D360 Bank (hereinafter referred to as "the Bank") is committed to protecting your privacy and personal data. We uphold the highest standards of security to safeguard your information in compliance with applicable legal and regulatory requirements, including, for example, the Saudi Personal Data Protection Law ("PDPL") (hereinafter referred to as "the Law"). Where required, we will obtain your consent to process your personal data, including its collection, use, storage, archiving, and sharing, in accordance with the Law, applicable regulations, and any other relevant notices you may receive from us, depending on your relationship with the Bank.
The purpose of this notice is to inform you of the types of personal data we process, the reasons for processing it, and the legal grounds on which such processing is based.
This notice is subject to updates and modifications to ensure ongoing compliance with local and international laws, regulations, and best practices. In the event of any changes or updates, we will notify you accordingly and, where necessary, obtain your consent. You can find the date of the most recent update at the end of this document.
We collect and use your personal data only to the extent necessary to provide high-quality products and services tailored to your needs, as well as to comply with applicable regulations and risk management requirements. To achieve this, we may collect various types of personal data, including, but not limited to:
(a) Identity information, such as your name, national ID number, residency card, passport number, or date of birth.
(b) Contact details, including your national address, email address, and phone number.
(c) Information required to provide products and services, such as marital status, employment history, income, and educational level.
(d) Data related to your digital activities.
We may also collect personal data about you through various means, including but not limited to websites, mobile devices, phone conversations, email, chat, device identifiers, and IP addresses.
Where we rely on your consent as the legal basis for processing, we will provide full details of the information we request, its purpose, and how it will be used (for example, when applying to open a bank account) so that you can make an informed decision and provide your consent. If you choose not to grant consent for the use or sharing of your personal data, we may not be able to provide you with the requested products or services due to regulatory restrictions.
We will collect and use your personal data solely for the following legal purposes:
Processing includes operations such as collection, recording, storage, updating, transfer, use, sharing, destruction, or any other activity performed on personal data, whether electronically or in paper form. This processing is carried out either directly through our systems or via our authorized partners, in accordance with legal justifications.
To facilitate the necessary processing for the purposes outlined in this notice, we may share your personal data with entities within or outside the Bank, including government and regulatory authorities, service providers, and partners. This may involve transferring your personal data outside the Kingdom, in accordance with applicable legal frameworks and permitted circumstances.
In such cases, we take all necessary measures to ensure the application of appropriate safeguards and standards in order to maintain the required levels of protection as mandated by the Law. In the event of a data transfer outside the Kingdom, we commit to applying the necessary safeguards as specified in the Law.
We share your personal data with the following entities:
To fulfill the purposes outlined in this notice, we will retain your personal data only for the necessary duration or as required by law to comply with our operational and regulatory responsibilities, such as account management, customer relationships, legal claims, or regulatory requests. We will securely delete personal data as soon as permitted by the Law.
We have implemented appropriate security measures to protect your personal data from loss, damage, leakage, or unauthorized access. These measures include, but are not limited to, access control procedures, as well as network and communication security protections. In the event of a data breach or leak, we will notify you and the relevant authorities as required by Law.
Under applicable laws and regulations, you may have various rights regarding the personal data we hold. Below is a summary of your rights:
Right to Compensation: If financial or moral damage occurs due to a violation of the Law, you have the right to claim compensation.
Mechanism for Exercising Rights: To exercise any of your rights, please contact us via email at: [email protected].
Response Time: We are committed to responding to all requests within 30 days from the date of submission, as stipulated by the Law.
This notice aims to clarify the nature of the personal data we collect, the purpose of its processing, the legal basis we rely on, the entities with whom the data may be shared, as well as details about your rights, how to exercise them, and how to contact us.
This notice is subject to continuous updates based on evolving regulatory or operational requirements. You will be informed of any significant updates, and your consent will be sought when necessary.
We process your personal data for various purposes essential to providing you with our banking services, including:
The Bank manages social media channels and accounts to assist and engage with you, with the aim of improving our products and services. Please refrain from sharing any personal information on our social media accounts.
We use cookies in electronic transactions to enhance your experience. A cookie is a small data element that may be sent by an electronic service to your browser and can be stored on your device to track visits to our digital channels. Any cookies placed on your device are used exclusively for identification, performance, and security purposes and serve no other function. You can manage your cookie settings through your browser. Additionally, our application collects information directly—for example, when you log in, we obtain details such as your username, password, device name, type, model, unique identifier, and app version. Certain features in the app also allow for the collection of location data, which is gathered only when you grant permission.
We will not use your personal data for direct marketing purposes unless we obtain your explicit consent. You have the right to withdraw this consent at any time by contacting us through the channels provided above, and we will immediately cease using your data for marketing purposes.
We are committed to providing our customers with the highest quality products and services. To achieve this, we may use your personal data to monitor and evaluate our products, services, and customer interactions, including:
a) Recording and monitoring customer interactions: This includes phone calls and chats, to assess customer service quality and ensure our representatives provide accurate and helpful information.
b) Collecting and analyzing customer feedback: We gather customer feedback to improve the quality of our products, services, and overall customer experience. Reviews may be used to make necessary adjustments.
c) Seeking complaint resolution: If you submit a complaint regarding our products or services, we may use your personal data to examine and resolve it as quickly as possible.
d) Adopting training and development: Our employees undergo training sessions where customer interactions are reviewed for educational purposes. These sessions aim to enhance our team's skills and knowledge to better serve customers.
If you have an objection to data processing or are unable to exercise your rights, you may submit a complaint to the Data Protection Officer via email at: [email protected]
If you are dissatisfied with the resolution of your complaint, or if we do not respond within 30 days, you may escalate the issue to the Saudi Central Bank.
It is very important for us to maintain accurate and up-to-date information about you. Please contact us to inform us of any changes to your personal data during your engagement with us.
If you have any questions about this Privacy Notice or require further information, please contact our customer service center. You can also reach out to the Privacy Protection Officer via email at: [email protected].
