Privacy Policy
To protect and to manage your personal data
This is your guide to know how your personal data is managed by BSL BANK.
Please read it carefully.
Data privacy is taken very seriously at BSL BANK. It is important that you know exactly what we do with the personal information you and others provide us, why we collect it and what it means to you.
This document outlines our approach to Data Privacy. We also welcome it as an opportunity to reassure you of the importance we place on keeping your personal data secure, and of the strict guidelines we apply to its use. We want you to be clear on:
- Who we are
- The information we collect about you
- When and how we collect information about you
- How we use your information
- Automated processing or “analytics” & our Legal Basis
- Who we share your information with
- The period we hold your information
- Implications of not providing information
- The legal basis for using your information
- Processing your information outside BSL BANK
- Changes to this policy
1- Who we are
Throughout this document, “we”, “us”, “our” and “ours” refer to BSL BANK s.a.l.
A Lebanese commercial bank registered at the commercial Register in Beirut under the number 12510 and on the List of the Lebanese Banks under the number 68
2- The information we collect about you
Several reasons require us to collect information about you, because we need to:
- Know how to get in touch with you,
- Be certain of your identity
- Understand your financial circumstances,
So we can provide you with our best products and services for a remarkable experience.
The information we collect falls into various categories:
- Identity & Contact Information
Personal information comprising full name, date of birth, parents names, security details to protect identity ID, contact details, nationality, home and work address, email address, work and personal phone numbers, marital status, family details, tax residency and tax related information.
- Financial Details/Circumstances
Bank account details, credit/debit card details, income details, personal guarantees provided, application processing and administration records, your employment status and employment details of your partner, credit history, credit assessment records, life assurance, transaction details, treasury transactions, financial needs/attitudes, contact outcomes, authorized signatories details, information relating to power of attorney arrangements.
- Marital Status and/or Financial Associations
In case of marriage or financial link to another person in one context, a financial association may be created between your records and their records, including any previous and subsequent names (for example: one guaranteeing another). This means that we can treat your business as affecting each other.
These links will remain on your network. We may make inquiries on the joint applicants, and evidence of that.
- Information you provide us about others or others provide us about you
Any information that you provide us about a third party (for example, information about an associate provided during the course of a joint application with that person), or someone provides us with information about you, such information will be added to the one we already hold and it will be used it in the ways described in this Data Privacy Policy.
Any disclosed information to us about another person, should have been approved by the latter in prior to the disclosure. You should also show them this Data Privacy Policy and have their confirmation that they know you are sharing their personal information with us for the purposes described in this Data Privacy Policy.
- Sensitive categories of data
Some information we hold about you may include sensitive personal data, such as health or criminal conviction information. This data will be used for the purpose of particular product or services we provide to you or where we have a legal obligation to do so. Cases of use of this type of data include:
- Medical information, for example, where you apply for life insurance.
- If you have criminal convictions, we may process this information in the context of compliance with our anti-money laundering obligations.
- Information about you provided by others
We may add any information about you provided by another person (i.e. in the case of a joint application) to any personal information we already hold and use it in the ways described in this Data Privacy Policy.
- Information which you have provided to us
Using this information, you allow us:
- To get in touch with you through certain channels to offer you relevant products and services
- To collect information from online activities when logging to your e-banking, we collect information about your internet browser settings or otherwise Internet Protocol (IP) and other relevant information to help us identify your geographic location when providing you with our services.
- Other personal information
- Telephone and image recordings.
- CCTV images at our Bank branches, offices and ATMs (will be only disclosed for security reasons to authorized persons or entities and to prevent fraud or crime).
- Information in relation to data access, correction, restriction and deletion.
- Sometimes we may collect and use your information even though you are not a customer of ours
You may not be a direct customer to us but it happens maybe that you are a beneficiary, guarantor, director, cardholder or representative of one of our customers, or you may be in the process of making an application for a BSL BANK product or service.
You may also have a direct impact on the ability of our customer to honor his/her commitments to us, this case will be considered by us and consequently, we will apply the principles outlined in this Data Privacy Policy when dealing with your information.
3- When and how we collect information about you
Upon the use of our services, your application for our products, your enquiries and engagement with us, we collect information about you. We may also collect, directly and/or indirectly, information about you from other people and other parties, when you apply for an insurance policy, from credit rating agencies and from sources where you have chosen to make your information publicly available, such as social media sites.
When we collect information about you:
- Upon your application for certain products and services. For example, insurance or investment products may require us to collect relevant health information from you.
- Upon the use of our website and online services (including all delivery channels) and when visiting our branches or offices.
- Upon collection of information given by yourself or by another party, verbally or in writing. This information can be collected from application forms, records of your transactions with us or through a complaint.
- When you use our products or services and when you make transactions on your account, we collect details about your money provider, your money beneficiary, amounts that you pay and when the payments are made.
- From available public information about you – for example in trade directories, online forums, websites, Facebook, Twitter, YouTube or other social media. When the information about yourself is publicly available on your social media accounts or where you choose to make information available to us through your social media account, and where it is appropriate for us to use it, this information can help enable us to do things like (1) improve our service (for example, identifying common service issues),(2) personalize your online experience with us, including through games, videos or apps, (3) contact you through the social media services, and (4) enable you to share your experience and content via social media services. For a description on how social media services and other third party platforms, plug-ins, integrations or applications use your information, please refer to their respective privacy policies and terms of use, which may permit you to modify your privacy settings.
Please note: If you apply for a product or service or hold a financial product in joint names, you should get their written permission to give personal information about them (for example, a joint applicant, guarantor or dependent).
4- How we use your Information
Your information is always handled with care whether we are using it to confirm your identity, to help in the processing of an application for a product or service or to improve your experiences with us, principles outlined in this Data Privacy Policy are always applied.
Your information is used by us for the below purposes:
To provide you with our products and services and to fulfil our contract with you
To provide you with our products and services and perform our contract with you, we use your information to:
- Make sure that you are eligible for our products and services.
- Manage and administer your accounts, policies, benefits or other products and services that we or our partners may provide you with. For example, if you have a secured loan or mortgage with us, we may need to share information with other lenders who also hold a charge on your property.
- Process your applications for credit or financial services.
- Carry out credit reviews, including automated credit decision processes (which may have a legal or similarly significant effect on you), and to search for details of your credit history and information at agencies, including the Central Bank. Where we make these searches, agencies may keep a record of the search.
- Process payments that are paid to you or by you. For example, if you hold a credit or debit card with us, we will share transaction details with our card scheme providers (e.g. Visa or MasterCard).
- Run loyalty and reward programs you have signed up to.
- Contact you by post, phone, text message, email, social media, fax, using our online banking website or other means, but not in a way contrary to your instructions to us or contrary to law.
- Monitor and record our conversations when we speak on the telephone (for example, to check your instructions to us, to analyze, to assess and improve customer service and for training and quality purposes).
- Recover debts you may owe us.
- Deal with a complaint or appeal.
To manage our business for our legitimate interests
We may use your information to manage our business in order to:
- Carry out credit scoring, credit management including collecting and enforcing debts and arrears
We may:
- Inform credit reference and credit registration agencies about your dealings with us including details of your credit facilities and your credit history with us.
- Ask agencies to trace you (for example, where the address you have provided is no longer accurate and the Bank needs to provide you with legal documentation).
Provide service information, to improve our service quality and for training purposes
Information about your interactions with us may be collected – for example, the location of the ATMs you use, when you download one of our apps, we may gather location information from your mobile phone or other electronic device you may use to interact with us.
Conduct marketing activities
For example, running competitions, promotions and direct marketing, and research, including customer surveys, analytics and related activities.
To run our business on a day to day basis including to:
- Carry out strategic planning and business portfolio management.
- Compile and process your information for audit, statistical or research purposes in order to help us understand trends in our customer behavior and to understand our risks better, including for providing management information, operational and data risk management.
- Protect our business, reputation, resources and equipment, manage network and information security (for example, developing, testing and auditing our websites and other systems, dealing with accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services) and prevent and detect fraud, dishonesty and other crimes (for example, to prevent someone trying to steal your identity), including using CCTV at our premises.
- Manage and administer our Bank’s legal and compliance affairs, including complying with our obligations to credit card providers, compliance with regulatory guidance and voluntary codes of practice to which we have committed.
- Enable our members to share or access your information for internal administrative purposes, audit, prudential, statistical or research purposes to help us understand trends in customer behavior, for helping us to understand our risks better and for the purposes set out in this Data Privacy Policy (but not for the purposes of direct marketing where you have objected to this).
For the purpose of compliance with our legal and regulatory obligations
We need to use your information to comply with legal and regulatory obligations including:
- Your information rights compliance.
- Providing you with statutory and regulatory information and statements.
- Establishing your identity, residence and tax status in order to comply with law and regulation concerning taxation and the prevention of money laundering, fraud and terrorist financing.
- We are required by law to screen applications that are made to us to ensure we are complying with the international fight against terrorism and other criminal activities. As a result, we may need to disclose information to government and other statutory bodies.
- Reporting to and, where relevant, conducting searches on industry registers.
- Complying with binding requests from regulatory bodies, including the Central Bank of Lebanon & the institutions and agencies related to the Central Bank like BCC, CMA & SIC and others.
- Complying with court orders arising in civil and criminal proceedings.
The Bank will use your info to:
- Send electronic messages to you about product and service offers from our Bank.
- Use transaction history/account information from BSL BANK account or credit card to identify your spending and saving habits in order to personalize offers that are exclusive and individual to you, based on your account transactions.
- Use information you have made public and combine this with the activities outlined above.
5- Automated processing or “analytics” & our Legal Basis
As part of our business, when we collect information about you, we use automated statistical analysis of the information
- Analysis of your information helps us to make automated lending decisions
- Statistical analysis may be used when you apply for a financial product (a loan for example), in order to determine whether or not the product suits your needs.
- We may decide whether or not to give you a financial service, for example, a personal loan.
- The interest rate that we need to charge on a credit product to reflect the risk of lending you funds may be calculated. For example, even though your loan may be within sensible risk guidelines, there may be a higher risk (compared to another customer) that you or a guarantor of yours might not be able to repay the debt. In that case, our analysis of your data may tell us that a higher interest rate is more appropriate, compared to another customer, to reflect that increased risk.
-
To manage existing credit agreements you have with us, information may be sent to us to evaluate and determine whether to approve, decline or refer a transaction when you or any authorized user wants to perform one.
-
To decide the type of financial service suitable for you or to decide other terms.
The logic behind these automated lending decisions
- When you apply for a loan, we use an automated system (also known as credit scoring) to determine if you are eligible for its terms. Credit scoring helps us to assess risk fairly and consistently, it is necessary for entering into our contract with you as it helps to lend responsibly and comply with our legal obligations.
- Your credit score is based on a range of data, including your borrowing history, if you have defaulted on any payments previously and your ability to reimburse the loan. It helps us to determine whether you qualify for a particular lending service.
- Credit scoring generally takes account of information from three sources:
(1) Information you provide during your application, (2) information provided by credit reference agencies, and (3) information that may already be held about you by BSL BANK. Based on these sources, our credit scoring system will make an overall assessment of your application. The credit scoring method used is regularly tested to ensure they remain fair, effective and unbiased.
Automated analysis of our customer information helps us to manage our business for our legitimate interests.
It enables us to:
- Improve the quality of our services and products by making more informed business decisions.
- Test and maintain the stability and performance of our systems.
- Carry out long-term statistical modelling, provided that such modelling does not affect any decision we make about you.
Automated analysis of your information is intended to help us to manage and build our relationship with you and is an important part of managing our business in our legitimate interests.
- It enables us, for example, to develop personalized information for you in real-time based on your financial and personal circumstances.
Automated analysis of your information help us comply with our legal obligations.
- For example, we may use automated processing to screen for suspicious transactions, in connection with our money laundering, fraud and financing terrorism prevention obligations.
- We will only automatically process your information to enable us to undertake the following activities:
• Send you electronic messages about any new products or services.
• Use your account information and transaction history at BSL BANK in order to personalize offers that are exclusive and individual to you.
• Use your location data to be able to send you information regarding special offers.
• Use information you have made public and combine this with the information mentioned above.
6- Who we share your information with
We only share your information, when necessary, with a number of individuals and companies.
Sharing your information may occur in the following circumstances and/or with the following persons:
- Your authorized representatives:
These include your attorney (under a Power of Attorney), broker/retail intermediary, and any other party that you have authorized to receive your personal data.
- Third parties (for example, SWIFT, credit card issuers and merchant banks) we need to share your information with in order to facilitate payments you have requested and those you ask us to share your information with.
- When you apply to us for insurance.
- We will pass your details to the insurer and reinsurer.
- We may request information relating to your health to pass to the insurer and reinsurance (for underwriting and claims administration purposes).
- Any information you give us or to the insurer, if you make a claim, can be put in a register of claims and shared with other parties in order to prevent fraudulent claims. A list of the participants is available from the insurer.
- We may disclose your information to our agents, other insurers and third parties for the purpose of service, customer care, administration and regulations. We may also disclose some details to prevent or investigate fraud.
- When you open or use a joint account or product.
- If you open or hold a joint account or any product jointly with another applicant, this may mean that your personal data (such as transactions made) will be shared with that other applicant.
- Guarantors
- We will share your information with any person or entity which guarantees your obligations to us.
- Companies that provide support services for the purposes of protecting our legitimate interests.
- Service providers are only permitted to use your information according to our instructions. We make sure your personal information remains protected when our service providers use it.
- Our service providers include: marketing and market research companies, card issuers, liquidators, regulatory examiners, official Assignee for Bankruptcy and equivalent in other jurisdictions, auditors, and consultants including legal advisors.
- Authorities and regulatory bodies, including central bank and law enforcement authorities.
- These include government departments, the courts and those appointed by the courts, statutory and regulatory bodies where The Central Bank of Lebanon (BDL) operates. Your personal Data will be shared with them, in accordance with the Lebanese banking secrecy law.
7- The period we hold your information
How long we hold your data depends on many factors, such as the type of product provided to you and regulatory rules (laws and regulations and rules set by the BDL).
Those factors also include the type of data we hold about you, whether you or a regulatory authority asks us to keep it for a valid reason and whether we use your data for statistical modelling (that does not affect decisions we make about you).
As a general rule, in most cases, we keep your information for a period of ten years after the date on which you cease to be a customer or the date of the last completed transaction
8- Implications of not providing information
Sharing information with us is in both your interest and ours.
- We need your information in order to be able to provide you with our products and services and fulfil our contract with you. We also need it to Manage our business for our legitimate interests and to Comply with our legal obligations.
- Of course, you can choose not to share information, but doing so may limit the services we are able to provide you with. Therefore, we may not be able to provide you with certain products and services that you request. We may not be able to continue to provide you with or renew existing products and services. Also, we may not be able to assess your suitability for a product or service, or, where relevant, give you a recommendation to provide you with a BSL BANK financial product or service.
- When we request information, we will tell you if providing it is a contractual requirement or not, and whether or not we need it to comply with our legal obligations.
9- The legal basis for using your information
We will use your data and share that data where:
- Its use is necessary in relation to a service or a contract that you have entered into.
- Its use is in accordance with our legitimate interests outlined in this Policy.
- Its use is due to a legal obligation that applies to us (except an obligation Imposed by a contract).
- In case you have made sensitive information about yourself public.
- In case the processing of special categories of data is necessary for the establishment, exercise or defense of legal claims.
- If authorized by law or regulation, we may process special categories of data for a public interest.
- Where the processing of criminal conviction data is authorized by law.
10- Processing your information outside BSL BANK
Your information is stored on secure systems within the Bank premises and with providers of secure information storage.
If they agree to act solely on our instructions, we may transfer or allow the transfer of information about you and your products and services with us to our service providers and other organizations outside the Bank.
11- Changes to this Policy
This Data Privacy Policy will be updated from time to time by BSL BANK. The changes made to this Policy will be communicated to you and made available on BSL BANK’s .
We encourage you to review BSL BANK’s website regularly to understand our policy regarding the collection and use of your personal data.
BSL BANK