Privacy and confidentiality statement
Absa’s commitment to information privacy and confidentiality
Absa Bank (Mauritius) Limited, (“Absa”) having Registration Number C10068913 and head office at Sir William Newton Street, Port Louis.
- The Bank only collects, processes and shares the Client’s personal data so that the Bank can provide the Client with the service/product that the Client is applying for.
- The Bank will obtain the Client’s consent for any other processing that is not related to this purpose.
- Absa promises to treat all your personal data carefully and responsibly.
- Personal data is any information that lets Absa identify you as a unique individual, such as your name/s and surname combined with your home address, your contact details such as an email address, and a passport or identification number.
- Absa further applies the same level of safety measures to protect the data of a legal entity, such as the trading name of a company combined with the company registration number, as we do for an individual.
- Special categories of personal data includes, inter alia, details pertaining to your race or ethnic origin, religious and philosophical beliefs, political persuasion, trade union membership, health or sex life, biometric information or any criminal behaviour that relates to alleged criminal offences or proceedings.
- Personal data may be given to or collected by Absa in writing as part of a written application form, electronically (email), telephonically, online (www.absabank.mu) or via Absa Banking Apps.
- Processing of personal data includes any initial or subsequent and ongoing processing carried out by Absa for the specific purposes your personal data was collected (set out at paragraph 8 below) and subject to your consent having been obtained. Processing includes collecting, using, altering, merging, linking, organising, disseminating, storing, retrieving, disclosing, erasing, archiving, destroying or disposing of personal data.
9. Absa will only collect and process your personal data for the specific purpose you provided it to us or to enable us to comply with the requirements of applicable laws and regulations.
10. The purposes for which Absa collects and processes your personal data include, but are not limited to:
10.1 Creating a record of you on our system in order to provide you with the products and/or services you have applied for;
10.2 Communicate with and keep you informed about these products and/or services;
10.3 Assessing whether you qualify for credit, or an increase or decrease of your credit limit;
10.4 Identifying you and verifying your physical address, source of income and similar information;
10.5 Assessing your personal financial circumstances and needs before providing services to you;
10.6 Any purpose related to the prevention of financial crime, including sanctions screening,
monitoring of anti-money laundering and any financing of terrorist activities;
10.7 Further processing for historical, statistical or research purposes where the outcomes will not be published in an identifiable format;
10.8 Conducting analytics operations to better understand you as our customer so that we can tailor our product and/or service offerings to you, where relevant and applicable;
10.9 Providing tax-related information to tax authorities;
10.10 For purposes relating to the sale or transfer of any of our businesses, legal entities or assets as part of corporate transactions;
10.11 Where you have applied for employment at Absa, we perform applicant screening and background checks;
10.12 Where you are an Absa employee (including contractors), we create an employment record of you on our system to facilitate continuous monitoring during your employment with us;
10.13 Where you are an Absa director, we create a record of you as a director on our system;
10.14 Where you are a related party (family members of senior officers of Absa), we create a record of you, for reporting as required;
10.15 Where you’ve been identified as a next of kin by an employee or customer, we create a record of you on our system; and
10.16 Where you are a supplier or third party to Absa, we process your personal data for due diligence, risk assessment, administrative and payment purposes.
10.17 Absa may process your personal data to fulfil its regulatory obligations and legitimate interests.
11. Furthermore, Absa will not process your special personal data unless:
11.1 You have consented to Absa processing it for one or more specified purposes, or the processing is necessary for any of the purposes set out under the Data Protection Act 2017, as may be amended from time to time; and
11.2 It is necessary to comply with an international legal obligation of public interest;
11.3 It is for certain historical, research or statistical purposes that would not adversely affect your privacy or confidentiality of your information;
11.4 You have deliberately made your information public; or
11.5 The processing carried out, relates to or is necessary for, as the case may be, any of the purposes set out under the Data Protection Act 2017, as may be amended from time to time.
12. There are some personal data fields that you have to fill in if you want Absa to provide you with your chosen product and/or service or onboard you as an employee, supplier, director or job applicant. This information can be provided in writing, electronically or telephonically, but it must be accurate and complete. These fields are indicated by an asterisk (or as otherwise indicated) on the respective forms/websites. If Absa does not receive the necessary personal data, we will not be able to continue with your application. If you are already a(n) customer/employee/supplier/third party/director and Absa asks you for this information and you do not provide it, Absa will have to suspend the provision of the product, arrangements and/or services for a period of time, or as the case may be, even terminate our relationship with you.
13. In most cases, personal data will be collected directly from you, but there may be other instances when Absa will collect personal data from other sources. These may include public records, places where you may already have made your personal information public (for example, on social media), credit bureaus, or individuals/directors whom you have appointed as your representative, where you are a corporate entity. Absa will only collect your personal data from other sources where we are legally entitled or obliged to do so, or you have provided us with your consent. You are entitled to ask Absa to disclose which sources they used to collect your personal data.
14. For the purposes outlined in paragraph 8 (above), Absa will, in most instances, collect and process your personal data internally. However, there are times when Absa needs to outsource these functions to third parties, either within Absa or external to Absa, including parties in other countries.
15. Where your personal data is shared internally within Absa, such sharing will be carried out only for the purposes outlined in paragraph 8 (above). Absa may also need to share your personal data with external organisations, such as credit bureaus, tax authorities or other regulatory or industry bodies, so that we can meet our due diligence or regulatory requirements. We may need to share your personal data with our business partners or counter-parties, where we are involved in corporate transactions relating to the sale or transfer of any of our businesses, legal entities or assets. Absa will not share your personal data with third parties who do not need it, or where Absa is not legally permitted to do so. When Absa decides to transfer your personal data to third parties or other countries, we will only provide it to organisations that have similar privacy and information confidentiality policies as Absa or those who are subject to laws relating to the processing of personal data that are similar to those that apply to Absa.
16. There may be instances where Absa will process your personal data through a secure automated tool, or perform profiling resulting in a decision that may affect you significantly (for example, the automatic non-approval of a personal loan that you may have applied for through any of our online channels, or the automatic non-approval of an application for employment, or engagement as a supplier). If you are unhappy about the outcome of such a decision or would like further information on how such outcome was reached, please contact:
16.1 your Local Customer Service centre (for customers);
16.2 your resourcing consultant (for job applicants);
16.3 your people business partner (for employees);
16.4 your supplier/third party relationship manager (for suppliers and third parties); or
16.5 Absa’s Secretariat office (for directors of Absa Mauritius).
17. As a customer of Absa, we may use your personal information to tell you about products or services we think you might be interested in. We may also offer a personal loan to you if you’ve shown an interest in the market in a personal loan product. To do this, we may contact you via SMS, email, telephone, or post. Should you not wish to receive direct marketing communication from us, you can immediately update your preferences via our website, banking app, by getting in touch with our contact center or with a service representative at any of our branches.
18. As a non-customer, if you would like to receive marketing information from Absa, please submit your details to Absa in writing.
19. To the extent that the local Data Protection Act (DPA) or the European General Data Protection Regulation (GDPR) (for residents of the European Union or United Kingdom as may be applicable) permit, you have the following rights regarding your personal data:
19.1 The right to access your personal data that we have on record.
19.2 You have the right to ask Absa to correct any of your personal data that is incorrect. These requests must be sent to us in writing using this form.
19.3 You can ask Absa to delete or destroy your personal data. You can also object to Absa processing your personal data. These requests must be sent to Absa in writing using this form. However, the result of such a request may be that Absa is required to suspend the provision of products and/or services for a period of time, or even terminate our relationship with you. Absa’s records are subject to regulatory retention periods, which means that Absa may not be able to delete or destroy your personal data immediately upon request.
19.4 You may also request Absa in writing, to port your personal data to another party in terms of applicable laws. These requests must be sent to us in writing using this form.
20. If you have a complaint relating to the protection of your personal data, including the way in which it has been collected or processed by Absa, please contact us using the local contact details as listed below. If you have not had your complaint dealt with satisfactorily, you may lodge a complaint with the Data Protection Office at http://dataprotection.govmu.org in terms of applicable privacy and confidentiality laws.
Absa reserves the right to change this statement at any time. All changes to this statement will be posted on the website. Unless otherwise stated, the current version shall supersede and replace all previous versions of this statement.
You may contact our Data Privacy Officer, Audie Dauguenette, for any query regarding the above.
Telephone: + 230 4041124
Absa Bank (Mauritius) Limited, 5th Floor, Absa House, 68 Wallstreet, Cybercity, Ebene 72201