We take your privacy very seriously. This privacy notice sets out what information we collect, who we share it with, why we collect it and how we will safeguard it. For the purpose of this privacy notice Al Rayan Bank PLC is the Data Controller – this means we determine the use and the means of processing your information.
For some information we do not need to seek your consent to process it as it is part of the performance of a contract – when you open an account with the Bank, you enter a legal relationship with us. Data collected as part of this falls under Article 6 (1) (b) which is classified as legal obligation. Other information is processed as part of our due diligence checks, see Article 6 (1) (f) which explains the legitimate interest principle relating to processing.
Please read this information carefully and contact the Data Protection Officer should you have any questions or queries. Our full privacy notice can be found at alrayanbank.co.uk/privacy.
What information we collect, why we collect it, the legal basis for doing so and how long for
Who we share your data with?
We treat your data with the utmost confidentiality and keep it within our secure computer systems. However, we do share your information with third parties where we are unable to provide a service ourselves or to assist the Bank in its decision making. We may also share data with regulatory and law enforcement bodies. Where we share data, we do so only with companies we have a written agreement with, and once we have carried out robust due diligence. Any data shared is done so via secure means. A list of the types of organisations we may share your data with can be found here.
How we collect your data
Most of our data comes directly from you, our customer. However, we may also collect data from our website when you enquire about our products or services, where you have completed a survey or provided feedback on any of our message boards, or via our browsers’ cookies, when you view our website.
How we keep your data safe
The Bank securely stores your data at its Head Office location, the address of which is given below, or within its secure IT systems. Some data may also be held at within our branch network. Unauthorised access to our system is prevented via a robust cyber security regime, which enables us to monitor access to information at a user level. Where data is transferred outside of the Banks IT network, it is done so in a secure manner, using encryption and other methods of security.
Under the General Data Protection Regulations (GDPR) you have the right to be informed about how we use any data you provide, what data we collect, why, who has access to it, how long it’s kept and the legal basis we have for doing so. In certain circumstances we may need to request your consent to collect and use your data, but in those cases, you have the right to object and withdraw that consent just as easily as it is given. Should you not wish to provide your consent, any services directly related to this data may not be provided.
You have the right to have your personal data removed where there is no legal basis for us to hold it, as well as the right to request your data is transferred to a third party (data portability). Any automated decision making, based on your data, can be challenged and a human decision made. Additionally, you have a right of access and can request a copy of any personal data provided, and subsequently the right of rectification of any incorrect data identified. To exercise any of these rights and submit a Data Subject Access Request (DSAR) please contact the Data Protection Officer at Al Rayan Bank Ltd, 24a Calthorpe Road, Birmingham B15 1RP or email@example.com. Overall responsibility for management of your data resides with Al Rayan Banks’ data controller at 24a Calthorpe Road, Birmingham B15 1RP.