Privacy policy

PRIVACY POLICY

At Europe Arab Bank plc (EAB), we understand how important it is to our customers that their personal information is kept confidential and secure. We are dedicated to protecting your privacy and providing you with the highest level of service. This Privacy Notice outlines how we collect, use, and protect the security of your information.

In this Privacy Notice, where we say "we", "us", "our", "EAB" and the "Bank", we mean Europe Arab Bank plc. Where we say "our Website", we mean eabplc.com. Where we say "you", we also mean:

  • anyone who is authorised to deal with us for you (e.g. a trustee, executor or other personal representative, or an attorney under a Power of Attorney);
  • where the customer is not an individual but a legal entity, any individual acting for that legal entity;
  • anyone standing as a personal guarantor for a customer.

We will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.

WHO WE ARE

We are Europe Arab Bank plc, a company incorporated in England with company number 05575857. We act as a data controller in respect of your personal data. Our address is:
Europe Arab Bank plc
35 Park Lane, Mayfair
London
W1K 1RB

DATA PRIVACY MANAGER

The Bank has a designated Data Privacy Manager who can assist if you have queries about this Privacy Notice or wish to exercise any of the rights mentioned in it. Either write directly to the above address or use the contact details below:
E-mail: dpo@eabplc.com

INFORMATION WE COLLECT

When you request to use our services or products, such as opening an account or applying for a mortgage, we will ask you to provide us with information about yourself for security, identification verification and account management purposes.

We process your personal information to meet our legal, statutory and contractual obligations and to provide you with our products and services. EAB cannot provide products and services to our clients without this information being provided.

We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.

The personal data that we may process includes the following categories of information about you (the examples provided within each category are not exhaustive):

  • Data recorded by the Website - allows us to recognise you and your preferred settings, this saves you from re-entering information on return visits to the site and may include details of technology, language preferences and location data. Further information can be located on our cookie notice.
  • Personal Information - such as your name, address, date of birth, nationality, identity document details, occupation, contact details (e.g. your email address, home and mobile telephone numbers), and security information.
  • Employment/Financial/Asset Details - such as your income information, assets owned, tax status, work contact details and ongoing commitments.
  • Information from third parties and public sources - including fraud prevention agencies (such as Cifas) or government agencies, internet sites and local government registers.
  • Product Information - details of products held and applied for including reasons for not proceeding where relevant and notes regarding contact made.
  • Information captured to support customer services - including information relating to customer transactions (dates, currencies, branches, payer and payee details), photographs from consumer/PR events, closed circuit television (CCTV) images captured on branch premises for security and crime prevention. We may also record calls, email, text messages, social media messages and other communications between you and the bank's employees.

The information we require from you will be explained by your Relationship Manager or a member of Bank staff at the time of opening an account or when information is updated.

HOW WE COLLECT YOUR INFORMATION

We will collect your information in the following ways:

  • Completed application forms and supporting documentation;
  • Correspondence received by us e.g. emails, telephone calls, letters and conversations held with staff in our branches or branches of EAB;
  • Directly from you or intermediaries or others acting on your behalf;
  • Via third parties such as government entities or fraud prevention agencies;
  • Through publicly available sources such as the Internet;
  • Information provided by other members of Arab Bank Group;
  • From information technology infrastructure including Private Banking online services or websites, as appropriate; this may include where we capture data in website cookies, firewalls (IP addresses), or within emails where we communicate with you.

THE BASIS FOR PROCESSING YOUR PERSONAL INFORMATION

We use your personal information for the following reasons:

Performance of Contract

We will process your personal information when that information is necessary to perform our contract with you or for taking steps prior to entering into the contract with us. We will do this for providing you with the product applied for and servicing that product during the life of the relationship. This could include:

  • Notifying you about either important change to the features and operation of the product;
  • Responding to your enquiries and complaints;
  • Updating the accuracy of our records.

Legitimate Interests

We will process your personal information where we consider that it is, on balance, when having considered your rights and freedoms, appropriate for us to do so for the following legitimate interests (for ourselves and in some cases other organisations as listed below):

  • Processing personal information about you as an individual and you as a person associated with a corporate entity (or its subsidiaries) who is our customer - as relevant. For example, a signatory, director, trustee, >25% shareholder, controller or where you hold Power of Attorney for a customer;
  • To adhere to guidance and best practice under the regimes of governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Financial Ombudsman Service, the European Commission Online Dispute Resolution, the Information Commissioner's Office and under the Financial Services Compensation Scheme;
  • Administering and managing your account and services relating to it;
  • When we share your personal information with other people and organisations including joint account holders, your guarantor (where applicable) and any person with power of attorney over your affairs;
  • For marketing communications from us and. Potentially, Arab Bank Group where we wish to inform you of products or services which may of interest. You can be removed from these lists at any time by getting in touch with your relationship manager or local branch;
  • Our legal and professional advisers, auditors and actuaries; Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner's Office and under the Financial Services Compensation Scheme (in cases where we are not under a legal compulsion to provide the personal information but where we consider this necessary for legitimate interests).

Legal Obligations

We will process your personal information when it is necessary to comply with our legal obligations including:

  • Checking your identity (this means you as an individual and/or you as a person associated with a corporate entity who is our customer - as relevant), anti-money laundering checks and checks with Fraud Prevention Agencies pre-application, at the application stage, and periodically after that;
  • Crime detection, prevention, and prosecution;
  • Regulatory reporting;
  • When required by law and for compliance with laws that apply to us;
  • To process information about a crime or offence, and proceedings related to these (in practice this is most likely to be relevant if we know of or suspect fraud);
  • When we share your personal information with other people and organisations including joint account holders, your guarantor (where applicable) and any person with power of attorney over your affairs;
  • Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Financial Ombudsman Service, the European Commission Online Dispute Resolution, the Information Commissioner's Office and under the Financial Services Compensation Scheme (in cases where we are under a legal compulsion to provide the personal information);
  • Courts and to other organisations where that is necessary for the administration of justice and to protect our interests.

WHO WE HOLD INFORMATION ON

We hold information on customers, and where required by the product(s) applied for or by our legal obligations, we may also hold information on their associates, trustees, beneficial owners and guarantors.

If you apply for a product with a guarantor, that person will see this Privacy Notice when he/she submits his own personal information to us because he/she must necessarily provide his details and sign the application form.

If there is somebody who has power of attorney over your affairs, that person will see this Privacy Notice when we make contact with him/her directly.

Where the customer is a corporate entity, information will be held on the individual signatories, controllers, directors, trustees, and beneficial owners.

SHARING YOUR INFORMATION

We will only share your personal information where we are required to do so or where you have provided your consent; specifically in the following instances:

  • Allowed by our agreement;
  • You provide explicit consent to share it with nominated intermediaries;
  • It is needed by our agents, advisors or others involved in running accounts and services for you or collecting what you owe us (this would include solicitors, valuers and any supplier we have contracted with for back office/administration services);
  • It is required by HMRC or other authorities;
  • It is permitted or required by the law, regulatory bodies or the public interest;
  • It is required by us or others to investigate or prevent crime;
  • It is needed by any other parties connected with your account (including guarantors);
  • It is required as part of our duty to protect your accounts, for example we are required to disclose your information to the Financial Services Compensation Scheme (FSCS).

PROCESSING PERSONAL DATA OUTSIDE THE UK OR EUROPEAN ECONOMIC AREA (EEA)

We are part of the Arab Bank Group which is headquartered in Amman, Jordan.

Being part of this international group means that we may share your personal data with members of the group, and also with other organisations located in countries outside the UK or EEA that may not offer the same levels of protection. When we do this we will always ensure that the transfer is lawful and appropriate safeguards are in place before personal information is transferred.

Our parent, Arab Bank plc, processes personal data for us outside the UK and EEA under a specific form of contract approved by the European Commission, which gives personal data the same protection as it has in the UK or EEA.

Please refer to our Data Privacy Manager contact details if you would like to have more information about the safeguards that are applied, under 'How to Exercise Your Rights or Make a Complaint'.

DATA RETENTION

We only retain your data for as long as is necessary and for the purpose specified in this notice.

If you would like further information about our data retention practices for specific types of data please contact our Data Privacy Manager using the contact details provided in this notice.

CALL RECORDING AND MONITORING

We may monitor and/or record phone calls. We may use recordings

  • To ensure we have carried out your instructions correctly;
  • To resolve queries and complaints;
  • For regulatory purposes;
  • To help detect or prevent fraud or other crimes;
  • To improve service and to help monitor and train our staff.

Our lawful basis for call recording under data protection law is that it is necessary for our legitimate interests or in some cases for compliance with our legal obligations.

YOUR RIGHTS

You have the right to access and obtain a copy of your data on request.

To make such a request, please refer to the section at the end entitled "How to Exercise Your Rights or Make a Complaint."

There are other rights that individuals have under data protection laws (as listed below) that the Bank is obliged to comply with:

  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;
  • The right to object to processing of your personal information;
  • The right to restrict processing of your personal information;
  • The right to have your personal information erased (the "right to be forgotten");
  • The right to move, copy or transfer your personal information ("data portability");

All requests are reviewed and measured against the Bank's lawful basis for collection of personal information.

HOW TO EXERCISE YOUR RIGHTS OR MAKE A COMPLAINT

The Bank welcomes the opportunity to answer any questions you may have about this statement or how it safeguards and confidentiality of information of data subjects.

If you wish to exercise your rights under the Data Protection Act, please contact our Data Privacy Manager. Either email dpo@eabplc.com citing "Data Protection" or write to the address below:
Data Protection
EAB plc
35 Park Lane, Mayfair
London W1K 1RB

To make a complaint about how your personal data is used, please refer to our complaints process which can be found here.

If you have any concerns about the way we use your information and are not happy with the response provided following an enquiry with the Bank's Data Privacy Manager you can also raise your concerns with the Information Commissioner's Office (ICO) which regulates the processing of personal data:

https://ico.org.uk/concerns/ or call 0303 123 11130.

Last reviewed by Europe Arab Bank October 2022