Under the NDPR/GDPR, personal data is defined as:
“Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
2.Who Is Responsible for Your Personal Information?
3.Why does Ekondo Bank need to collect and store personal data?
In order for us to provide you with services, we need to collect personal data. When you sign up for any of our Online Solution or other our services or promotion that require registration, we ask you for personal information (such as your name, email address and an account password). For certain services, such as our payment services, we require your debit or credit card information. We typically do not store this information and when we do, we maintain the data in encrypted form on secure servers. We may combine the information you submit under your account with information from other services or third parties in order to provide you with a better experience and to improve the quality of our services. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy. In terms of being contacted for marketing purposes our Bank would contact you for additional consent.
We only share personal information with other companies or individuals in the following limited circumstances:
i) We have your consent. We require consent for the sharing of any sensitive personal information
ii) We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with the General Data Protection Regulation and the Nigeria Data Protection Regulation and any other appropriate confidentiality and security measures. When they no longer need your data to fulfil this service, they will dispose of the details in line with our Bank’s procedures.
iii).We have the belief that access, usage, preservation or disclosure of such information are reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of our Bank , its users or the public as required or by law.
5.How will Ekondo Bank use the personal data it collects about me?
Our Bank will process (collect, store and use) the information you provide in a manner compatible with the Nigeria Data Protection Regulation (NDPR). We review our data collection, storage and processing practices to ensure that we only collect, store and process the personal information needed to provide or improve our services. We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary, but we depend on our users to update or correct their personal information whenever necessary. We will retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
i).Providing our services to users, including the display of customized contents;
ii).Auditing, research and analysis in order to maintain, protect and improve our services;
iii).Ensuring the technical functioning of our network; and
iv).Developing new services.
You can find more information about how we process personal information by referring to the supplementary privacy notices for particular services.
When you access our services, the servers will automatically record information that your browser sends whenever you visit a website.
When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.
9.Under what circumstances will your Bank contact me?
Our aim is not to be intrusive, and we undertake not to ask unnecessary and irrelevant questions. Nonethess, the information you provide will be subject to rigorous measures and procedures to minimize the risk of unauthorized access or disclosure.
10.Can I find out the personal data that your Bank holds about me?
Our Bank, at your request, can confirm what information we hold about you and how it is processed. If our Bank holds personal data about you, you can request the following pieces of information:
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of our Bank or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- If we intend to transfer the personal data to a third party or international organization, information about how we ensure this is done securely. The Attorney General of the Federation will approve sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure/protect your information.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority (NITDA).
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it was not collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
11.What other data privacy rights do you have?
Although not always absolute, you also have some other rights. At any point, while our Bank is in possession of or processing your personal data, you, the data subject, have the right to:
i).Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
ii).Correct your data in our custody that is inaccurate or incomplete.
iii).Ask for the data we hold about you to be erased from our systems.
iv).Restrict processing of your personal data where certain conditions apply.
v).Have the data we hold about you transferred to another organization.
vi).Object to certain types of processing, such as direct marketing
vii.Object to automated processing like profiling, as well as the right to be subject to the legal effects of automated processing or profiling.
Where a third party is involved in the processing of your personal data, all of the above requests will be forwarded, as appropriate, to our Bank Data Protection Officer.
12.What form of ID will I need to provide in order to access this?
Our Bank accepts the following forms of ID (but not limited to) when information on your personal data is requested: International Passport, driving license, national identity card, permanent voter card.
13. Additional information
To contact our Data Protection Officer, kindly address your request to “The Data Protection Officer” at No. 43 Murtala Mohammed Highway, Calabar, Cross River State, Nigeria or send an email to IT@ekondomfbank.com.