BOSAK MICROFINANCE BANK LIMITED

DATA PRIVACY POLICY

PRIVACY POLICY

At Bosak Microfinance Bank, we care about your privacy.

The website www.bosakmfb.com is not an email service, but a corporate website.

The website is available to visitors interested in viewing updates on the Bank.

This Privacy Policy clearly states what information the Bank collects, how such is collected, shared, used, and how customers’ personal information is protected when they visit the Bank or use the Bank’s website and other services offered by the Bank.

Bosak Microfinance Bank Limited’s customers are assured that the Bank will keep protecting their information in line with its fiduciary responsibility.

Bosak Microfinance Bank Limited’s customers have the opportunity to make choices about how their personal information may be shared. The Bank also encourages customers to make choices that would enable it provide them with quality products and services to help meet their financial needs.

SECURITY OF PERSONAL INFORMATION

Safeguarding customers’ and other stakeholders’ personal information is a major concern to the Bank. To this end, the Bank maintains physical, electronic, and procedural safeguards that comply with applicable laws in Nigeria to secure its customers’ information from unauthorized access and use, accidental or unlawful alteration and destruction; and other unlawful or unauthorized forms of processing.

The Bank engages in continuous training of its employees in the proper management of personal information. When other companies are engaged to provide services on its behalf, the Bank requires such third parties to protect the confidentiality of the personal information they receive by complying with appropriate regulations to protect such sensitive information.

The Bank fully complies with the requirements of the Nigeria Data Protection Regulation (NDPR) 2019 of the National Information Technology Development Agency (NITDA) Act of 2007.

ACQUISITION OF INFORMATION

In line with relevant regulations and laws, Bosak Microfinance Bank Limited acquires information from a range of sources as it relates to any of our current or past products or services.

Bosak Microfinance Bank Limited acquires personal information when:

• Customers open account(s) or perform transactions such as deposits or withdrawals.
• Customers apply for loan(s).
• Customers seek Investment Advice.
• Customers make complaints and seek resolution to disputes.
• Information is sought via Credit Bureaus to confirm credit rating of customers.
• Customers update account information e.g. name, gender, date and place of birth, residential/work address, email address, and mobile numbers.
• Customers provide biometric information.
• The Bank conducts necessary investigations needed to support regulatory obligations.

HOW WE USE YOUR INFORMATION?

Bosak Microfinance Bank Limited will only use its customer’s information when consent is granted or when the Bank is required by Law to do so. We use information:

• To provide customers with excellent products and services, offering an enriched and enhanced customer experience.
• To manage transactions, to respond to customers’ request (s), and to provide customers with more relevant products and services.
• To deliver the Bank’s products and services and carry out customers’ instructions.
• To detect and prevent financial crimes including fraud, financing for terrorism and money laundering. This is to ensure security and business continuity.
• To meet the Bank’s compliance obligations in line with applicable regulations and share with regulators when absolutely necessary.
• To advertise products and services directly to customers or on the Bank’s websites, provide updates on special deals and offers that may be of interest to them (unless stated otherwise).
• To send general announcements or important news and request for feedback.
• To validate customer’s instructions with the Bank and to improve on the Bank’s products and service delivery.

DISCLOSURE OF CUSTOMER INFORMATION

Bosak Microfinance Bank Limited may disclose customer’s information in order to provide products or services requested for.

The Bank may also share customers’ information where there is a legal duty to do so for regulatory reporting and when customers have granted permission to disclose their personal information with third parties.

STORING PERSONAL INFORMATION

Data Retention.

Bosak Microfinance Bank Limited keeps most of its customers’ data for as long as their account(s) is/are active. The Bank will also retain data provided by customers while their account(s) is/are in existence or as needed to provide them with prompt service.

Afterwards, personal information would be disposed in a secure manner (without further notice to customers).

Account Closure.

Bosak Microfinance Bank Limited retains its customers’ personal data even after they have closed their account(s), if reasonably necessary to comply with the Bank’s legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security and prevent fraud.

PRIVACY PROTECTION RIGHTS

• The right to be informed.

To emphasize the need for transparency over the usage of personal data, the Bank ensures fairness in processing of information, typically through this privacy policy.

• The right to access.

Individual/corporate customers have the right to access information the Bank holds, access their personal data and other supplementary information and obtain information about how the Bank processes it.

• The right to restrict processing.

Individual customers have a right to ‘block’ or withdraw their consent to the bank processing their information, which they can do at any time. When processing is restricted, the Bank is permitted to store the personal data, but not to act further on it.

• The right to rectification.

Individual/corporate customers are entitled to have their personal data rectified if it is inaccurate or incomplete. If this personal data in question has been disclosed to third parties, they must be informed of the rectification where possible. The Bank must also inform the individual/corporate customers about the third parties to whom the data has been disclosed where appropriate.

• The right to erasure.

Individual customers have the right to request the deletion or removal of personal data where there is no compelling legal or regulatory requirement for its continued processing. The Bank will make sure that this right is protected.

• The right to data portability.

The Bank will ensure that personal data is moved, copied or transferred easily from one Information Technology environment to another in a safe and secure way without hindrance to usability.

• The right to object.

Individual/corporate customers have the right to object to the Bank’s processing of their information in some circumstances.

INDIVIDUAL AND CORPORATE RESPONSIBILITY

Individual and Corporate customers are responsible for making sure the information provided to the Bank is accurate and should inform the Bank of any changes as it occurs. This will enable the Bank to update their information on record.

If you have any questions or concerns regarding this Policy, kindly contact us via info@bosakmfb.com .

Note: This Privacy notice may be updated from time to time; only the most recent version is found on www.bosakmfb.com.

APPROVED BY THE BOARD OF

DIRECTORS OF BOSAK MICROFINANCE BANK LIMITED