile apps (for example, the Europe Arab Bank (EAB) Mobile Banking App.)
This includes information you provide to us, directly or indirectly when using EAB mobile apps, Online Banking or using our website.
The lawful basis for using your information for this purpose is to perform our contract with you or that processing for this purpose is in our legitimate interest.
Legitimate Interest could mean for example;
This may include information gathered for devolving new services and products; internal research and analysis; to help us run our business which could include, financial management, risk management, planning, corporate governance; audit, research or for more general marketing purposes;
Fundamentally the information used will enable us to provide a consistent and integrated service to you, this data enables us to enhance your personal user experience and continually improve our customer journey.
Device Information
We will collect basic device information, for example; device type and model, operating system, unique device identifiers and mobile network information
Usage Data
We will track the following usage data points; information about where you downloaded the EAB Mobile Banking App; activity to enable us to detect any unusual or suspicious activity on your device to prevent payment scams and fraudulent activities; areas of our app that you visit; time and date of your usage; other relevant diagnostic data
Call Recording and Monitoring
We may monitor and/or record phone calls. We may use recordings
- To ensure we have carried out your instructions correctly;
- To resolve queries and complaints;
- For regulatory purposes;
- To help detect or prevent fraud or other crimes;
- To improve service and to help monitor and train our staff.
Our lawful basis for call recording under data protection law is that it is necessary for our legitimate interests or in some cases for compliance with our legal obligations.
Your Rights
You have the right to access and obtain a copy of your data on request.
To make such a request, please refer to the section at the end entitled "How to Exercise Your Rights or Make a Complaint."
There are other rights that individuals have under data protection laws (as listed below) that the Bank is obliged to comply with:
- The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;
- The right to object to processing of your personal information;
- The right to restrict processing of your personal information;
- The right to have your personal information erased (the "right to be forgotten");
- The right to move, copy or transfer your personal information ("data portability");
All requests are reviewed and measured against the Bank's lawful basis for collection of personal information.
How to Exercise Your Rights or Make a Complaint
The Bank welcomes the opportunity to answer any questions you may have about this statement or how it safeguards and confidentiality of information of data subjects.
If you wish to exercise your rights under the Data Protection Act, please contact our Data Protection Officer.
Either email DPO@eabplc.com citing "Data Protection" or
Write to the address below:
Data Protection Officer - EAB Bank PLC.
Head Office, 35 Park Lane, Mayfair, London, W1K 1RB
To make a complaint about how your personal data is used, please refer to our complaints process which can be found here.
If you have any concerns about the way we use your information and are not happy with the response provided following an enquiry with The Bank's Data Protection Officer you can also raise your concerns with the Information Commissioner's Office (ICO) which regulates the processing of personal data:
https://ico.org.uk/about-the-ico/what-we-do/how-we-handle-concerns/ or call 0303 123 11130.
Changes to this Privacy Notice
We may update our Privacy Notice from time to time. We will notify you of any changes by posting the new Privacy Notice on this page. You are advised to review this Privacy Notice when notified of any changes. Changes to this Privacy Notice are effective when they are posted on this page.
Last Reviewed by Europe Arab Bank July 2024.