Terms & Privacy Policy

PRIVACY POLICY | UPDATED: JANURARY 14, 2026.

1.0 Privacy Policy

Sterling Bank values and respects the privacy of the people we deal with. Sterling Bank is committed to protecting your privacy and complying with the Nigeria Data Protection Act (2023) and other applicable data privacy laws and regulations.

This Privacy Policy (“Policy”) describes how we collect, hold, use and disclose your personal information, and how we maintain the quality and security of your personal information. Throughout this document, “Sterling”, “Bank”, “we”, “us”, “our” and/or “ours” refer to Sterling Bank Limited incorporated under the laws of the Federal Republic of Nigeria with its registered office at 20 Marina, Lagos. The reference to ‘you’ or ‘your’, means you, any authorized person on your account, anyone who conducts your banking services for you or other related people (including authorised signatories, partners or any authorised third party).

2.0 Data Collection

2.1 The information we collect about you

We collect several different types of information for various purposes to provide and improve our services to you. We may also collect your information at events hosted or organized by or for the bank, regardless of whether such an event is a physical or virtual one. The Personal Data we collect, fall into various categories, such as:

2.1.1 Personal Data

While using our services, providing services or seeking employment with the Bank, we may ask you to provide us with certain personal data that can be used to contact or identify you (“Personal Data”). Personal data may include, but is not limited to:

2.1.1.1 Identification Data

We collect information that can uniquely identify you or verify your identity. This includes, but is not limited to: your first, middle, and last name; date of birth; gender; nationality; biometric identifiers (where applicable); government-issued identification numbers such as National Identification Number (NIN), Bank Verification Number (BVN), international passport number, driver’s licence number, and other similar identifiers; as well as identification documents or photographs used for verification or authentication purposes.

2.1.1.2 Contact Details

We collect information that enables us to contact you or communicate with you regarding our services. This includes your residential or mailing address, email address, phone numbers, and any other similar contact information you provide during account creation, onboarding, service usage, or customer support interactions.

2.1.1.1 Employment-Related Data

We collect information relating to your professional background, role, and suitability where required for recruitment process, service provision, due diligence, vendor management, or regulatory compliance. This includes your job title or position, employer details, work history, professional qualifications, certifications, references, and other employment-related information relevant to our business relationship or engagement processes.

2.1.2 Financial Information

We collect and process financial data necessary to provide our services, meet regulatory requirements, and facilitate transactions. This includes your bank account details, transaction history, card information (such as card number, expiry date, and security codes), tax-related information, credit or loan information, and any other financial details you provide during onboarding, service usage, or account maintenance.

Where card-related information is processed, all payment data is handled in accordance with applicable security standards, including the Payment Card Industry Data Security Standard (PCI DSS). You are responsible for maintaining the confidentiality of your card and authentication credentials (such as PINs or access codes) and ensuring they are not shared with unauthorized persons.

2.1.3 Sensitive Personal Data

We may process certain categories of sensitive personal data about you where necessary and permitted by applicable law. This may include, without limitation, health information, biometric data used for unique identification (such as fingerprints, facial recognition data, or voice recordings), criminal conviction information, as well as data relating to your racial or ethnic origin, political opinions, religious or philosophical beliefs, or sexual orientation.

We only collect or use sensitive personal data when it is essential for delivering our products or services to you, when required for reasons of substantial public interest, to comply with a legal obligation, or where we have obtained your explicit consent.

2.1.4 Access Credentials

When you subscribe to any of our products, particularly our e-channel products (Online/Mobile Banking, Instant Banking), you may be required to provide a User ID, a password, details from a token response device, password hints, and similar security information used for authentication and account access. You may also be required to use biometric identification to access your account and authenticate transactions. While this information is required to ensure that you carry out transactions securely, appropriate security measures have been implemented to protect this data, including encryption and storage in a secured environment if required.

2.1.5 Usage Data

We may also collect information that your browser sends whenever you access our online services or when you access the services by or through a mobile device (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data. When you access services on or through a mobile device, this Usage Data may include the following:

2.1.5.1 Geo-Location information: We may request access to or permission to track location-based information from your mobile device, either continuously or while you are using our mobile application, to provide location-based services. If you wish to change our access or permissions, you may do so in your device’s settings.

2.1.6 Mobile Device Access: We may request access or permission to certain features on your mobile device, including your mobile device’s camera, calendar, Bluetooth, contacts, storage, and other features. If you wish to change our access or permissions, you may do so in your device’s settings.

2.1.7 Mobile Device Data: We may automatically collect device information (such as your mobile device ID, model, and Manufacturer), operating system, version information, IP address, and diagnostic data.

2.1.8 Use of Analytics to Collect, Monitor, and Analyse Data: We may use third-party Service Providers to monitor and analyse the use of our Service. We may also collect information about your marketing preferences to provide you with information about relevant services, products, and offers that we think may be of interest to you.
Google Analytics: Google Analytics is a web analytics service offered by Google that tracks and reports website and mobile app traffics and events, currently as a platform inside the Google Marketing Platform brand. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads on its own advertising network. For more information on the privacy policies of Google, please visit the Google Privacy and Terms web page located at https://policies.google.com/privacy?hl=en.

2.1.9 Tracking and Cookies Data: We use cookies and similar tracking technologies to track the activity on our Services and hold certain information. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. You can also refuse permissions to read your phone data by the mobile application. However, if you do not accept cookies on your browser or allow permissions on your mobile device, our online service experience to you may be degraded and you may not be able to use some portions of our Service. We may also collect information about your internet browser settings and Internet Protocol (IP) address and other relevant information to help us identify your geographic location when providing you with our services.

Examples of Cookies we use:

Session Cookies: We use Session Cookies to operate our Service. Session cookies will expire at the end of your browser session and allow us to link your actions during that browser session.
Preference Cookies: We use Preference Cookies to remember your preferences and actions, across multiple sites.
Security Cookies: We use Security Cookies for security purposes.
Third-party cookies: These cookies are placed by third-party websites that we use for website functionality and analytics. We have no control over these cookies.
You can learn more about how we use cookies in our Cookie Policy (https://sterling.ng/cookie-policy/)

2.1.10 Information from social networks or online accounts: This includes Information from any social media profiles or any accounts that you share with us.

2.1.11 Information which you have consented to us using and other personal information: Other personal data which we collect includes image recordings this could include CCTV images of you at our bank branches, offices and ATMs but only for surveillance, monitoring and auditing purposes, to help forestall crime.

3.0 Purposes of Processing

We collect and process your personal data through secure systems for the following lawful and legitimate purposes:

3.1 Provision of Banking and Financial Services

    • To create, verify, and manage customer accounts, agent profiles, and service enrolments.
    • To process transactions, payments, transfers, card issuance, and other financial operations.
    • To authenticate users through passwords, PINs, tokens, or biometrics, and to maintain secure access to our e-channel platforms (Mobile/Online Banking, USSD, etc.).

3.2 Customer Support and Relationship Management

    • To communicate with you regarding your accounts, enquiries, requests, complaints, product updates, or service notifications.
    • To provide technical support, resolve disputes, and enhance the overall customer experience.

3.3 Security, Fraud Prevention, and Risk Management

    • To verify identities, prevent impersonation, and authenticate transactions.
    • To detect, investigate, and prevent fraud, money-laundering, financial crime, unauthorized access, or misuse of our services.
    • To maintain logs, monitor usage patterns, and ensure the security and integrity of our systems, networks, ATMs, and digital channels.

3.4 Legal, Regulatory, and Compliance Obligations

    • To comply with the Nigeria Data Protection Act (NDPA 2023), CBN regulations, Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) requirements, Know-Your-Customer (KYC) rules, tax obligations, and other applicable laws.
    • To report to regulatory bodies and fulfil any lawful request by government or oversight agencies.
    • To maintain required audit trails and statutory records.

3.5 Employment, Recruitment, and Vendor/Third-Party Management

    • To assess job applications, verify credentials, and conduct pre-employment checks.
    • To manage staff access rights, monitor system usage, and ensure workplace and information security.
    • To conduct due diligence on vendors, partners, and agents, including suitability assessments and ongoing compliance monitoring.

3.6 Service Improvement and Business Operations

    • To analyse service performance and improve our products, digital platforms, and internal processes.
    • To conduct data analytics, quality assurance, customer experience studies, and performance monitoring.
    • To operate, maintain, and enhance our online services, mobile applications, and customer-facing platforms.

3.7 Marketing, Communications, and Personalisation

    • To send relevant product or service information, promotions, or updates based on your preferences, where you have consented or where permitted by law.
    • To analyse marketing interactions to improve the relevance of the content we share.

3.8 Protection of Individuals, Assets, and the Bank’s Interests

    • To safeguard the vital interests of customers, employees, or the public, including during emergencies.
    • To protect the Bank’s facilities, assets, staff, and customers through CCTV surveillance and monitoring systems.
    • To protect the Bank’s rights, integrity, reputation, and financial stability.

3.9 Other Legitimate and Lawful Purposes

    • Any additional purpose that is compatible with the original reason for collection, permitted under applicable laws, and consistent with this Privacy Notice.

4.0 Lawful Bases for Processing

We process personal data based on one or more of the following lawful bases as provided under the Nigeria Data Protection Act (NDPA) 2023:

4.1 Consent

Where required by law, we obtain your consent before processing your personal data. This applies to situations such as certain marketing communications, optional service features, and specific uses of sensitive personal data where explicit consent is required. You may withdraw your consent at any time, subject to legal or contractual restrictions.

4.2 Performance of a Contract or Pre-Contractual Processes

We process personal data where it is necessary to enter into or perform a contract, or to take steps at your request before entering into one. This includes processing required to:

    • Open and maintain accounts and deliver banking services
    • Assess and onboard customers, employees, contractors, and vendors
    • Manage employment, service, or partnership relationships
    • Provide access to systems, platforms, and digital channels
    • Respond to service requests and fulfil operational or administrative obligations

4.3 Compliance with Legal and Regulatory Obligations

As a regulated financial institution, we process personal data to comply with obligations under applicable laws, regulations, and supervisory requirements. These include KYC, AML/CFT requirements, tax obligations, regulatory reporting, identity verification mandates, and obligations from the CBN or other competent authorities.

4.4 Protection of Vital Interests

We may process personal data where necessary to protect your vital interests or those of another individual—for example, in emergency situations, fraud prevention scenarios, or matters involving personal or public safety.

4.5 Legitimate Interests

We process personal data where it is necessary for the Bank’s legitimate business interests and where such interests do not override your rights and freedoms. These include:

    • Securing our platforms and preventing fraud or misuse
    • Improving our services and customer experience
    • Protecting our infrastructure, staff, and customers
    • Managing our relationship with customers, employees, agents, and vendors
    • Conducting internal governance, audits, and risk management activities

4.6 Public Interest or Exercise of Official Authority

In certain circumstances, we process personal data in the public interest or in the exercise of official authority, particularly where required for regulatory oversight, financial system stability, anti-fraud initiatives, or national security-related obligations placed on financial institutions.

5.0 How we use your personal Information

To the extent permissible under applicable law, we may use your information for the following legitimate actions:

  • Determine your eligibility for our products and services.
  • Verify your identity when you access your account information.
  • Administer your accounts or other products and services that we or our partners/affiliates may provide to you.
  • Respond to your requests and communicate with you.
  • For understanding your financial needs
  • Prevention of crime, fraud, money laundering or terrorism financing activities
  • Managing our risks
  • Reviewing credit or loan eligibility.
  • For marketing the products and services of the Bank, related entities and affiliates. We may send you marketing and promotional messages by post, email, telephone, text, secure messaging, Mobile app, or through our social media channels. You can change your mind on how you wish to receive marketing messages from us or opt out of receiving such messages at anytime. However, we will continue to use your contact details to send you important information regarding your dealings with us.
  • Process transactions, design products and profile customers
  • Notify you about changes to our Services.
  • Allow you to participate in interactive features of our Services when you choose to do so.
  • Provide customer care and support and for internal operations, including troubleshooting, data analysis, testing, security, fraud-detection, and account management.
  • Process your information for audit, statistical or research purposes in order to help us understand trends in our customer behaviour and to understand our risks better and curate products and services that are suitable to our customers’ needs.
  • Monitor our conversation with you when we speak on the telephone (for example, to check your instructions to us, to analyse, to assess and improve customer service; for training and quality assurance purposes; for verification, fraud analysis and prevention purposes
  • Recover any debts that you may owe the Bank.
  • Carry out analysis to evaluate and improve our business.
  • Monitor the usage of our Services.
  • Detect, prevent and address technical issues.
  • Prevent fraud and enhance security of your account or our service platform.
  • Comply with and enforcing applicable legal and regulatory requirements, relevant industry standards, contractual obligations and our policies.
  • Provide you with tailored content and marketing messages such as recommending other products or services we believe you may be interested in
  • For other purposes required by law or regulation

6.0 How do we share your information?

We may share or disclose your personal data only as permitted by law, for legitimate business purposes, or where necessary to provide our services. All third parties we share data with are required to comply with appropriate confidentiality, data protection, and security obligations.

6.1 Internal Sharing

We may share your data within the Bank, including its branches and subsidiaries, to enable service delivery, compliance activities, risk management, and operational support.

6.2 Government Ministries, Departments, Agencies & Regulators

We may disclose your personal data to government authorities, supervisory bodies, and regulators where required for:

    • Compliance with NDPA 2023, GAID 2025 and other laws
    • Reporting obligations
    • Investigations, audits, or lawful requests
    • Matters involving national security, public interest, or law enforcement

6.3 Authorized Service Providers and Data Processors

We share data with carefully selected third parties who process information on our behalf. These include:

    • Technology and cloud service providers
    • Card processors, switching companies, acquirers, and payment partners
    • Customer support providers
    • Business continuity and infrastructure providers
    • Outsourced operational or administrative partners

These parties are strictly required to protect your data in line with contractual and legal requirements.

6.4 Professional Advisers and External Auditors

We may disclose data to external auditors, legal advisers, tax consultants, and other professionals who assist us in meeting legal, regulatory, and governance obligations.

6.5 Financial Partners

Where necessary for financial transactions or credit-related activities, your data may be shared with:

    • Credit bureaus and credit reference agencies
    • Correspondent banks
    • Guarantors (for credit facilities)
    • Partners involved in issuing or processing card transactions

6.6 Third-Party Partners

We may share personal data with approved partners who provide contractual, statutory, or employment-related services such as insurance providers, benefits administrators, or due-diligence partners. We do not share data with third parties for their own marketing purposes.

6.7 Law Enforcement, Courts and Public Authorities

We may disclose your information to law enforcement agencies, courts, or public authorities where required by law or where such disclosure is necessary to protect rights, prevent fraud, or investigate wrongdoing.

6.8 Protection of Vital Interests and Safety

Data may be shared with emergency services or relevant authorities when necessary to protect your life, safety, or the vital interests of others.

6.9 Mergers, Acquisitions or Corporate Restructuring

If the Bank undergoes a merger, acquisition, reorganisation, or asset transfer, your personal data may be shared with relevant parties, provided appropriate safeguards are in place.

6.10 Joint Account Holders

For joint accounts, information may be shared among account holders. We may rely on the authority of one joint holder as consent on behalf of the other(s), including for third-party payment services.

6.11 Cross-Border Transfers

Where data must be transferred outside Nigeria—for example, for cloud hosting, payment processing, or technology support—we ensure that such transfers comply with NDPC requirements, including:

    • Adequacy decisions
    • Legally binding agreements
    • Contractual safeguards
    • Other lawful mechanisms

We take all steps reasonably necessary to ensure your data remains secure and protected.

6.12 Your Consent

Where required by law, or where no other lawful basis applies, we will seek your consent before sharing your personal data. You may withdraw your consent at any time, subject to contractual or legal limitations.

7.0 How we secure your Information

We have implemented appropriate organisational and technical measures to keep your Personal Information/Data confidential and secure. This includes the use of encryption, access controls and other forms of security to ensure that your data is protected. We require all parties including our staff and third-parties processing data on our behalf to comply with relevant policies and guidelines. Where you have a password which grants you access to specific areas on our site or to any of our services, you are responsible for keeping this password confidential. We request that you do not share your password or other authentication details (e.g., token generated codes) with anyone.

Although we have taken measures to secure and keep your information confidential, because the security of your data is important to us, please be aware that no method of transmission over the Internet, or method of electronic storage can guarantee 100% security at all times. While we strive to use reasonable means to protect your Personal Data, we cannot guarantee its absolute security, you are responsible for securing and maintaining the privacy of your password and Account/profile registration information and verifying that the Personal Data we maintain about you is valid, accurate and up to date. If we receive instructions using your account login information, we will consider that you have authorised the instructions and process your instruction accordingly and without incurring any liability for doing so.

8.0 How long we keep your information

We retain your Information for as long as the purpose for which the information was collected continues. The information is then securely destroyed unless its retention is required to satisfy legal, regulatory, internal compliance or accounting requirements or to protect the Bank’s interest.
Please note that regulations may require Sterling Bank to retain your personal data for a period longer than specified even after the end of your banking relationship with us.

9.0 Information from locations outside Nigeria

If you are located outside Nigeria and choose to provide information to us, please note that the data, including Personal Data, will be processed in Nigeria. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

10.0 Accuracy and update of your Information

You are responsible for making sure the information provided to the Bank is accurate and should inform the Bank on any changes as it occurs, this will enable us to update your information with us.

Any changes will affect only future uses of your Personal Information. Subject to applicable law, which might, from time to time, oblige us to store your Personal Information for a certain period of time, we will respect your wishes to correct inaccurate information. Otherwise, we will hold your Personal Information for as long as we believe it will help us achieve our objectives as detailed in this Privacy Policy.

11.0 Your Rights

You have certain rights in relation to the personal data we collect as provided by the enacted Nigeria Data Protection Act (NDPA 2023) of Nigeria, these rights include:

  • A right to confirmation and access – to know whether we process your personal data and to request access to that information.
  • A right to rectification or update – to correct or update any inaccurate or incomplete personal data in our possession.
  • A right to erasure (“right to be forgotten”) – to request the deletion of your personal data where it is no longer necessary or has no lawful basis for retention. We may, however, continue to retain certain data where there are valid legal, regulatory, or operational reasons.
  • A right to restrict processing – to request that we temporarily suspend the processing of your personal data while a request or objection is being resolved.
  • A right to object to processing – to object to certain types of processing, including direct marketing, except where processing is required by law or for legitimate operational purposes.
  • A right to data portability – to request that your personal data be provided to you in a commonly used electronic format or transferred to another party where technically feasible.
  • A right to withdraw consent – to withdraw your consent to processing. This will not affect the legality of processing carried out before the withdrawal.
  • A right to be informed of data sources – to know the origin of your data where it was not provided directly by you.
  • A right against automated decision-making – to be informed of, and object to, decisions made solely by automated means that significantly affect you.
  • A right to lodge a complaint – to make an official complaint to the Nigeria Data Protection Commission (NDPC) if you believe your data protection rights have been violated.

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note, however, that this will not affect the lawfulness of the processing before its withdrawal.

These rights are however subject certain limitations as provided under the Nigeria Data Protection Act 2023.

12.0 Privacy of minors

We do not knowingly collect names, email addresses, or any other personally identifiable information from children through the internet or any other touch points. We do not allow children under the age of 18 to open accounts nor provide online banking services for children less than 18 years of age without the consent of a guardian. If you are a parent or guardian and you are aware that your child has provided us with Personal Data without verification of parental consent, please promptly contact us.

13.0 Social Media Platforms

We operate and communicate through our designated pages and accounts on some social media platforms to communicate and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our Services. The general public can access and read any information posted on these sites. Please note that any content you post to such social media platforms is subject to the applicable social media platform’s terms of use and privacy policies. We recommend that you review the information carefully in order to better understand your rights and obligations regarding such content.

Our Services may allow you to connect and share your actions, comments, content, and information publicly or with friends. We are not responsible for maintaining the confidentiality of any information you share publicly or with friends.

Our Services may also allow you to connect with us on, share on, and use third-party websites, applications, and services. Please be mindful of your personal privacy needs and the privacy needs of others, as you choose whom to connect with and what to share and make public. We cannot control the privacy or security of information you choose to make public or share with others. We also do not control the privacy practices of third parties. Please contact those sites and services directly if you want to learn about their privacy practices.

14.0 Career Platforms

As part of our recruitment process and as an applicant, you explicitly consent to the collection, use, transfer, and storage or in any other form of your personal data contained in application forms/letters, curriculum vitae (CV)/resumes obtained from your identity document(s) or collected through interviews/other forms assessment by the Bank or its affiliates. This information is for the exclusive purpose of assessing and evaluating applicants’ suitability for employment in any current or prospective position within our organisation, verifying applicants’ identity and the accuracy of your details provided to us or for other related purposes. We shall, in line with our internal policies, controls and relevant Data Protection Regulations ensure that this data is not disclosed or assessed by unauthorised persons. By providing any information on the Bank’s career page, you confirm that you have read the terms and privacy statement and accept it. As an applicant, you consent to the Bank using the data provided in accordance with terms described above.

15.0 Third Party Websites

Our website, related websites and mobile applications may have links to or from other websites that are not operated by us. We have no control over and assume no responsibility for the security, privacy practices or content of third-party websites or services. We recommend that you always read the privacy and security statements on these websites.

16.0 Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform specific Service-related roles or to assist us in analysing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose outside of the service-specific need for which the data is required.

17.0 Changes to this Policy

This Privacy Policy is effective as of the date stated above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on our website.

Based on the changing nature of privacy laws, user needs and our business, we may modify this Privacy Policy from time to time. Any change to our privacy policy will be communicated on our website, via email or by placing a notice on our Platform and this will be effective as soon as published. Accordingly, we encourage periodic reviews of this Privacy Policy for awareness of any changes that may have occurred. Your continued use of the Services after we post any modifications to the Privacy Policy on our website will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

18.0 Contact Us

If you have any questions, comments or requests in relation to this Privacy Policy or objections, complaints or requirements in relation to the use of your personal data, please contact us by sending an email to [email protected] or 08027170203 or write a letter addressed as follows:

The Data Protection Officer
Sterling Bank Limited
20 Marina, Lagos.

PRIVACY POLICY | UPDATED: APRIL 23, 2025.

Sterling Bank values and respects the privacy of the people we deal with. Sterling Bank is committed to protecting your privacy and complying with the Data Protection Act (2023) of Nigeria and other applicable data privacy laws and regulations.

This Privacy Policy (“Policy”) describes how we collect, hold, use and disclose your personal information, and how we maintain the quality and security of your personal information. Throughout this document, “Sterling”, “Bank”, “we”, “us”, “our” and/or “ours” refer to Sterling Bank Ltd incorporated under the laws of the Federal Republic of Nigeria with its registered office at Sterling Towers, 20 Marina, Lagos. The reference to ‘you’ or ‘your’, means you, any authorised person on your account, anyone who conducts your banking services for you or other related people (including authorised signatories, partners or any authorised third party).

The information we collect about you

We collect several different types of information for various purposes to provide and improve our services to you.

We may also collect your information at events hosted or organised by or for the bank, regardless of whether such an event is a physical or virtual one. The Personal Data we collect, fall into various categories, such as:

  • Personal Data: While using our services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally, identifiable information may include, but is not limited to Name and Contact Data: We collect your first, middle and last name, email address, bank verification number, postal address, phone number, signature, date of birth, an identification document such as a copy of driver’s license, international passport, national identity card, Bank Verification Number (BVN), and other similar contact data.
  • Payment Data: If you subscribe to our ATM card products, we will issue you ATM cards with unique numbers called Personal Access Number (PAN), Personal Identity Number (PIN), and Card Verification Number. You are required to keep your card and these security numbers from being accessed by another person. For certain payment cards, a default PIN may be provided by us. In such circumstances, you are required to change the default PIN to a new PIN to enable activation and/or use of the card. When you carry out transactions or enrolment related to card services or online services, these card security numbers or any of them may be required for authentication. We collect the data necessary to process your payment if you make payments or transfers, such as your card number and the security code associated with your payment card. All payment data is processed, transmitted, and stored securely in line with PCI DSS requirements.
  • Sensitive Data: We may hold information about you which includes without limitation health, criminal conviction information or biometric information used to uniquely identify you, (for example your fingerprint, facial recognition or voice recording). We will only hold this data when we need to for the purposes of the product or services we provide to you, where we are required to process the data for a public interest purpose, or where we have a legal obligation or your consent to do so.
  • Credentials: when you subscribe to any of our products, particularly our e-channel products (Online/Mobile Banking, Instant Banking, Mvisa), you may be required to provide a User ID, a password, details from a token response device, password hints, and similar security information used for authentication and account access. You may also be required to use biometric identification to access your account and authenticate transactions. While this information is required to ensure that you carry out transactions securely, appropriate security measures have been implemented to protect this data, including encryption and storage in a secured environment if required.
  • Usage Data: We may also collect information that your browser sends whenever you access our online services or when you access the services by or through a mobile device (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data. When you access services on or through a mobile device, this Usage Data may include:
    • Geo-Location information: We may request access to or permission to track location-based information from your mobile device, either continuously or while you are using our mobile application, to provide location-based services. If you wish to change our access or permissions, you may do so in your device’s settings.
  • Mobile Device Access: We may request access or permission to certain features on your mobile device, including your mobile device’s camera, calendar, Bluetooth, contacts, storage, and other features. If you wish to change our access or permissions, you may do so in your device’s settings.
  • Mobile Device Data: We may automatically collect device information (such as your mobile device ID, model, and Manufacturer), operating system, version information, IP address, and diagnostic data.
  • Use of Analytics to Collect, Monitor, and Analyse Data.
    We may use third-party Service Providers to monitor and analyse the use of our Service. We may also collect information about your marketing preferences to provide you with information about relevant services, products, and offers that we think may be of interest to you.
  • Google Analytics
    Google Analytics is a web analytics service offered by Google that tracks and reports website and mobile app traffics and events, currently as a platform inside the Google Marketing Platform brand. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads on its own advertising network. For more information on the privacy policies of Google, please visit the Google Privacy and Terms web page located at https://policies.google.com/privacy?hl=en.
  • Tracking and Cookies Data
    We use cookies and similar tracking technologies to track the activity on our Services and hold certain information. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. You can also refuse permissions to read your phone data by the mobile application. However, if you do not accept cookies on your browser or allow permissions on your mobile device, our online service experience to you may be degraded and you may not be able to use some portions of our Service. We may also collect information about your internet browser settings and Internet Protocol (IP) address and other relevant information to help us identify your geographic location when providing you with our services.
    • Examples of Cookies we use:
      • Session Cookies: We use Session Cookies to operate our Service. Session cookies will expire at the end of your browser session and allow us to link your actions during that browser session.
      • Preference Cookies: We use Preference Cookies to remember your preferences and actions, across multiple sites.
      • Security Cookies: We use Security Cookies for security purposes.
      • Third-party cookies: These cookies are placed by third-party websites that we use for website functionality and analytics. We have no control over these cookies.
    • You can learn more about how we use cookies in our Cookie Policy (https://sterling.ng/cookie-policy/)
  • Information from social networks or online accounts: This includes Information from any social media profiles or any accounts that you share with us.
  • Information which you have consented to us using and other personal information: Other personal data which we collect includes image recordings this could include CCTV images of you at our bank branches, offices and ATMs but only for surveillance, monitoring and auditing purposes, to help forestall crime.

How we use your personal Information

To the extent permissible under applicable law, we may use your information for the following legitimate actions:

  • Determine your eligibility for our products and services.
  • Verify your identity when you access your account information.
  • Administer your accounts or other products and services that we or our partners/affiliates may provide to you.
  • Respond to your requests and communicate with you.
  • For understanding your financial needs
  • Prevention of crime, fraud, money laundering or terrorism financing activities
  • Managing our risks
  • Reviewing credit or loan eligibility.
  • For marketing the products and services of Sterling, related entities and affiliates. We may send you marketing and promotional messages by post, email, telephone, text, secure messaging, Mobile app, or through our social media channels. You can change your mind on how you wish to receive marketing messages from us, or opt out of receiving such messages at anytime. However, we will continue to use your contact details to send you important information regarding your dealings with us.
  • Process transactions, design products and profile customers
  • Notify you about changes to our Services.
  • Allow you to participate in interactive features of our Services when you choose to do so.
  • Provide customer care and support and for internal operations, including troubleshooting, data analysis, testing, security, fraud-detection, and account management.
  • Process your information for audit, statistical or research purposes in order to help us understand trends in our customer behaviour and to understand our risks better and curate products and services that are suitable to our customers’ needs.
  • Monitor our conversation with you when we speak on the telephone (for example, to check your instructions to us, to analyse, to assess and improve customer service; for training and quality assurance purposes; for verification, fraud analysis and prevention purposes
  • Recover any debts that you may owe the Bank.
  • Carry out analysis to evaluate and improve our business.
  • Monitor the usage of our Services
  • Detect, prevent and address technical issues.
  • Prevent fraud and enhance security of your account or our service platform.
  • Comply with and enforcing applicable legal and regulatory requirements, relevant industry standards, contractual obligations and our policies.
  • Provide you with tailored content and marketing messages such as recommending other products or services we believe you may be interested in
  • For other purposes required by law or regulation

How do we share your information?

We may share the information about you and your dealings with us, to the extent permitted by law, with the following:

  • Sterling Branches and related entities
  • Legal/Regulatory Authorities – It may be necessary by law, legal process, litigation, and/or requests from public and governmental authorities for Sterling to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
  • Professional Advisers: Auditors/Legal Advisers
  • Credit Agencies.
  • Correspondent Banks.
  • External Auditors.
  • Strategic partners/service providers – for the purpose of providing our services to you. Your Personal information will not be shared with third parties for their marketing purposes.

We may also disclose your Personal Information in good faith and belief that such action is necessary in any of the following circumstances:

  • We have your consent to share the information.
  • To comply with a legal obligation.
  • To bring you improved service across our array of products and services, when permissible under relevant laws and regulations, by disclosing your personal information with Sterling Bank’s affiliated websites and businesses.
  • To protect and defend the rights or property of the Bank.
  • To prevent or investigate possible wrongdoing in connection with our Service.
  • To protect the personal safety of users of our Service or the public.
  • To protect against legal liability.
  • in the event of a reorganisation, merger, or sale we may transfer any and all personal information we collect to the relevant third party or
  • We find that your actions on our web sites or banking applications violate any part of our Privacy Policy.
Joint Account Holders

When you open or use a joint account, your Personal Data will be shared with the other Account Holder. For instance, the joint account holder will be able to see transactions made by you. We may act on the authority of one joint Account Holder to share or allow a third-party access to your account information for the provision of payment services, including transaction details. In this regard, we will treat the authority of one Account Holder as authorization on behalf of the other Account Holder.

Guarantors

We may share your information with any person or entity which guarantees your credit obligations to us as part of security requirement for a credit scheme or facility advanced to you.

Transfer of Data

These days, both the world and the delivery of banking services are interconnected. For instance, there could be many counterparties involved for a card transaction to be successfully completed. These include the card personalization companies, the switching companies, processors, acquirers, merchants, and the card schemes. Certain personal data will traverse these parties in the normal course of carrying out transactions.
Save as related to the provision of banking services and meeting legal, regulatory, contractual, and other uses tangential or incidental to these, Sterling will not share your personal data with a third party.

Where it becomes necessary to do so, adequate security measures will be taken to protect the data from access by recipients other than those for which it is intended. All data we collect will reside in Sterling’s computer systems in Nigeria. Where cloud services are used, adequate governance measures that apply to such cloud services will be complied with.

Sterling will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

How we secure your Information

We have implemented appropriate organizational and technical measures to keep your Personal Information/Data confidential and secure. This includes the use of encryption, access controls and other forms of security to ensure that your data is protected. We require all parties including our staff and third-parties processing data on our behalf to comply with relevant policies and guidelines. Where you have a password which grants you access to specific areas on our site or to any of our services, you are responsible for keeping this password confidential. We request that you do not share your password or other authentication details (e.g., token generated codes) with anyone.

Although we have taken measures to secure and keep your information confidential, because the security of your data is important to us, please be aware that no method of transmission over the Internet, or method of electronic storage can guarantee 100% security at all times. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security, you are responsible for securing and maintaining the privacy of your password and Account/profile registration information and verifying that the Personal Data we maintain about you is valid, accurate and up to date. If we receive instructions using your account login information, we will consider that you have authorised the instructions and process your instruction accordingly and without incurring any liability for doing so.

How long we keep your information

We retain your Information for as long as the purpose for which the information was collected continues. The information is then securely destroyed unless its retention is required to satisfy legal, regulatory, internal compliance or accounting requirements or to protect Sterling’s interest.
Please note that regulations may require Sterling to retain your personal data for a specified period even after the end of your banking relationship with us.

Information from locations outside Nigeria

If you are located outside Nigeria and choose to provide information to us, please note that the data, including Personal Data, will be processed in Nigeria. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Accuracy and update of your Information

You are responsible for making sure the information provided to the Bank is accurate and should inform the Bank on any changes as it occurs, this will enable us to update your information with us.

Any changes will affect only future uses of your Personal Information. Subject to applicable law, which might, from time to time, oblige us to store your Personal Information for a certain period of time, we will respect your wishes to correct inaccurate information. Otherwise, we will hold your Personal Information for as long as we believe it will help us achieve our objectives as detailed in this Privacy Policy.

Your Rights

You have certain rights in relation to the personal data we collect as provided by the enacted Data Protection Act (DPA 2023) of Nigeria, these rights include:

  • A right to access your personal data.
  • A right to rectify/update your information in our possession.
  • A right to request the erasure of personal data.
  • A right to withdraw your consent to processing of personal data. This will however not affect the legality of processing carried out prior to any such withdrawal.
  • Right to object to processing of personal data. This will only be applicable where there are no legal or operational reasons.
  • Request that your personal data be made available to you in a common electronic format and/or request that such data be sent to a third party.
  • Request that your information be erased. We might continue to retain such data if there are valid legal, regulatory or operational reasons.
  • Right to opt-out of marketing communications.
  • A right to make an official complaint to the Nigeria Data Protection Commission (NDPC)

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note, however, that this will not affect the lawfulness of the processing before its withdrawal.

These rights are however subject to certain limitations as provided under the Nigeria Data Protection Act 2023.

Privacy of minors

The Bank has a children’s account called the I-Can-Save Kiddies account and may provide other children’s account types from time to time. These accounts are opened and run by a child’s parent or guardian until the child reaches the age of majority. All personal information pertaining to such account is provided by the guardian. A parent or guardian should therefore read this policy thoroughly to understand how the data provided is handled.

Students of tertiary institutions with valid identification, an admission letter to a tertiary institution, and passport photographs can open the TrybeOne (Campus Hype Account). Such customers’ personal data will be processed as adult’s data as long as the individual is above the age of thirteen (13), as contained in the Nigeria Data Protection Act 2023.

Sterling Bank information meant for public use Other than as related to the operation of the aforementioned children’s account and student’s account, the Bank does not enter into banking relationships with minors (persons under the age of 16). We do not knowingly collect personally identifiable information from anyone under the age of 16, except under the conditions stated above. If you are a parent or guardian and you are aware that your children have provided us with Personal data; please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.

Social Media Platforms

We operate and communicate through our designated pages and accounts on some social media platforms to communicate and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our Services. The general public can access and read any information posted on these sites. Please note that any content you post to such social media platforms is subject to the applicable social media platform’s terms of use and privacy policies. We recommend that you review the information carefully in order to better understand your rights and obligations regarding such content.

Our Services may allow you to connect and share your actions, comments, content, and information publicly or with friends. We are not responsible for maintaining the confidentiality of any information you share publicly or with friends.

Our Services may also allow you to connect with us on, share on, and use third-party websites, applications, and services. Please be mindful of your personal privacy needs and the privacy needs of others, as you choose whom to connect with and what to share and make public. We cannot control the privacy or security of information you choose to make public or share with others. We also do not control the privacy practices of third parties. Please contact those sites and services directly if you want to learn about their privacy practices.

Career Platforms

As part of our recruitment process and as an applicant, you explicitly consent to the collection, use, transfer, and storage or in any other form of your personal data contained in application forms/letters, curriculum vitae (CV)/resumes obtained from your identity document(s) or collected through interviews/other forms assessment by Sterling Bank Ltd or its affiliates. This information is for the exclusive purpose of assessing and evaluating applicants’ suitability for employment in any current or prospective position within our organisation, verifying applicants’ identity and the accuracy of your details provided to us or for other related purposes. We shall, in line with our internal policies, controls and relevant Data Protection Regulations ensure that this data is not disclosed or assessed by unauthorised persons. By providing any information on Sterling’s career page, you confirm that you have read the terms and privacy statement and accept it. As an applicant, you consent to Sterling Bank using the data provided in accordance with terms described above.

Third Party Websites

Our website, related websites and mobile applications may have links to or from other websites that are not operated by us. We have no control over and assume no responsibility for the security, privacy practices or content of third-party websites or services. We recommend that you always read the privacy and security statements on these websites.

Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform specific Service-related roles or to assist us in analysing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose outside of the service-specific need for which the data is required.

Public Appearance and Events

If you register and/or attend our events, you may be photographed, recorded and/or videotaped by the Bank and/or those acting under its authority, in relation to your attendance and/or participation at such event. You acknowledge that the Bank and its affiliates may, without payment to you, copyright, publish, reproduce, exhibit, transmit, broadcast, televise, digitize, display, otherwise use materials containing your Personal Data, more specifically: (a) your name, image, likeness, and voice; (b) photographs, recordings, videotapes, audiovisual materials, writings, statements, and quotations of or by you; (c) the negatives, transparencies, prints, or digital information (collectively, the “Materials”), pertaining to you, in still, single, multiple, moving, video or animation format, or in which you may be included in whole or in part, or composite, or distorted in form, or reproductions thereof, in color or otherwise in any other manner, form or format whatsoever and for any lawful purpose, including, but not limited to, advertising or promotion of the Bank, its brand, affiliates or services.

All Materials (as defined above), collected at our events remain the sole property of the Bank. Notwithstanding, the Bank shall not share your personal data with an unauthorized third party or process your Personal Data under this sub-section for any unlawful purpose.

Changes to this Policy

This Privacy Policy is effective as of the date stated above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on our website.

Based on the changing nature of privacy laws, user needs and our business, we may modify this Privacy Policy from time to time. Any change to our privacy policy will be communicated on our website, via email or by placing a notice on our Platform and this will be effective as soon as published. Accordingly, we encourage periodic reviews of this Privacy Policy for awareness of any changes that may have occurred. Your continued use of the Services after we post any modifications to the Privacy Policy on our website will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

Contact Us

If you have any questions, comments or requests in relation to this Privacy Policy or objections, complaints or requirements in relation to the use of your personal data, please contact us by sending an email to [email protected] or 02018888822 / 07008220000, or write a letter addressed as follows:

The Data Protection Officer
Sterling Bank Limited
20 Marina, Lagos.

PRIVACY POLICY | UPDATED: JANUARY 28, 2024.

At Sterling, we take the privacy of your personal information seriously and remain committed to protecting and ensuring that your Personal Data is treated in a fair and lawful manner in all our dealings with you.

This Privacy Policy (“Policy”) has been put together to explain to you what we do with the personal information that you provide to us when you visit our website while using any of our digital or mobile platforms/services, our Mobile Banking App, mobile authentication service when communicating with us through any of our social media or other interactive channels or any other engagement with us (collectively “Services”).

Throughout this document, “Sterling”, “Bank”, “we”, “us”, “our” and/or “ours” refer to Sterling incorporated under the laws of the Federal Republic of Nigeria with its registered office in Sterling Towers, 20 Marina, Lagos. The reference to ‘you’ or ‘your’, means you, any authorised person on your account, anyone who conducts your banking services for you or other related people (including authorised signatories, partners or any authorised third party).

By continuing to visit our website (www.sterling.ng), or using our mobile and digital platforms, social media platforms and other Sterling customer touch-points and utilising Sterling services, you accept and consent to the provisions described in this Policy.

The information we collect about you

We gather information from you for a number of reasons. We may need you to provide your Personal Information/Data such as your name, contact details, identification, work and residential addresses, gender, positions held, forms submitted, Bank Verification Number (BVN), payment details and other enquiry details which would enhance your service experience. The Personal Data we collect, fall into various categories, such as:

Details about your banking activities and transactions with us.

This includes information on any bank accounts you use, debit card numbers, financial history, the information you provide to deliver payment initiation services and account information services regarding accounts you hold with other providers.

Information on how you use your device/ Usage Data.

We may also collect information that your browser sends whenever you visit our website or banking applications or when you access our Services by or through a mobile device (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit and the time spent on those pages amongst other diagnostic data. When you access the Service by or through a mobile device or use the mobile app, this Usage Data may include information such as the type of mobile device you use, your mobile device’s unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Sensitive data

We may hold information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic or biometric data or data concerning your health or sexual orientation, data relating to criminal convictions or offences or information which is used to uniquely identify you, (for example your fingerprint, facial recognition or voice recording). We will only hold this data when we need to for the purposes of the product or services we provide to you, where we are required to process the data for public interest purposes, or where we have a legal obligation or your consent to do so.

The information which you have consented to us using

We may collect information about your marketing preferences to provide you with information about relevant services, products and offers that we think may be of interest to you.

Tracking and Cookies Data

We use cookies and similar tracking technologies to track the activity on our Services and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. You can also refuse permission to read your phone data through the mobile application. However, if you do not accept cookies on your browser or allow permissions on your mobile device, our online service experience to you may be degraded and you may not be able to use some portions of our Service. We may also collect information about your internet browser settings and Internet Protocol (IP) address and other relevant information to help us identify your geographic location when providing you with our services.

Examples of Cookies we use:
  • Session Cookies. We use Session Cookies to operate our Service. Session cookies will expire at the end of your browser session and allow us to link your actions during that browser session
  • Preference Cookies. We use Preference Cookies to remember your preferences and actions, across multiple sites.
  • Security Cookies. We use Security Cookies for security purposes.
  • Information from social networks or online accounts – This includes Information from any social media profiles or any accounts that you share with us.
  • Other personal information

Other personal data which we collect includes image recordings this could include CCTV images of you at our bank branches, offices and ATMs but only for security purposes, to help forestall crime.

How we use your Personal Information

To the extent permissible under applicable law, we may use your information for the following legitimate actions:

  • Determine your eligibility for our products and services.
  • Verify your identity when you access your account information
  • Administer your accounts or other products and services that we or our partners/affiliates may provide to you
  • Respond to your requests and communicate with you
  • For understanding your financial needs
  • Prevention of crime, fraud, money laundering or terrorism financing activities
  • Managing our risks
  • Reviewing credit or loan eligibility.
  • For marketing the products and services of Sterling, related entities and affiliates. We may send you marketing and promotional messages by post, email, telephone, text, secure messaging, Mobile app, or through our social media channels. You can change your mind on how you wish to receive marketing messages from us, or opt out of receiving such messages at any time. However, we will continue to use your contact details to send you important information regarding your dealings with us
  • Process transactions, design products and profile customers
  • Notify you about changes to our Services
  • Allow you to participate in interactive features of our Services when you choose to do so
  • Provide customer care and support for internal operations, including troubleshooting, data analysis, testing, security, fraud detection, and account management
  • Process your information for audit, statistical or research purposes in order to help us understand trends in our customer behaviour and to understand our risks better and curate products and services that are suitable to our customers’ needs
  • Monitor our conversation with you when we speak on the telephone (for example, to check your instructions to us, to analyse, assess and improve customer service; for training and quality assurance purposes; for verification, fraud analysis and prevention purposes
  • Recover any debts that you may owe the Bank.
  • Carry out analysis to evaluate and improve our business
  • Monitor the usage of our Services
  • Detect, prevent and address technical issues
  • Prevent fraud and enhance the security of your account or our service platform.
  • Comply with and enforce applicable legal and regulatory requirements, relevant industry standards, contractual obligations and our policies
  • Provide you with tailored content and marketing messages such as recommending other products or services we believe you may be interested in
  • For other purposes required by law or regulation

 

How do we share your information?

We may share the information about you and your dealings with us, to the extent permitted by law, with the following:

  • Sterling Branches and subsidiaries
  • Legal/Regulatory Authorities – It may be necessary by law, legal process, litigation, and/or requests from public and governmental authorities for Sterling to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate;
  • Professional Advisers: Auditors/Legal Advisers
  • Credit Agencies;
  • Correspondent Banks;
  • External Auditors;
  • Strategic partners/service providers – for the purpose of providing our services to you. Your Personal information will not be shared with third parties for their marketing purposes.

We may also disclose your Personal Information in good faith and belief that such action is necessary for any of the following circumstances:

  • We have your consent to share the information;
  • To comply with a legal obligation;
  • To bring you improved service across our array of products and services, when permissible under relevant laws and regulations, by disclosing your personal information with Sterling Bank’s affiliated websites and businesses;
  • To protect and defend the rights or property of the Bank;
  • To prevent or investigate possible wrongdoing in connection with our Service;
  • To protect the personal safety of users of our Service or the public;
  • To protect against legal liability;
  • in the event of a reorganisation, merger, or sale we may transfer any and all personal information we collect to the relevant third party or
  • We find that your actions on our websites or banking applications violate any part of our Privacy Policy;

 

Joint Account Holders

When you open or use a joint account, your Personal Data will be shared with the other Account Holder. For instance, the joint account holder will be able to see transactions made by you. We may act on the authority of one joint Account Holder to share or allow third-party access to your account information for the provision of payment services, including transaction details. In this regard, we will treat the authority of one Account Holder as an authorisation on behalf of the other Account Holder.

Termination of Banking Relationship And Account Closure

The Bank may close your account(s) and terminate its banking relationship with you at any time, in accordance with banking regulations and its policies. You will receive formal notification of account closure via one or more designated communication channels, including but not limited to: letter, email, SMS, telephone call, push notification etc. The notice shall include the process for claiming any outstanding balances on your account(s).

Upon closure, any credit balance on your account(s) will be issued as a bank draft in your name, available for collection at your domicile branch or, upon your written request, at the nearest Sterling Bank branch or via transfer to a nominated bank account. For collection of the draft, you are required to visit the domicile or nearest Sterling Bank branch in person; with a valid means of identification and other documentation the Bank may request. Where Customer fails to collect the draft within six (6) months from the date of notification of the account closure, the balance in the Customer’s account shall be classified as unclaimed and managed in accordance with applicable laws and regulations.

 

Guarantors

We may share your information with any person or entity which guarantees your credit obligations to us as part of the security requirement for a credit scheme or facility advanced to you.

Automated Processing and Analytics

We may use automated statistical analysis of the information you provide to us about you to make automated lending decisions, when you apply for a financial product, for example, a loan facility or use such statical data to manage existing credit arrangements you may have with us. We may also employ statistical analysis to determine whether a product or service best suits your needs or otherwise.

How we secure your information

We have implemented appropriate organisational and technical measures to keep your Personal Information/Data confidential and secure. This includes the use of encryption, access controls and other forms of security to ensure that your data is protected. We require all parties including our staff and third parties processing data on our behalf to comply with relevant policies and guidelines. Where you have a password which grants you access to specific areas on our site or to any of our services, you are responsible for keeping this password confidential. We request that you do not share your password or other authentication details (e.g. token generated codes) with anyone.

Although we have taken measures to secure and keep your information confidential, because the security of your data is important to us, please be aware that no method of transmission over the Internet or method of electronic storage can guarantee 100% security at all times. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security, you are responsible for securing and maintaining the privacy of your password and Account/profile registration information and verifying that the Personal Data we maintain about you is valid, accurate and up to date. If we receive instructions using your account login information, we will consider that you have authorised the instructions and processed your instruction accordingly without incurring any liability for doing so.

How long we keep your information?

We retain your Information for as long as the purpose for which the information was collected continues. The information is then securely destroyed unless its retention is required to satisfy legal, regulatory, internal compliance or accounting requirements or to protect Sterling’s interest.

Please note that regulations may require Sterling to retain your personal data for a specified period even after the end of your banking relationship with us.

Information from locations outside Nigeria

If you are located outside Nigeria and choose to provide information to us, please note that the data, including Personal Data, will be processed in Nigeria. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Accuracy and update of your information

You are responsible for making sure the information provided to the Bank is accurate and should inform the Bank of any changes as it occurs, this will enable us to update your information with us.

Any changes will affect only future uses of your Personal Information. Subject to applicable law, which might, from time to time, oblige us to store your Personal Information for a certain period of time, we will respect your wishes to correct inaccurate information. Otherwise, we will hold your Personal Information for as long as we believe it will help us achieve our objectives as detailed in this Privacy Policy.

Your Rights

You have certain rights in relation to the personal data we collect as provided by the Nigeria Data Protection Regulation 2019 (NDPR), these rights include:

  • A right to access your personal data
  • A right to rectify/update your information in our possession
  • A right to request the erasure of personal data
  • A right to withdraw your consent to the processing of personal data. This will however not affect the legality of the processing carried out prior to any such withdrawal
  • Right to object to the processing of personal data. This will only be applicable where there are no legal or operational reasons.
  • Request that your personal data be made available to you in a common electronic format and/or request that such data be sent to a third party.
  • Request that your information be erased. We might continue to retain such data if there are valid legal, regulatory or operational reasons

These rights are however subject to certain limitations as provided in the NDPR.

Privacy of minors

We do not knowingly collect names, email addresses, or any other personally identifiable information from children through the internet or any other touch-points. We do not allow children under the age of 18 to open accounts nor provide online banking services for children less than 18 years of age without the consent of a guardian. If you are a parent or guardian and you are aware that your child has provided us with Personal Data without verification of parental consent, please promptly contact us.

Social Media Platforms

We operate and communicate through our designated pages and accounts on some social media platforms to communicate and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our Services. The general public can access and read any information posted on these sites. Please note that any content you post to such social media platforms is subject to the applicable social media platform’s terms of use and privacy policies. We recommend that you review the information carefully in order to better understand your rights and obligations regarding such content.

Our Services may allow you to connect and share your actions, comments, content, and information publicly or with friends. We are not responsible for maintaining the confidentiality of any information you share publicly or with friends.

Our Services may also allow you to connect with us on, share, and use third-party websites, applications, and services. Please be mindful of your personal privacy needs and the privacy needs of others, as you choose whom to connect with and what to share and make public. We cannot control the privacy or security of information you choose to make public or share with others. We also do not control the privacy practices of third parties. Please contact those sites and services directly if you want to learn about their privacy practices.

Media Consent

Where you register and attend our events, you acknowledge that you may be photographed, recorded and/or videotaped by the Bank and/or those acting under its authority, in relation to your attendance and/or participation at such event. You hereby authorize the Bank and its affiliates, without payment to you, to copyright, publish, reproduce, exhibit, transmit, broadcast, televise, digitize, display, otherwise use, and permit others to use: (a) your name, image, likeness, and voice; (b) all photographs, recordings, videotapes, audiovisual materials, writings, statements, and quotations of or by you; (c) the negatives, transparencies, prints, or digital information (collectively, the “Materials”), pertaining to you, in still, single, multiple, moving, video or animation format, or in which you may be included in whole or in part, or composite, or distorted in form, or reproductions thereof, in color or otherwise in any other manner, form or format whatsoever and for any lawful purpose, including, but not limited to, advertising or promotion of the Bank, its brand, affiliates or services.

All Materials (as defined above), collected at our events remain the sole property of the Bank and you agree to release and discharge the Bank, its employees, licenses, agents, successors, and assigns from any claims, actions, damages, liabilities, costs, or demands whatsoever arising by reason of a right of publicity, copyright infringement, or any other personal or property rights from or related to our use of the Materials.

Career Platforms

As part of our recruitment process and as an applicant, you explicitly consent to the collection, use, transfer, and storage or in any other form of your personal data contained in application forms/letters, curriculum vitae (CV)/resumes obtained from your identity document(s) or collected through interviews/other forms assessment by Sterling or its affiliates. This information is for the exclusive purpose of assessing and evaluating applicants’ suitability for employment in any current or prospective position within our organisation, verifying applicants’ identity and the accuracy of the details provided to us or for other related purposes. We shall, in line with our internal policies, controls and relevant Data Protection Regulations ensure that this data is not disclosed or assessed by unauthorised persons. By providing any information on Sterling’s career page, you confirm that you have read the terms and privacy statement and accept it. As an applicant, you consent to Sterling Bank using the data provided in accordance with the terms described above.

Third-Party Websites

Our website, related websites and mobile applications may have links to or from other websites that are not operated by us. We have no control over and assume no responsibility for the security, privacy practices or content of third-party websites or services. We recommend that you always read the privacy and security statements on these websites.

Service Providers

We may employ third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform specific Service-related roles or to assist us in analysing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose outside of the service-specific need for which the data is required.

Changes to this Policy

This Privacy Policy is effective as of the date stated above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on our website.

Based on the changing nature of privacy laws, user needs and our business, we may modify this Privacy Policy from time to time. Any change to our privacy policy will be communicated on our website, via email or by placing a notice on our Platform and this will be effective as soon as published. Accordingly, we encourage periodic reviews of this Privacy Policy for awareness of any changes that may have occurred. Your continued use of the Services after we post any modifications to the Privacy Policy on our website will constitute your acknowledgement of the modifications and your consent to abide and be bound by the modified Privacy Policy.

Contact Us

If you have any questions, comments or requests in relation to this Privacy Policy or objections, complaints or requirements in relation to the use of your personal data, please contact us by sending an email to [email protected] or, writing a letter addressed as follows:

The Data Protection Officer

Sterling

20 Marina, Lagos.

Feedback

Business

One Education

SAF

Download Now
I have installed the app
whatsapp