About BLME

Bank of London and The Middle East (“BLME”) is an independent UK bank based in London with an office in Dubai.

Privacy Policy

This policy describes how we use your personal information.

 

Introduction

Bank of London and The Middle East plc (BLME, we, us, our) is committed to safeguarding the privacy of the personal data we collect and process.

This Privacy Policy forms part of our commitment to be open and fair with all individuals whose personal data we process and to provide details around how we process such personal data and what we do with it.

For example, as part of the/our customer on-boarding process we will collect your personal data such as your name, address, telephone number, email address, employment details, financial information and passport details in order to verify your identify and, in some cases, assess your credit worthiness for the product for which you have applied. We do this as part of our legal obligations as a regulated provider of financial services and also to safeguard our business and our customers from fraud and other criminal activity.

If you have any questions, please contact the BLME Data Protection Officer at:

E-mail
:                   dpo@blme.com

Post:                      BLME Data Protection Officer, Cannon Place, 78 Cannon Street, London, EC4N 6HL

Telephone:            0207 618 0000

If we change anything important about this policy (the information we collect, how we use it or why we use it) we will highlight those changes at the top of the policy and provide a prominent link to it for a reasonable length of time following the change and prior to the change taking effect.

 

Who we are

We are Bank of London and The Middle East plc. 

Your personal data is collected by Bank of London and The Middle East plc. Bank of London and The Middle East plc is a company registered in England & Wales.  Its company registered number is 05897786. The registered office address is Cannon Place, 78 Cannon Street, London, EC4N 6HL. 

Personal data of shareholders is collected by Bank of London and The Middle East Holding plc. Bank of London and The Middle East Holding plc is a company registered in England & Wales. Its company registered number is 08503102. The registered office address is Cannon Place, 78 Cannon Street, London, EC4N 6HL. 

Bank of London and The Middle East plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.  Bank of London and The Middle East plc appears on the FCA Register under firm reference number 464292. 

Scope

The scope of this Privacy Policy covers customers and shareholders personal data in respect of the following:

  1. Collecting personal data
  2. Retaining personal data
  3. Information we share
  4. Where your information will be held
  5. Your rights
  6. Right to object
  7. Direct marketing
  8. Analysis and advertising
  9. Cookies
  10. Security
  11. Links to third party websites
  12. Children
  13. Changes to this Privacy Policy
  14. How to contact us

1.       Collecting Personal Data

We will collect, store and use your personal data to allow access to our website, to facilitate your applications for products or services through our website or in person, to allow you to manage the product or service you have with us (including by submitting instructions online) and for the purposes set out in more detail in this section.

Certain types of personal data are more sensitive than others. "Special personal data" about you includes information about health, disability, race, ethnicity, criminal offences (or alleged offences), political opinions, biometrics or religion. We may collect and receive special personal data about you.

Your personal data may be shared with some third parties as is set out in more detail below.

 

What personal data we collect

How we use your personal data

Why we use your personal data 

1

Information that you give to us as part of the customer on-boarding process, whether online, in-person or over the telephone including:

 

·    Your contact details including: your name, address, email address

·    Your bank account details and financial information

·    Your employment details

·    Your date of birth

·    Your national insurance number

·    Your gender

·    Your marital status

·    Your passport details

·    Your signature

·    The product / service purchased

We use this information to:

 

·     Process your application

·     On-board you as a customer and to help us ensure that our customers are genuine, to check whether our customers are politically exposed persons or are on sanctions lists, and to guard against money laundering, terrorist financing, fraud and other criminal activities

·     Conduct money laundering, financial and credit checks (which may be renewed from time to time)

·     Verify our customers' credit histories

·     Conduct internal risk assessments to determine whether we can provide you with our products or services

·     Perform continual monitoring of your account(s) for fraud and crime prevention and detection purposes

·     Provide, manage and administer our products and services to you, including opening and managing your account

·     Manage our relationship with you

·     Make payment to you or take payment from you

·     To communicate with you regarding your account and our services

·     Better understand how our customers use products and services from us and other organisations

·     To provide advice or guidance about our products and services

·     Send you direct marketing about products and services we think you might be interested in and personalised offers or information which are based on the products and services you receive

·     Collect debts

·     Make necessary disclosures in response to requests, which we are legally required to comply with, to law enforcement or a regulatory authority, body or agency or in the defence of legal claims.

We use your personal data:

 

·     As it is necessary for the performance of our contract with you. For example, we must use your contact details and payment details to create your account and to manage your finances / assets

·     To meet our legal obligations in respect of Anti-Money Laundering laws and "Know your Customer" requirements. For example, if we suspect money laundering or terrorist financing, we must make a disclosure to the relevant authority

·     As it is in our legitimate interest and your legitimate interest that we protect you and BLME against fraud or criminal activity which might negatively impact your account or the products and services which we are providing

·     As it is in our legitimate interests to better understand the needs and concerns of our customers so that we may improve the products and services we offer and the way in which we provide our existing products and services as well as developing new products and services

·     Where we have collected your consent for direct electronic marketing you can withdraw your consent at any time by clicking on the unsubscribe link in any of our marketing emails or by contacting the BLME Data Protection Officer. 

2

Information that is given to us by you as an organisation as part of the customer on-boarding process, whether online, in person or over the telephone including:

·    your contact details including: your name, address, email address

·    your position at the organisations, including details of your start date and the role held

·    Details of other positions held by you concurrently or in the past

·    Details of any previous disqualifications from acting as an officer or director of a Company

We use this information to:

·     To help us ensure that our customers are genuine, to check whether our customers are politically exposed persons or are on sanctions lists, and to guard against money laundering, terrorist financing, fraud and other criminal activities

·     Conduct money laundering, financial and credit checks (which may be renewed from time to time)

We use your personal data:

·     To meet our legal obligations in respect of Anti-Money Laundering laws and "Know your Customer" requirements

3

Information when you communicate with us whether in person, through our website or via email, over the telephone, through social media or via any other medium, including:

 

·      Your contact details (which can include your email address or social media account details, depending on how you choose to communicate with us)

·      The details of your communications with us (including when you sent it, when we received it and where you sent it from, such as our website, post, telephone, email or social media) The details of our messages to you (including information that you may post on our social media platforms)

We use this information to:

 

·     Answer any issues or concerns

·     Monitor customer communications for quality and training purposes

·     Develop new services which are based on the information you provide

·     Improve our services based on the information and feedback you provide and the information and feedback provided by others

·     Personalise our service to you to take account of the information and feedback you have provided

·     Make necessary disclosures in response to requests which we are legally required to comply with, to law enforcement or a regulatory authority, body or agency or in the defence of legal claims.

We use your personal data:

 

·     As it is necessary for the performance of our contract with you.

·     To meet our legal obligation to communicate with you regarding certain matters concerning your finances

·     As it is in our legitimate interests to better understand the needs and concerns of our customers so that we may improve the products and services we offer and the way in which we provide our existing products and services as well as developing new products and services

4

Information that we collect through your use of our website including:

·      Device information such as operating system, unique device identifiers, the mobile network system

·      Hardware and browser settings

·      Date and time of requests

·      The requests you make

·      The pages you visit and search engine terms you use

·      IP addresses

We use this information to:

·     Provide and adapt our services to take account of the technical capabilities of our users

·     Develop new services based on the information being collected, the behaviours of our users and the technical capabilities of our users

·     Improve our services to better suit the behaviours and technical capabilities of the users of our service

·     Identify issues with the website and users’ experiences of it

·     Manage and administer our IT systems

·     Monitor the way our website is used (including locations it is accessed from, devices it is accessed from, understanding peak usage times and analysing what functionality and information is most and least accessed)

We use your personal data:

·     As it is in our legitimate interests to understand and assess the number of visitors, where the visitors have come from, page views and devices used in order to optimise our website to ensure that we are delivering it in a way that is helpful to our users and provides relevant, engaging and helpful information.

·     As it is in our legitimate interests to ensure that our websites, network and information technology are secure and are being used in an appropriate manner.

5

Information that we collect from third party partners and corporate customers which includes:

·         Fraud prevention agencies

·      KYC (Know Your Customer/ KYB (Know Your Business) Providers

·      Financial Crime Prevention Providers

·      Compliance Providers

·      Payment processing companies

·      Your other financial services provider(s)

·      Your professional advisors

·      Other entities in our group

·      Publicly available sources such as the electoral roll

We use this information to:

 

·     On-board you as a customer and to help us ensure that our customers are genuine, to check whether our customers are politically exposed persons or are on sanctions lists, and to guard against money laundering, terrorist financing, fraud and other criminal activities

·     Conduct money laundering, financial and credit checks (which may be renewed from time to time)

·     Verify our customers' credit histories

·     Perform continual monitoring of your account(s) for fraud and crime prevention and detection purposes

·     Conduct internal risk assessments to determine whether we can provide you with our products or services

·     Provide, manage and administer our products and services to you, including opening and managing your account

·     Manage and administer our IT systems

·     Make payment to you or take payment from you. 

We use your personal data:

 

·     As it is necessary for the performance of our contract with you. For example, we will use your account details provided by your other financial services providers to transfer amounts in accordance with your instructions

·     To meet our legal obligations in respect of Anti-Money Laundering laws and "Know your Customer" requirements. For example, if we suspect money laundering or terrorist financing, we must make a disclosure to the relevant authority

·     As it is in our legitimate interest and your legitimate interest that we protect you against fraud or criminal activity which might negatively impact your account or the products and services which we are providing.

6

Information that we collect incidentally from other sources such as  public sources, or from  individuals representing organisations, including:

 ·         Information available in  the media

·         Information presented on our social media or wider social media platforms including Facebook, Twitter and LinkedIn

·         Information collected by security systems

·         Contact details of individuals working for organisations

·         Other personal information regarding such individuals

We use this information to:

 ·     Maintain market awareness

·     Build and maintain social media branding

·     Provide security to our premises

·     On-board you as a customer and to help us ensure that our customers are genuine, to check whether our customers are politically exposed persons or are on sanctions lists, and to guard against money laundering, terrorist financing, fraud and other criminal activities

·     Build relationships with other organisations

·     Provide marketing communications to these individuals

·     Improve our services and develop new services based on the preferences and behaviours of these individuals

We use your personal data:

 ·     As it is in our legitimate interest to remain aware of updated market practice to ensure that we are offering a service which is competitive and meets the expectations of our customers 

·     As it is in our legitimate interest to enhance our brand awareness and reputation which will help us to become more successful and to offer a greater variety of products and services to our customers.  

·     As it is in our legitimate interest to monitor the areas around and within our premises to safeguard our employees, customers and members of the public against wrongdoing or criminal activity.

·     To meet our legal obligations in respect of Anti-Money Laundering laws and "Know your Customer" requirements. For example, if we suspect money laundering or terrorist financing, we must make a disclosure to the relevant authority

7

Shareholder and investor data. We collect and process personal data relating to our shareholders and investors  which includes

 

Your contact details including: your name, address, email address, identity document

We use this information to:

·      Maintain an accurate record of our past and current shareholders

·      Communicate with our shareholders

We use your personal data:

·    To meet our legal obligations in respect of corporate law. 

2.        Collecting Special Categories of Personal Data

We have identified here the types of special categories of personal data and criminal data we may collect or receive, how we will use it and why we will use it.

 

What special categories of personal data we collect

How we use your special category personal data

Why we use your special category personal data

1

Special Categories of Information and Criminal Data that you give us or that we receive from you, your organisation or from third parties:

 

·      Passport details which may disclose details of your racial or ethnic origin (and nationality)

·      Buying and / or applying for certain products and /or services that imply specific religious beliefs (such as placing a Wakala Deposit)

·      Information relating to criminal activity that is provided to us from third party organisations providing screening services

·      Other special categories of personal data which you provide to us whether in person, by telephone, in writing, by email or by some other form of communication

We use this information to:

 

·     Process your application

·     On-board you as a customer and to help us ensure that our customers are genuine, to check whether our customers are politically exposed persons or are on sanctions lists, and to guard against money laundering, terrorist financing, fraud and other criminal activities

·     To make suspicious activity reports which include detailed information about transactions that are or appear to be suspicious to the relevant authorities or regulators

·     Conduct money laundering, financial and credit checks (which may be renewed from time to time)

·     Conduct internal risk assessments to determine whether we can provide you with our products or services

·     Perform continual monitoring of your account(s) for fraud and crime prevention and detection purposes

·     Provide, manage and administer our products and services to you, including opening and managing your account

·     Respond to your questions, queries and / or complaints

·     For the purpose of providing Financial Services Compensation Scheme with a list of our depositors in case of BLME being unable to continue

We use your special categories of personal data:

 

·        Where you have manifestly made this information public

·        Where the processing is necessary in connection with legal claims

·        Where we have collected your explicit consent for a particular processing purpose

·        Where the processing is in the substantial public interest. For example, we process special categories of personal data in connection with our background checks, Suspicious Activity Reports and sanction screening in order to prevent or detect unlawful acts

 

3.        Retaining Personal and Special Category Personal Data

We will keep your information for as long as you are a BLME customer and for a period of time after you stop being a customer of ours.

When you stop being a BLME customer, we will retain your personal data for a period of up to six years. We retain your personal data in this way to enable us to respond to any queries or complaints which you may have in the future and to maintain records in line with our legal obligations to do so.

In certain circumstances we may also retain your personal data for longer than 10 years if this is necessary in connection with a legal, regulatory or contractual obligation.

For example, we will retain a copy of your contact details if you object or opt-out of receiving direct marketing communications from us. We will add your details to our suppression list to ensure you do not receive any future marketing communications from us. Also, we will not delete personal data if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.

In all cases, we will continue to protect your personal data in accordance with the terms of this Privacy Policy. We will also routinely refresh our information to ensure we keep it up-to-date.

 

4.        Information we share

There are certain circumstances where we transfer your personal data to employees, contractors and to other parties.

  • We share your information with certain contractors or service providers. They may process your personal data for us, for example, if we use a marketing agency. Other service providers include advertising agencies, IT suppliers, database providers, backup and disaster recovery specialists, email providers and outsourced call centres.

    Our suppliers and service providers will be required to meet our standards on processing information and security. The information we provide them, including your personal data, will only be provided in connection with the performance of their function. They will not be permitted to use your personal data for any purposes other than those outlined in this Privacy Policy.
  • We also share your information with certain third parties. We will do this either when we receive your consent or because we need them to see your information to provide products or services to you or for one of the other purposes set out in this Privacy Policy. These include, our professional advisors (including lawyers, accountants and auditors), UK Financial Services Compensation Scheme, HM Revenue & Customs, credit reference agencies, anti-fraud databases and agencies, screening agencies, organisations that introduce you to us, third parties associated or linked with your business, organisations that we introduce you to and Independent Financial Advisors.  
  • If you have a debit card with us, we will share your personal data (including your transaction information) with the Card Issuer and Service Provider, the Card Scheme and Card Processor Providers who assist us in providing this service to you.

 

  •  Your personal data may be transferred to other third party organisations in certain scenarios:
    • If we discuss selling or transferring part or all of our business – the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
    • If we are reorganised or sold, information may be transferred to a buyer who can continue to provide services to you;
    • If we're required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority – for example the Police; or
    • If we are defending a legal claim your information may be transferred as required in connection with defending such claim.
  • We do not sell, rent or trade any of your personal data.
  • We will not, without your consent, disclose or supply your personal data to any third party for the purpose of their or any other third party's direct marketing.
  • Your personal data may be shared if it is made anonymous and aggregated, as in such circumstances the information will cease to be personal data.

 

5.         Where your Information Will Be Held

Your information may be transferred outside the European Economic Area.

Personal data that we collect, is predominantly stored in the UK. Your personal data may be stored and processed in and transferred between any of the countries in which we operate (which includes the UK and Dubai), in order to enable us to use the information in accordance with this Privacy Policy.

We will only transfer data to jurisdictions outside the scope of the European General Data Protection Regulation (GDPR) where the appropriate safeguards set out in the GDPR are in place.

However, to ensure your personal information is properly protected in line with EU and UK data protection law, the transfer of this information is governed by a contract including Standard Contractual Clauses approved by the European Commission in accordance with Article 46(2) (c) of the General Data Protection Regulation.

If you would like to obtain copies of the regulator-approved Standard Contractual Clauses please contact our Data Protection Officer at the e-mail address provided on the first page of this notice.

 

6.         Your Rights

You have certain rights in relation to your information. The availability of these rights and the ways in which you can use them are set out below in more detail.

Some of these rights will only apply in certain circumstances. If you would like to exercise, or discuss, any of these rights, please contact the BLME Data Protection Officer at dpo@blme.com.

 

  • Access: you are entitled to ask us if we are processing your personal data and, if we are, you can request access to your personal data. This enables you to receive a copy of the personal data we hold about you and certain other information about it.  
  • Correction: you are entitled to request that any incomplete or inaccurate personal data we hold about you is corrected.
  • Erasure: you are entitled to ask us to delete or remove personal data in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required for compliance with law or in connection with claims.
  • Restriction: you are entitled to ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Transfer: you may request the transfer of certain of your personal information to another party.

If you want to exercise any of your rights, please contact the BLME Data Protection Officer at dpo@blme.com

You also have a right to lodge a complaint with a supervisory authority, in particular in the Member State in the European Union where you are habitually resident, where we are based or where an alleged infringement of Data Protection law has taken place. In the UK you can make a complaint to the Information Commissioner's Office (Tel: 0303 123 1113 or at www.ico.org.uk).

 

7.         Right to object

You have a right to object to us processing your information in certain circumstances.

You have a right to object to our processing of your personal data where this is based on our legitimate interests (or those of a third party). You may challenge our reliance on legitimate interests. However, we may be entitled to continue processing your personal data based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your personal information for direct marketing purposes.

 

8.        Direct Marketing

As described above, you can opt-out of receiving direct marketing from us at any time. 

We may use the information you give us on our website or when we accept your application to open an account with us for direct marketing purposes to provide updates; newsletters; details of events; or other communications that we think may interest you. We will only do this with your consent (where required by law).

You can opt-out of receiving directing marketing from us at any time.  you can do this by clicking on the "unsubscribe" link included at the end of any marketing email we send to you, or by contacting the BLME Data Protection Officer at dpo@blme.com or BLME Data Protection Officer, Cannon Place, 78 Cannon Street, London, EC4N 6HL

 

9.        Analysis and Marketing

We use third party tools to personalise the advertising displayed to you on our website.

For this purpose, we use cookies, web beacons or similar technologies to collect information about your browsing behaviour (see our Cookies Policy for more detailed information) and deliver interest-based ads to you.

10.       Cookies

We record the number of visitors to the relevant sections of our website and track movement between the sections by means of ‘cookies’.

Cookies are small data files containing information placed on your computer and are automatically downloaded to your device in order to recognise you as someone that has visited our website previously. We use cookies that identify your browser or device. They collect and store information when you visit our website about how you use it.

For more information about cookies, the types of cookies we use and how we use them please see our Cookie Policy.

11.       Security

We are committed to keeping your personal data safe. We have physical, technical and administrative measures in place to prevent unauthorised access, loss, misuse or alteration of your personal data.

We store all personal information on secure servers with relevant access and firewall controls.

All applications processed through our website are encrypted.

 Any personal data sent to us, either in writing or email, may be insecure in transit and we cannot guarantee its delivery.

Passwords must be kept confidential and not disclosed to a third party. BLME does not ask you for your password.

 

12.       Links to third party website

Our website, newsletters, email updates and other communications may, from time to time, contain links to and from the websites of others including our partner networks, advertisers and other group companies and/or social networks as offered to you and supported by your browser. Often links to other websites are provided solely as reference points to information on topics that may be useful to the users of our website.

The personal data that you provide through these websites is not subject to this Privacy Policy and the treatment of your personal data by such websites is not our responsibility. If you follow a link to any of these websites, please note that these websites have their own privacy policies which will set out how your information is collected and processed when visiting those sites. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of entities through which you chose to share

 

13.        Children

We do not knowingly collect information from children or other persons who are under 18 years old. If you are under 18 years old, you may not submit any personal information to us or apply for our products or services. If you believe we might have any personal information from or about a person under the age of 18, please contact the BLME Data Protection Officer.

 

14.       Changes to this Privacy Policy

This Policy will be changed from time to time.

If we change anything important about this Policy (the personal data we collect, how we use it or why) we will highlight those changes at the top of the policy and provide a prominent link to it for a reasonable length of time following the change.

We will also notify you in advance of the changes taking effect so that you understand what impact our changes may have on you.

If you would like to access previous versions of this Privacy Policy please contact the BLME Data Protection Officer.

 

15.        How to contact us

If you have any questions about this Policy please contact our Data Protection Officer:

By email:             dpo@blme.com

By post:               BLME Data Protection Officer, Cannon Place, 78 Cannon Street, London, EC4N 6HL

By telephone:      0207 618 0000