Please read the following carefully to understand Our views and practices regarding your personal data and how We will treat it. By continuing to visit Our website (www.ab-mfbnigeria.com) and other AB Microfinance Bank customer touch points, you accept and consent to the practices described in this Policy. If you do not agree/accept please do not use or access Our website or other AB Microfinance Bank Services.
If you have any questions or concerns regarding this Policy, you should contact us on email@example.com.
INFORMATION WE COLLECT
When you use Our websites and Services, We collect and store your personal information which is provided by you from time to time. Personal information in this context shall include all data such as: full legal name, bank verification number, phone number, means of identification, identification number, mailing address, email address, tax ID, a photo, biometric information, occupation, assets, income, location data, an online identifier and other unique identifier such as but not limited to MAC address, IP address, IMEI number, IMSI number, SIM.
We collect information when you create an account, subscribe, participate in any interactive features of Our Services, fill out a form, apply for a loan, use your credit or debit cards, request customer support or otherwise communicate with Us.
We may obtain information through Our mobile applications that you install on your mobile devices to access and use Our Services.
We may also collect other information such as video footages of you whenever you step into any of Our branches, telephone conversations when you call any of Our contact center lines, geographic information.
We are the custodian of data on behalf of the users that use Our Services and We do not own data, users own their data. We will store data provided for only the period within which it is reasonably needed.
WHAT WE DO WITH YOUR INFORMATION
The collection and use of personal data by AB Microfinance Bank is guided by certain principles set by the National Information Technology Development Agency (“NITDA”). These principles state that personal data should:
- be processed fairly, lawfully and in a transparent manner;
- be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with such purposes;
- be adequate, relevant and limited to what is necessary to fulfill the purpose of processing;
- be accurate and where necessary, up-to-date. In the event data is inaccurate, steps should be taken to rectify or erase such data;
- not be kept for longer than necessary for the purpose of processing;
- be processed in accordance with the data subject’s rights; and
- be kept safe from unauthorised processing, and accidental loss, damage or destruction using adequate technical and organizational measures.
We will only use your information when you have provided your consent or when We are required by law to do so, and We will use your information for the following:
- to provide customers with excellent products and Services, to manage Our business and to offer an enriched and enhanced customer experience;
- to make appropriate use of your data to manage transactions, respond to your requests, and to provide you with more relevant products and Services;
- to deliver Our products and Services, carry out your instructions, and provide online Banking, mobile banking and other online product and Services;
- to review credit or loan eligibility and fulfill loan requests made by you;
- to detect and prevent financial crimes including fraud, financing for terrorism and money laundering, this is to ensure security and business continuity;
- to meet Our compliance obligations, to comply with laws and regulations and to share with regulators when absolutely necessary;
- to deliver advertising to you directly or on Our websites, provide updates on special deals and offers that might interest you (unless you tell Us otherwise); and
- to send you general announcements or important news about your account, request your feedback and We believe you should be able to select what kinds of information you receive from Us via email.
SECURITY OF INFORMATION
We adopt appropriate technical, data collection, storage and processing practices and security measures to protect against unauthorized access, misuse, alteration, disclosure or destruction of your personal information, username, password, transaction information and data under Our control. This may include the use of encryption, access controls and other forms of security to ensure that your data is protected.
We require all parties including Our staff and third-parties processing data on Our behalf to comply with relevant policies and guidelines to ensure confidentiality and that information is protected in use, when stored and during transmission. Our security controls and processes are also regularly updated to meet and exceed industry standards.
Where We have provided you (or where you have chosen) a password which grants you access to specific areas on Our site, you are responsible for keeping this password confidential. We request that you do not share your password or other authentication details (e.g. token generated codes) with anyone.
We reserve the right to change this Policy from time to time as seen fit, without any intimation to you, and your continued use of the site will signify your acceptance of any amendment to these terms. You are therefore advised to re-read the Policy on a regular basis. Should it be that you do not accept any of the modifications or amendments to the Policy, you may terminate your use of Our Services immediately. If you object to any of the changes to Our Policy, and you no longer wish to use Our Services, you may contact Us at firstname.lastname@example.org to deactivate your account. Unless stated otherwise, Our current Policy applies to all information that We have about you and your account.
We may send you Applications and Service announcement updates. You will not be able to unsubscribe from Service announcements, which contain important information Our Services which you have subscribed to. We may communicate via e-mail or telephone to provide requested Services and to resolve issues relating to your account.
CROSS-BORDER PERSONAL DATA TRANSFERS
AB Microfinance Bank is committed to protecting customers’ personal information regardless of where the data resides and to providing appropriate protection for where such data is transferred across borders, including outside of Nigeria. To ensure that these transfers are in line with permissible conditions outlined by the Nigerian Data Protection Regulation, we have taken appropriate and suitable safeguards to ensure that personal data will remain protected when cross-border transfers occur. These safeguards include transferring personal data to countries with adequate data protection regulations and ensuring that standard contractual clauses are in place to mandate that personal data is secured using best practices.
We use data collection devices such as “cookies” on Our website and applications. “Cookies” are small files stored on your hard drive that assist Us in providing Services customized to your requirements and tastes.
You are always free to decline Our cookies if your browser permits, although in that case you may not be able to use certain features on Our website and application and you may be required to re-enter your password more frequently during a session. A cookie cannot read data off your hard disk or read cookie files created by other sites. Use of a cookie is in no way linked to any personally identifiable information.
THIRD-PARTY SITES AND SERVICES
AB Microfinance Bank’s websites, products, application, and Services may contain links to third-party websites, products and Services. Our products and Services may also use or offer products or services from third parties. Information collected by third parties, which may include such things as location data or contact details is governed by their privacy practices and We will not be liable for any breach of confidentiality or privacy of your information on such sites. We encourage you to learn about the privacy practices of those third parties.
DISCLOSURE OF INFORMATION
Due to the existing regulatory environment, We cannot ensure that all of your private communications and other personally identifiable information will never be disclosed in ways not otherwise described in this Policy. By way of example (without limiting and foregoing), We may be forced to disclose information to the government, law enforcement agencies, Our parent and/or subsidiaries, third parties, for the performance of a task carried out in the interest of the public, for the protection of your vital interest, for the performance of a contract to which you are a party to and also where you have expressly given Us written consent to disclose same.
YOUR INFORMATION AND YOUR RIGHTS
You have the following rights:
- the right to be told how We use your information and obtain access to your information;
- the right to have your information rectified or erased or place restrictions on processing your information;
- the right to object to the processing of your information e.g. where the processing is based on Our legitimate interests;
- the right to have any information you provided to Us on an automated basis returned to you in a structured, commonly used and machine-readable format, or sent directly to another organisation, where technically feasible (“data portability”);
- where the processing of your information is based on your consent, the right to withdraw that consent subject to legal or contractual restrictions;
- the right to object to any decisions based on the automated processing of your personal data, including profiling; and
- the right to lodge a complaint with the supervisory authority responsible for data protection matters.
Please note that if you request a copy of your information you may be required to pay a statutory fee.
If We hold any information about you which is incorrect or if there are any changes to your details, please let Us know so that We can keep Our records accurate and up to date.
We will retain your personal information for the duration of Our Services to you and afterwards for as long as is necessary and relevant for Our purposes as permitted by applicable laws and regulations. Where We no longer need your personal information, We will dispose of it in a secure manner (without further notice to you).
Last Updated 3rd January, 2023.