Privacy Notice
Your privacy and the security of your Personal Data is very important to us. At Islamic International Arab Bank , hereinafter referred to as the “Bank”, we ensure that Personal Data you provided to us is always treated as private and confidential, afforded the highest level of security, and is processed in accordance with Jordanian Law Number 24 of 2023 - Personal Data Protection Law, hereafter referred to as the “Law”. This Privacy Notice, hereinafter referred to as “Notice”, aims to provide you with information on how we will use your Personal Data, what steps we will take to ensure it stays private and secure and what Personal Data we collect and process about you as well as your data privacy rights and how you can exercise them.
How we collect your data
The Bank collects your data through one of the following methods:
- Directly: we obtain Personal Data directly from you in order to receive a service from the Bank or transacting with the Bank, including without limitation, log a complaint, enter a business relationship, or for other purposes depending on the services requested for or agreed upon.
- Indirectly:we may obtain Personal Data about you indirectly from a variety of sources, including: intermediaries, the Banks’s Affiliates; Cookies, device ID's, social media, public sources, business partners, and recruitment services to better understand and serve you, satisfy a legal obligation, or in pursuance of another legitimate interest.
How we use your Personal Data
We collect your Personal Data for various reasons in relation to our services, products or interacting with us, and for other business purposes, including, but not limited to:
- to provide and manage your account(s) and our relationship with you.
- to give you statements and other information about your account or our relationship.
- to handle enquiries and complaints.
- to provide our services to you.
- to conduct assessment, testing, and analysis for statistical purposes or other analysis for market research purposes.
- to evaluate, develop, and improve our services to you and other customers.
- to protect our business interests and to develop our business strategies.
- to contact you, by post, phone, text, email and other digital methods.
- to collect any debts owing to us.
- to meet our regulatory compliance and reporting obligations in relation to protecting against financial crime.
- to assess any application you make.
- to monitor, record, and analyze any communications between you and us.
- to share your Personal Data with governmental authorities, credit reference agencies, fraud prevention agencies, and overseas regulators and authorities.
- to share your Personal Data with our partners and service providers and external auditors.
- Recruitment and vetting agencies for prospective job applicants.
- Client prospecting, marketing and selling agencies.
- for purpose of litigation, consultation, legal advices or documentation of transactions.
On what legal grounds do we process your Personal Data
We process your Personal Data with your explicit written consent unless the Processing is in alignment with applicable regulatory requirements or is deemed a legitimate Personal Data Processing as part of our legitimate business operations as a banking financial institution.
Which Personal Data do we collect and process
The Personal Data we collect includes data provided by you at the start of our relationship or at any time thereafter such as:
- Personal details such as name, date of birth, email, nationality, marital status, and gender and contact information.
- Current residential address and permanent residential address, and proof of address documents.
- Data about your identity including documents, details of ID cards, details of passports.
- Employer, employment status, job title, full name, email, address and telephone number(s) used for work purposes.
- Financial data: income and source of income, source of wealth, average account financial activity, and engagement data.
- Data about your tax status such overseas tax-identification number, FATCA forms, etc.
- Details of transactions done by you or by any of your connected persons including dates, amounts, currencies, and payer and payee details.
- Sound and visual images including CCTV footage.
- Digital identifiers (IP address, email).
- Cookies (please refer to our Cookie Notice).
- Risk rating information, e.g. credit risk rating and data about your ability to manage credit.
- Recruitment information and qualifications for prospective job applicants.
- Due diligence data, e.g. data required to comply with financial crime regulations (anti-money laundering, anti-terrorism financing, etc.) and data we need to fulfil regulatory obligations such as Suspicious Activity Reporting.
- Other individuals’ information, such as witnesses, family and household members, emergency contacts, and guardians, which include their signatures, addresses and relationship with you.
- Legal dispute, complaints, and grievance information.
- Agreements, contracts, billing and commissions information.
- Security Information.
- Data about your geographic location, ATMs used, and branches you visit.
How long do we keep your Personal Data
We retain your Personal Data to provide our services, stay in contact with you and to comply with applicable laws, regulations, and professional obligations, which we are subject to. We will dispose of your Personal Data in a secure manner when we no longer need it for the above justifications.
How we protect and safeguard your Personal Data
We will take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your Personal Data. We aim to ensure that access to your Personal Data is limited only to those who need to access it, and those individuals who have access to the Personal Data are required to maintain the confidentiality of such Personal Data.
If you are using online services from the Bank, you remain responsible for keeping your user ID and password confidential.
Who has access to your Personal Data and to whom it is disclosed
We keep your Personal Data confidential. However, in order to service your needs to the best of our ability, we may share your Personal Data with other parties bound via contractual agreements to safeguard your Personal Data and only process it under our strict instructions.
We may share the Personal Data about you and your dealings with us, to the extent allowed by law, with:
- Arab Bank group members and correspondent banks.
- Central bank of Jordan & External Auditors.
- Regulatory authorities, governmental bodies, financial crime prevention agencies, and tax authorities.
- Third Party Service Providers including cloud service providers
- Agents acting on behalf of the Bank.
- Courier and postal services.
- Credit reference organizations.
- Law firms, lawyers, or professional advisors.
- Other parties with which you have agreed to share your Personal Data with.
Transfer of data outside the Hashemite Kingdom of Jordan
In accordance with the Law and applicable regulations, we may transfer your Personal Data to other Arab Bank group members and third party organizations outside of the Hashemite Kingdom of Jordan when we have a business reason to engage Arab Bank group members or third party organizations. Each organization is required to safeguard Personal Data in accordance with our contractual obligations.
What are your rights and how you can exercise them
You may exercise the following rights concerning your Personal Data:
- Right to access your Personal Data within the custody of the Bank
- Right to withdraw prior consent you have provided for the Processing of your Personal Data
- Right to rectify, modify, or update your Personal Data
- Right to erase your Personal Data or to restrict the Processing of your Personal Data
- Right to object to Processing and Profiling if they are not necessary to achieve or outweigh the purposes for which the Personal Data was collected, or if they are discriminatory, unfair, or violate the law.
- Right to be notified of inaccurate disclosure and breaches or your Personal Data
Please note that our fulfillment to your requests may be subject to limitations, in certain circumstances, in accordance with the Law.
To submit a request to exercise any of these rights, please send an email to Privacy.Office@iiabank.com.jo
Contact information
Islamic International Arab Bank, Jordan, Amman, Wasfi Al Tal Street, P.O. Box 925802, Amman 11190 Jordan
For More Information
Should you have any questions regarding this Notice or want to learn more about our security practices, please read our Security Statement section, or contact us at: Privacy.Office@iiabank.com.jo
Changes to the this Notice
We reserve the right to update this Notice to reflect changes to our practices in alignment with the Law. Any updates will become effective immediately after posting the updated Notice on our website.
Key Definitions:
Personal Data: any information relating to an identified / identifiable individual, whether it relates to his or her private, professional, or public life such as the Identification Document number or address.
Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Profiling: any form of automated Processing of Personal Data evaluating the personal aspects relating to a natural person, in particular to analyze or predict aspects concerning by way of example the individual’s economic situation, personal preferences or interests, behavior, location or movements.