Mobile Privacy Policy
مسار التنقل
الموقع الإلكتروني
Laws protecting your personal data:
The data privacy and protection laws and regulations aim to protect your privacy and regulates how the Bank collect, use, and disclose personal data. The Bank operating in the Kingdom or elsewhere processing your personal data should ensure compliance with the applicable data protection laws to protect your personal data.
Key Principles:
Key Principles:
- We need a legitimate reason to collect your data (e.g., consent, contracts).
- We will be clear about what data we collect from you and why we collect it under the data protection and privacy laws.
- We will only collect what's truly needed and will not hold onto it longer than necessary.
- We will implement strong security measures to keep your data safe.
What information we collect and how we collect it:
The Bank will only collect information about you as permitted by applicable laws and regulations.
The Bank may collect your personal data directly or indirectly from you. We may collect it from a range of sources including applications of web browsers, credit information, service providers etc. We may also collect information about you when you or your representative interact with us through our websites or mobile channels, telephone banking or when you visit one of our branches. Some of the information will come directly/ indirectly about you, for example:
The Bank may collect your personal data directly or indirectly from you. We may collect it from a range of sources including applications of web browsers, credit information, service providers etc. We may also collect information about you when you or your representative interact with us through our websites or mobile channels, telephone banking or when you visit one of our branches. Some of the information will come directly/ indirectly about you, for example:
- When you provide identification to open an account.
- It can come from your financial advisor, broker, or other sources you have asked the Bank to obtain information from.
- Personal data from publicly or commercially available shared information.
- From databases made available by official authorities’ sources to update/verify your documents.
- Cookies and tracking technologies.
- People appointed to act on the behalf of minors and incompetents, such as legal guardian(s).
|
How we will use your information:
The Bank may collect and process a significant amount of personal data to fulfill various functions essential for their core business and regulatory requirements, including:
- Account Management and Customer Service – opening accounts, processing transactions, and providing customer support.
- Security and Fraud Prevention.
- Risk Management and Creditworthiness – managing credit risk and assessing loan applications.
- Personalized Marketing.
Why we collect your data:
The Bank would need your data to provide you with the services or products requested by you.
After you apply for any service or product or become our customer, the Bank has certain legal obligations to process your personal data. If you do not provide us with the requested personal data, the Bank will be unable to comply with the legal or regulatory obligations and will not be able to offer our products and services to you.
The Bank would make it clear on their application forms what personal data is required to be provided by you by marking the mandatory fields with the asterisk symbol (*).
After you apply for any service or product or become our customer, the Bank has certain legal obligations to process your personal data. If you do not provide us with the requested personal data, the Bank will be unable to comply with the legal or regulatory obligations and will not be able to offer our products and services to you.
The Bank would make it clear on their application forms what personal data is required to be provided by you by marking the mandatory fields with the asterisk symbol (*).
Legal Basis for Processing your Personal Data:
We will only use and or process your personal data if we have your consent. However, consent is not required for the following cases:
- If the processing achieves actual interests for the data subject and it is impossible or difficult to contact them.
- If the personal data is publicly available or collected from a publicly available source.
- If we need to pursue our legitimate interests, without prejudice to your rights and interests, and provided that no Sensitive Data is processed.
- If we need to comply with the regulations and laws that are applicable to the Bank.
- To protect your and/or the Kingdom’s vital interests.
- Achieving public interest or serving an official request from an authority according to its roles.
Who we might share your data with:
Your personal data may be disclosed internally within the Bank, as well as to the following entities, for the legal basis described above.
|
How long we’ll keep your information:
The Bank might be required to keep your personal data for the purpose for which it was collected, processed, or requested under relevant rules and instructions in line with the regulatory requirements. This may include legal purposes, maintaining records for analysis and audit purposes, responding to inquiries or complaints, monitoring fraud and money laundering transactions, taking legal actions, and responding to regulators’ requests.
If you opt-out from receiving marketing communications or object to any other processing of your personal data, we may keep a record of your objection to ensure that we continue to respect your request and do not contact you further.
We keep your information in line with our data retention policy. We will not keep your personal data for longer than is necessary for the purpose for which it was collected. This means that your personal data will be destroyed or erased from our systems when it is no longer required. We take appropriate steps to ensure that we process and keep your personal data based on the following:
If you opt-out from receiving marketing communications or object to any other processing of your personal data, we may keep a record of your objection to ensure that we continue to respect your request and do not contact you further.
We keep your information in line with our data retention policy. We will not keep your personal data for longer than is necessary for the purpose for which it was collected. This means that your personal data will be destroyed or erased from our systems when it is no longer required. We take appropriate steps to ensure that we process and keep your personal data based on the following:
- For the duration for which the personal data is used to provide you with a service.
- As required under law, a contract, or about our statutory obligations.
How we keep your personal data secure:
The Bank uses a set of internal technical and organizational security measures to keep your personal data secure and protected against unauthorized processing, disclosure, loss, destruction, or damage.
The Bank’s employees and any external parties or service providers undertaking any work on behalf of the Bank should abide by strict compliance standards, including agreeing to contractual obligations to protect any personal data.
The Bank has a legal obligation to maintain the confidentiality and integrity of your personal data from unauthorized access, disclosure, alteration, and destruction, except in circumstances where disclosure of such data is required by a legal authority, or in circumstances in which disclosure is made on the basis of your consent or your legal representative.
The Bank’s employees and any external parties or service providers undertaking any work on behalf of the Bank should abide by strict compliance standards, including agreeing to contractual obligations to protect any personal data.
The Bank has a legal obligation to maintain the confidentiality and integrity of your personal data from unauthorized access, disclosure, alteration, and destruction, except in circumstances where disclosure of such data is required by a legal authority, or in circumstances in which disclosure is made on the basis of your consent or your legal representative.
Transferring your information overseas:
When the Bank (or its subsidiaries or providers) transfers your personal data to other countries for the purpose of providing any products or services, the Bank ensures your personal data is afforded appropriate level of protection and that such transfer has met legal and regulatory requirements.
You can get more details of the protection given to your personal data when it’s transferred outside the Kingdom of Saudi Arabia (KSA) by contacting us using the details in CONTACT US section.
You can get more details of the protection given to your personal data when it’s transferred outside the Kingdom of Saudi Arabia (KSA) by contacting us using the details in CONTACT US section.
Your rights:
In accordance with applicable laws and regulations, you have the right to ask us to provide details about legal basis and the purpose of processing the personal data we have collected, and you can request us to correct, complete, or update any inaccuracies related to your personal data. You can request us to provide you with a copy of your personal data in a readable and clear format.
The Bank makes all its efforts to guarantee your rights in line with the applicable regulations/standards, according to the following:
However, there are few exceptions to consider when dealing with your data privacy rights. Here are some common exceptions:
The Bank makes all its efforts to guarantee your rights in line with the applicable regulations/standards, according to the following:
- Right to be Informed: You have the right to be informed about the collection and usage of your personal data including why and how we collect your personal data, the purposes for processing your data, and who will it be shared with.
- Right to Request Access: You have the right to access your personal data with the Bank in a structured, readable, and clear format and are entitled to obtain a copy of it. The Bank may also restrict this request as per the cases stipulated in applicable laws and regulations.
- Right to Rectification: You can request to have your personal data corrected (if inaccurate), completed (if incomplete) or updated (if out of date).
- Right to Request Destruction: You have the right to request that your personal data be destroyed when:
- You consider that we no longer require the information for the purposes for which it was obtained.
- You have validly objected to our use of your personal data.
- Our use of your personal data is contrary to the Law or any other legal obligations.
- You have revoked your consent to collect and process your personal data.
- Right to Object to the processing of your personal data: You have the right that entitles you to request that the Bank no longer processes your personal data. The Bank should document the legal and regulatory requirements related to objections by the data subjects to processing (e.g., objection relating to the processing of personal data for direct marketing purposes).
- Right to Request the restriction of the processing of your personal data: This right entitles you to request that the Bank only processes your personal data in limited circumstances, including with your consent.
- Right to Withdraw Consent: You have the right to modify / revoke consent to collect and process your personal data unless statutory or judicial requirements require otherwise. The mechanism used for withdrawal depends on the system; it should be consistent with the mechanisms used for obtaining consent when possible.
- Right to Lodge a Complaint: You have the right to file a complaint to the competent authority when you feel that your rights have not been met.
However, there are few exceptions to consider when dealing with your data privacy rights. Here are some common exceptions:
- Right to Erasure: If a law or regulation mandates retaining the data, or the personal data is relevant to ongoing or potential legal dispute, then the Bank is required to retain it. This could include financial records for tax purposes or medical data for health compliance.
- Right to Access: If providing access would reveal information about another data subject or intellectual property rights.
- Right to Rectification: If the Bank, acting as a data controller, can't verify that the requested changes are accurate, they might not be obligated to rectify it.
- Right to Restriction: The Bank might not be able to restrict processing entirely if the personal data is needed for legal purposes.
Protection of Children’s and Legally Incompetent’s Personal Data:
The Bank’s website and applications are intended for use only by persons who are at least 18 years of age and/or legally competent. If the data subject is under 18 or legally incompetent, a parent or legal guardian should agree on behalf of him/her, as the Bank requires consent in connection with the collection and processing of the data subject’s personal data.
Your Responsibilities:
You are responsible for making sure the information you give us is accurate and up to date, and you must inform us if anything changes as soon as possible.
If you give the Bank personal data that belongs to another person (for example, a joint account holder, a beneficiary under an insurance policy or a dependent, etc.), you will need to inform them of this data privacy notice and obtain their agreement for the Bank to use their personal data for the specified purpose.
If you give the Bank personal data that belongs to another person (for example, a joint account holder, a beneficiary under an insurance policy or a dependent, etc.), you will need to inform them of this data privacy notice and obtain their agreement for the Bank to use their personal data for the specified purpose.
Social Media Content Use Terms and Conditions:
We kindly urge you to refrain from sharing personal data on the Bank’s social media platforms, including Facebook, Instagram, YouTube, and Twitter.
Changes to our Data Privacy Notice:
This Privacy Notice may be updated from as required, and we will inform customers of these changes.
The Bank recommends that you read and review the notice on a regular basis to stay informed of any changes. When you continue to use the Bank’s website and e-platforms after the date of posting the updated policy, you acknowledge acceptance of all modifications introduced in the data privacy notice.
The Bank recommends that you read and review the notice on a regular basis to stay informed of any changes. When you continue to use the Bank’s website and e-platforms after the date of posting the updated policy, you acknowledge acceptance of all modifications introduced in the data privacy notice.
RbPageFeedbackWeb
شكرًا لك