QIB (UK) Fair Data Processing Notice

Introduction

The privacy and security of your personal information is important to us.  You can find out more here about your privacy rights and how we gather, use and share your personal information – that includes the personal information we already hold about you and personal information we might gather from you or about you in the future.

This notice provides you with the information required by the “GDPR”, Regulation (EU) 2016/679 of the European Parliament and Council on the protection of natural persons with regard to the processing of personal data (General Data Protection Regulation).  It explains who we are, what types of personal information we gather and use, the purposes for which we use it and on which lawful basis, who we share your personal information with and how long we keep it for. It also informs you of certain rights you have regarding your personal information under current data protection law (in particular, the GDPR and any legislation made under it).

We are committed to collecting and using such data fairly and transparently in accordance with the latest data protection requirements.

In this Notice we refer variously to ‘personal information’, ‘data’, ‘personal data’ and ‘details’.  We use these terms interchangeably to mean information capable of identifying you, which is personal data as defined in the GDPR.  We also sometimes refer to “processing” such data.  This means any operation we perform on it, such as collection, organising, storing, updating, using, disclosing and erasing.

Who we are and who can I contact regarding Personal Data

QIB (UK) Plc (referred to in this Notice as QIB (UK), “we”, “us, or “our”) is a Shari’a compliant Private Bank, authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Financial Services Register No. 466577.

QIB (UK) is a subsidiary of Qatar Islamic Bank

QIB (UK) is incorporated in England (Company No. 04656003) and its registered office is at 43 Grosvenor Street, London, W1K 3HL. Should you have any questions regarding personal data you can get in touch with our Data Protection Manager by email at compliance@qib-uk.com or by post at:

Sabine Beregova,

43 Grosvenor Street,

London, W1K 3HL

Personal data

Typically we collect and process the following personal data about you:

  • name
  • address
  • date of birth
  • details of your current and previous countries of residence/citizenship
  • a copy of your identification document (passport; ID card or driving licence);
  • e-mail address and contact telephone numbers
  • financial statements, i.e. bank statements, net worth statements and other financial documents

The legal bases for our processing of your personal information is one or more of the following, depending on the information concerned and the purpose for which we process it (as described elsewhere in this Notice):

  • we need to process the information to comply with our legal obligations;
  • we need to process the information to perform a contract with you or to take steps at your request before entering into a contract; and/or
  • it is necessary to process the personal information either for our or someone else’s legitimate interests, where this does not override your interests, rights or freedoms – this can include where it is in our interests to contact you about products or services, market to you, collaborate with others to improve our services, to prevent fraud or ensure network and information security;
  • occasionally, where we have your specific freely given consent (if consent is needed) having first informed you of the purpose of the processing.

Where we have your consent, you have the right to withdraw it. We shall let you know how to do that at the time we gather your consent or it can be done by sending an email to compliance@qib-uk.com headed Opt-out. This will not affect processing before withdrawal or which is based on another lawful basis of processing.

Criminal information

We may use information about criminal proceedings relating to you to make lending decisions (for example we shall not lend to you if you are a subject of criminal prosecution), for fraud prevention/anti-money laundering purposes and to fulfil our legal and regulatory obligations, to the extent authorised by applicable law.

We shall use your personal information for the following general purposes:

  • to assess and provide the products or services that you have requested;
  • to communicate with you;
  • to inform you about our products and services , including by direct marketing;
  • to authenticate your identity;
  • to manage our relationship with you;
  • to comply with legal obligations and prevent fraud;
  • for administrative purposes;
  • for purposes related to our proposed corporate activities, such as a sale or merger.

We set these out in more detail below.

Providing you with products and services

To administer payments to and from you, we shall use:

  • your contact details and the payment details that you have provided to us; and
  • your location data to enable us to verify locations at which payments are made for fraud prevention purposes.

We may give this information to our third party payment providers to process the payment to you.

To comply with our legal obligations, to prevent financial crime including fraud and money laundering

we shall use:

  • any information you have given us, that we have obtained from a third party, or that we have obtained by looking at how you use our services, where it is necessary for us to use that information to comply with a legal obligation; and
  • this information shall include name, address, date of birth, every country of residence/citizenship, personal identification (which may include passport number or driving license number) your IP address, and information about any criminal convictions.

We shall give information to and receive information from third parties where that is necessary to meet our legal obligations, including credit reference agencies, fraud prevention agencies, the police and other law enforcement and government agencies, other banks and regulators.

To make credit decisions about you we shall use:

  • information you give to us about your credit history;
  • information about those you are financially linked to (such as your partner);
  • information about how you have used other products and services offered by us or other members of QIB Group;
  • information we may receive from third party credit reference agencies.

For this purpose, we share the information with credit reference and fraud prevention agencies.

For corporate customers, we shall use personal information about key individuals in the business, so we can operate and administer the products and services which we provide to the business – to do this we shall use:

  • personal information about key individuals who are either a sole trader of the business or are a proprietor, director, company secretary, shareholder, partner, member, committee member, trustee, controller, beneficial owner or authorised signatory to the account of the business;
  • the personal information about key individuals as set out in this section, and we may use it for any of the purposes described in this section. We may hold personal information on key individuals for the purposes of operating and administering products and services which we provide to the business, as well as for the purposes of fraud prevention and anti-money laundering, for debt recovery purposes, and to make credit decisions about the business.

 Personal information on key individuals is obtained directly from the key individual, from the business to which the key individual is linked with, from the key individual’s dealings with any member of QIB Group, and from fraud prevention and credit reference agencies. Such information may include information relating to criminal convictions to the extent authorised by applicable law, for example relating to fraud prevention.

Direct Marketing

We may take the opportunity to:

  • contact you about products that are closely related to those you already hold with us;
  • provide additional assistance or tips about these products or services.

We sometimes need to gather, use and share additional personal information for specific purposes, which are set out in more detail below.

In addition to the information you provide to us directly, we collect personal information in a number of ways for example from third parties for the purpose of verifying any international sanctions that can be imposed by the UN Security Council, the European Union (EU) and individual states, PEP checks and negative media reports.

In some cases we won’t be able to provide products and services to you if we don’t have all the personal information we need.

Sometimes for your safety and for legal reasons we also may obtain some personal information from monitoring or recording calls, or through CCTV. We shall record or monitor phone calls with you for regulatory purposes, for training and to ensure and improve quality of service delivery, to ensure safety of our staff and customers, and to resolve queries or issues. We also use CCTV on our premises to ensure the safety and security of our staff and customers.

We share personal information internally where we must to make products and services available to you, market products and services to you, meet or enforce a legal obligation or where it is fair and reasonable for us to do so. See section above on ‘How we use your personal information’ for more information about how we do this. We shall only share your personal information to the extent needed for those purposes.  

We share your personal information with our solicitors, surveyors, valuers and other similar third parties where needed to provide you with the best service.

We also share your personal information with third parties who help us to deliver our products and services, such as our service providers for Debit Cards, ATMs and payment processing.

We can also share your personal information to comply with law obligations and enforce our legal rights (including debt recovery). We use your information in this way because it is necessary to perform our contract with you and to meet our legal commitments.

We share your personal information with our parent company QIB Q.P.S.C. which is located outside of the EU in a country which does not have a similar standard of data protection laws. We have put in place our own measures to ensure adequate personal data protection, namely by entering into specific contract with QIB Q.P.S.C. in a form approved by the European Commission.

Where we transfer your personal information to any other recipients (as described in various places in this notice) located outside the EU, then except where necessary to perform a contract with you or to implement pre-contract measures at your request or perform or conclude a contract with a third party (including your associated business) in your interest, we will ensure at least one of the following safeguards is implemented:

 

  • we will only transfer the data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • where we transfer the data to third parties, we will use specific contracts between us and the recipient in a form approved by the European Commission.

We keep your personal information securely for seven years after closure of your account or from the date you last used one of our services or were in touch in case where transaction have not progressed and account was not opened as a result.

In some circumstances we shall hold personal information for longer for such period as is necessary for resolving active legal proceedings or for the limitation period of any potential proceedings, to resolve or defend claims, and for the purpose of making remediation payments.

We use cookies to deliver superior functionality and to enhance your experience of our websites. Cookies are small text files that are placed on your computer, smartphone or other device when you access the internet.

Why are cookies essential to the QIB (UK) PLC website?

This website, along with most other websites, uses cookies. Cookies enable users to navigate around websites and (where appropriate) enable us to tailor the content to fit the needs of visitors who have accessed the site and help us improve the user experience. Without cookies enabled we cannot guarantee that the website and your experience whilst visiting are as we intended it to be. None of the cookies used on our websites collect personally identifiable information about you.

 

The cookies that QIB (UK) PLC uses

We use cookies in the following ways:

  • to track how visitors reach our site and the path they take through it to help us improve our service to you. For example, we use Google Analytics, a popular web analytics service provided by Google. Google Analytics uses cookies to help us to analyse how users use the site. Find out more about how these cookies are used on the Google Privacy site;
  • to monitor and manage our website traffic;
  • to understand how our advertising campaigns and promotions within our website are working to improve our site design, offers and promotions. No information is passed to third parties.

Please note that none of the cookies we use on our website contain personal information, and cannot be used to identify you.

The length of time a cookie shall remain on your device shall depend on the type of cookie.

How to control and delete cookies

If you wish to restrict or block the cookies which are set by us, or indeed any other website, you can do this through your browser settings. The Help function within your browser should tell you how.

You have the Right to Object to how we use your personal information. You also have the Right to Access what personal information we hold about you. In addition, you can ask us to correct inaccuracies, delete or restrict personal information or to ask for some of your personal information to be provided to someone else.

You have the right to complain to QIB (UK), through the nominated Data Protection Manager provided above, or directly to the Data Protection Regulator - Information Commissioner’s Office.

You can contact us via your Relationship Manager, by phone, e-mail, post or in person by visiting our branch to exercise any of the following privacy rights:

Right to object: You can object to our processing of your personal information. Please contact us as noted above, providing details of your objection.

Access to your personal information: You can request access to a copy of your personal information that we hold, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for.

Please make all requests for access in writing, and provide us with evidence of your identity.

Right to withdraw consent: If you have given us your consent to use personal information, you can withdraw your consent at any time and update your marketing preferences.  This will not affect any use of your personal information before your consent was withdrawn or affect any other lawful basis of our processing it.

Rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you.

Erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.

Portability: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.

Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.