In this notice “BOV”, “the Bank”, “we”, and “us” refers to Bank of Valletta p.l.c. and its subsidiaries, and “our” shall be construed accordingly.
“You” includes any attorney duly appointed by means of a power of attorney/mandate, trustees, executors, curators or any other legitimate representatives.
This Policy Notice sets out the basis for which any of your personal data is collected and processed by us.
“Personal Data” is data that identifies an individual, including but not limited to
- Email address
- Postal address
- Account details and related contact information
- Contact number
- Date of birth
- Identification number
- Localisation information
- Photographic, telephonic, and other such electronic recordings
The data we collect
We collect and process your personal data mainly to provide you with access to our services and products, and to help us improve same.
We may collect personal data about you from different sources, data including the following:
- Data given to us directly by yourself
- Data collected automatically when you use BOV Website, Internet Banking, Mobile Banking App, and ATMs
- Data collected from other publicly available sources
Scope of Processing
The Bank will process personal data for the following purposes only, namely:
- To be able to provide the product or service that you have applied for, in order to fulfil our contract with you
- To provide you with statements and other data regarding those products and services
- For internal assessment and analysis (including credit and/or behaviour scoring, market, product analysis, risk management, and in order to protect our legitimate interest)
- For the detection and prevention of fraud, prevention of money laundering and other criminal activity which the Bank is bound to report, including the carrying out of customer due diligence. This will be done in order to fulfil our legal obligations and to safeguard our legitimate interest as well as public interest
- In furtherance of our legitimate interest in developing and improving the Bank’s products and services;
- For direct marketing, such as to inform you, by mail, telephone, e-mail or other electronic means, about other products and services supplied by the Bank, its subsidiaries, associates, agents and by other carefully selected third parties, and for research purposes
- To safeguard our legal rights, such as in the case of enforcing or protecting our security, or recovering amounts owed to us by you or your co-debtors, or other persons whose borrowing you have secured
We may use your data to protect you in the following ways:
- We may record phone calls to confirm details of our conversations, for your protection, to train our staff and to maintain the quality of our service
- We use CCTV to record images in and around our premises to prevent and detect crime
- Before we provide any service, we will carry out anti-money laundering checks, which may include searches to confirm your identity
Your data may be transferred to and stored in locations outside the European Economic Area (EEA), including countries that may not have the same level of protection for personal data. When we do this, we will make sure that it has an appropriate level of protection and that the transfer is lawful. We may need to transfer your data in this way to carry out our contract with you, to fulfil a legal obligation, to protect the public interest and/or for our legitimate interests.
Other Products and Services
From time to time we would like to tell you about our other products and services, and those arranged by us with other suppliers such as insurance companies.
Any personal data you provide in the process of enquiring/ arranging any of our other products and services is provided in the strictest confidence. We will only use this for the purposes specified in your enquiry and we will never pass your personal details to these third parties or any other companies for any other reason.
If you have already provided your consent, we will continue to rely on this permission until you request us to stop sending you data.
Data we share
Your personal data may be disclosed to or exchanged with all employees of the Bank and its subsidiaries, and their consultants, associates and agents.
We do not share personal data with companies, organisations and individuals outside of the Bank unless one of the following circumstances applies:
- With your consent - We will share personal data with companies, organisations or individuals outside of the Bank when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal data
- For external processing - We provide personal data to trusted businesses or persons to whom we may outsource certain functions from time to time, in order to provide you with the products or services you have requested, and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures
- For legal reasons - We will share personal data with companies, organisations or individuals outside of the Bank if we have a good-faith belief that access, use, preservation or disclosure of the data is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request
- enforce applicable terms of service, including investigation of potential violations
- detect, prevent, or otherwise address fraud
- protect against harm to the rights, property or safety of the Bank, our users or the public as required or permitted by law
We may share non-personally identifiable data publicly. For example, we may share data publicly to show trends to about the general use of our services.
If the Bank is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal data and give affected users notice before personal data is transferred or becomes subject to a different Privacy Notice.
We will not retain your personal data for longer than it is required for the maintenance of your relationship with us, or for any legal or regulatory requirements.
We make sure to use reasonable measures to protect the personal data within the Bank. If you have reason to believe that your interaction with us is no longer secure, please immediately advise us.
When you visit BOV’s Website, BOV’s web server automatically records details about you, such as IP address, the website from which you where redirected to BOV’s website, type of browser and BOV’s website pages visited by you including date and duration.
BOV will use your personal data:
- for the purposes of technical administration and research & development of the Bank’s Website
- for user administration and marketing
- to inform you about our services and products
Data Subject Rights
Your rights in connection with personal data under certain circumstances, by law you have the right to
- Request accessto your personal data. This enables you to receive a copy of the personal data we hold about you and how we process it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party.
Access Requests and Marketing Options
If you wish to exercise your rights or change your marketing preferences, you may do so,
- directly at one of our branches
- by submitting a written request to us
- by sending an email to [email protected]
Should you not visit a branch in person, we may need to contact you in order to verify your identity and request.
Updates to this Privacy Notice
We reserve the right to update this privacy notice at any time. The updated privacy notice will be published on our website and available here. If you have any questions about this Privacy Notice, please contact us at [email protected]
Contact details of BOV, BOV’s data protection officer and the Supervisory Authority
Bank contact Details:
Land Line: (356) 2131 2020
Email: [email protected]
Bank Data Protection Officer Contact Details:
Land Line: (356) 2275 3700
Address: Bank of Valletta p.l.c.
Level 3/R, Centris Business Gateway,
Triq is-Salib tal-Imrieħel
Zone 3, Central Business District
Birkirkara CBD 3020 - Malta
Email: [email protected]
Supervisory Authority Contact Details:
Land Line: (356) 2328 7100
Email: [email protected]