Access Bank (Rwanda) respects your privacy and is committed to protecting your personal data.
This Privacy Policy seeks to provide you with information about how Access Bank (Rwanda) processes your personal information (including the collection, usage, storage, retention, and security of your Personal Data).
Access Bank (Rwanda) will only process your information where the Bank has received the information directly from you as a data controller or by our clients where we are processors in accordance with their instructions and in line with the Bank’s obligations and other Jurisdictional Data Protection laws that are applicable.
Please read this Privacy Policy carefully to understand our views and practices regarding your personal data and how we will treat it.
This Privacy Policy shall be amended or updated from time to time to reflect changes in our practices with respect to the processing of personal data, or changes in applicable data protection regulations.
What constitutes consent?
You consent to our use of your personal information when you (voluntarily) provide us with them to access any of our products online or in any of our banking outlets.
Security of personal information
Safeguarding your personal information is our main concern. We maintain physical, electronic, and procedural safeguards that comply with applicable laws and regulations to secure your information from unauthorized access and use, accidental or unlawful alteration and destruction, and other unlawful or unauthorized forms of processing. We engage in the continuous training of our employees in the proper management of personal information. When we use other companies to provide services, we require them to protect the confidentiality of the personal information they receive.
At Access Bank (Rwanda) Plc, we take data privacy very seriously and we provide our customers with all necessary data security to protect such personal information from unauthorized access. We require any third parties who carry out any work on our behalf to comply with appropriate compliance standards to protect your information. We are pleased to announce that we comply with global best practices and requirements of the GDPR of the European Union.
The information we collect.
We collect the personal information necessary to open a bank account as mandated by the National Bank of Rwanda. They include name, address, telephone number, email address, contact address, and Means of Identification. All these required that personal data are collected voluntarily and clearly when you access our products online or offline.
How do we collect information?
We may collect information from a range of sources, and it may relate to any of the products or services we currently provide or may have provided in the past.
We collect your personal information when...
Note that we may collect information about your computer (or mobile device), including where available your IP address, operating system, and browser type, for system administration or for our own commercial purposes. This is statistical data about our users' browsing actions and patterns and does not identify any individual.
How we use your information
Who do we share your information with
Towards enhancing our service delivery, we may share data with our technical support service providers, partners, and associates However, where applicable, we execute compliant data-sharing agreements or data processing agreements to provide an extra layer of protection for personal information shared in the process.
Lawful Basis for Processing Information
We shall process your information on the following basis:
Individual rights
The right to be informed.
To emphasize the need for transparency over the usage of personal data, we ensure fair processing of information typically through this privacy policy.
The right to access
Individuals have the right to access information the Bank holds, access their personal data and other supplementary information, and obtain information about how we process it.
The right to restrict processing.
Individuals have a right to ‘block’ or withdraw their consent to our processing of your information, which you can do at any time. When processing is restricted, we are permitted to store the personal data, but not further process it.
The right to rectification
Individuals are entitled to have personal data rectified if it is inaccurate or incomplete. If this personal data in question has been disclosed to third parties, they must be informed of the rectification where possible. The Bank must also inform the individuals about the third parties to whom the data has been disclosed where appropriate.
The right to erasure
Individuals have the right to request the deletion or removal of personal data where there is no compelling legal or regulatory requirement for its continued processing. The Bank will make sure that this right is protected.
The right to data portability
We will ensure that personal data is moved, copied, or transferred easily from one IT environment to another in a safe and secure way, without hindrance to usability.
The right to object
Individuals have the right to object to our processing of their information in some circumstances.
Retention Period
Access Bank (Rwanda) Plc shall keep your information for as long as it is necessary and relevant to the purposes set out in this Privacy Policy unless a longer retention period is required or permitted by law. When we have no ongoing legitimate business need to process your personal information, we may either delete or anonymize such information, or if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your information and isolate it from further processing.
Use of CCTV
When you visit our branches, we use CCTV cameras for security reasons and record keeping.
Available remedies
In the event of an infringement of data protection rights, we will use ensure any damage is remedied within the shortest possible time. However, you are at liberty to report to the Data Protection Office under the National Cyber Security Authority (NCSA) or seek other legal remedies.
Cookies Policy
A cookie is a small file that is placed on your computer’s hard drive. Its functions include storing your login and session statuses, recording your user preferences, and analyzing web traffic.
Cookies enable websites and applications to store your user preferences in order to enhance your overall website experience by better understanding your preferences, likes, and dislikes. They also allow websites to identify when users are logged on to their site and when they return to their site, test new content, and analyze web traffic with data analytics.
Apart from the date that you elect to disclose and share with us, we cannot access your computer or any other information about you with cookies.
Although most browsers automatically accept cookies, you can amend your browser settings to disable cookies. This may however prevent you from fully experiencing the website as it was intended.
Individual Responsibility
Individuals are responsible for making sure the information provided to the Bank is accurate and should inform the Bank of any changes as it occurs, this will enable us to update your information with us.
Children
Access Bank (Rwanda) Plc understands and acknowledges the importance of safeguarding children’s privacy, hence, our sites are not intentionally designed for or directed at children under the age of 18 It is our policy never to knowingly collect or maintain information about anyone under the age of 18, except as part of an engagement to provide child-categorized account opening services which require parental guardianship.
Data security and integrity
Access Bank (Rwanda) Plc has implemented reasonable and effective security policies and procedures to protect your personal information from unauthorized access, data loss and misuse, alteration, or destruction. To the best of our ability, access to your personal information is limited to those who have a need to know and are required to always maintain the confidentiality of such information. Despite our best efforts and intentions, we acknowledge that security cannot be absolutely guaranteed against all threat actors.
Hence, we also make reasonable efforts to retain personal information only for so long
Automated decision making
Except as otherwise declared by the Rwanda Data Protection Law, we do not engage in automated decision-making as all our processes have human intervention.
If you would like further information on anything included in this Privacy Policy, contact us at:3rd Floor KIC City Center Building, KN4 Avenue, Kigali, E-mail: info.rwanda@accessbankplc.com
This Privacy Notice may be updated from time to time and the most recent version can be found on rwanda.accessbankplc.com
Latest News