At Sterling Bank Plc., we take the privacy of your personal information seriously and remain committed to protecting and ensuring that your Personal Data is treated in a fair and lawful manner in all our dealings with you.
Throughout this document, “Sterling”, “Bank”, “we”, “us”, “our” and/or “ours” refer to Sterling Bank Plc incorporated under the laws of the Federal Republic of Nigeria with its registered office at 20 Sterling Towers, 20 Marina, Lagos. The reference to ‘you’ or ‘your’, means you, any authorised person on your account, anyone who conducts your banking services for you or other related people (including authorised signatories, partners or any authorised third party).
By continuing to visit our website (www.sterling.ng), or using our mobile and digital platforms, social media platforms and other Sterling customer touch-points and utilising Sterling services, you accept and consent to the provisions described in this Policy.
- The information we collect about you
We gather information from you for a number of reasons. We may need you to provide your Personal Information/Data such as your name, contact details, identification, work and residential addresses, gender, positions held, forms submitted, Bank Verification Number (BVN), payment details and other enquiry details which would enhance your service experience. The Personal Data we collect, fall into various categories, such as:
- Details about your banking activities and transactions with us.
This includes information on any bank accounts you use, debit card numbers, financial history, information you provide to deliver payment initiation services and account information services regarding accounts you hold with other providers.
- Information on how you use your device/ Usage Data.
We may also collect information that your browser sends whenever you visit our website or banking applications or when you access our Services by or through a mobile device (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit and the time spent on those pages amongst other diagnostic data. When you access the Service by or through a mobile device or use the mobile app, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
- Sensitive data
We may hold information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic or biometric data or data concerning your health or sexual orientation, or data relating to criminal convictions or offences or information which is used to uniquely identify you, (for example your fingerprint, facial recognition or voice recording). We will only hold this data when we need to for the purposes of the product or services we provide to you, where we are required to process the data for a public interest purposes, or where we have a legal obligation or your consent to do so.
- Information which you have consented to us using
We may collect information about your marketing preferences to provide you with information about relevant services, products and offers that we think may be of interest to you.
- Tracking and Cookies Data
Examples of Cookies we use:
- Session Cookies.We use Session Cookies to operate our Service. Session cookies will expire at the end of your browser session and allow us to link your actions during that browser session
- Preference Cookies.We use Preference Cookies to remember your preferences and actions, across multiple sites.
- Security Cookies.We use Security Cookies for security purposes.
- Information from social networks or online accounts-This includes Information from any social media profiles or any accounts that you share with us.
- Other personal information
Other personal data which we collect includes image recordings this could include CCTV images of you at our bank branches, offices and ATMs but only for security purposes, to help forestall crime.
How we use your personal Information
To the extent permissible under applicable law, we may use your information for the following legitimate actions:
- Determine your eligibility for our products and services.
- Verify your identity when you access your account information
- Administer your accounts or other products and services that we or our partners/affiliates may provide to you
- Respond to your requests and communicate with you
- For understanding your financial needs
- Prevention of crime, fraud, money laundering or terrorism financing activities
- Managing our risks
- Reviewing credit or loan eligibility.
- For marketing the products and services of Sterling, related entities and affiliates. We may send you marketing and promotional messages by post, email, telephone, text, secure messaging, Mobile app, or through our social media channels. You can change your mind on how you wish to receive marketing messages from us, or opt out of receiving such messages at anytime. However, we will continue to use your contact details to send you important information regarding your dealings with us
- Process transactions, design products and profile customers
- Notify you about changes to our Services
- Allow you to participate in interactive features of our Services when you choose to do so
- Provide customer care and support and for internal operations, including troubleshooting, data analysis, testing, security, fraud-detection, and account management
- Process your information for audit, statistical or research purposes in order to help us understand trends in our customer behaviour and to understand our risks better and curate products and services that are suitable to our customers’ needs
- Monitor our conversation with you when we speak on the telephone (for example, to check your instructions to us, to analyse, to assess and improve customer service; for training and quality assurance purposes; for verification, fraud analysis and prevention purposes
- Recover any debts that you may owe the Bank.
- Carry out analysis to evaluate and improve our business
- Monitor the usage of our Services
- Detect, prevent and address technical issues
- Prevent fraud and enhance security of your account or our service platform.
- Comply with and enforcing applicable legal and regulatory requirements, relevant industry standards, contractual obligations and our policies
- Provide you with tailored content and marketing messages such as recommending other products or services we believe you may be interested in
- For other purposes required by law or regulation
How do we share your information?
We may share the information about you and your dealings with us, to the extent permitted by law, with the following:
- Sterling Branches and subsidiaries
- Legal/Regulatory Authorities – It may be necessary by law, legal process, litigation, and/or requests from public and governmental authorities for FITC to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate;
- Professional Advisers: Auditors/Legal Advisers
- Credit Agencies;
- Correspondent Banks;
- External Auditors;
- Strategic partners/service providers – for the purpose of providing our services to you. Your Personal information will not be shared with third parties for their marketing purposes.
We may also disclose your Personal Information in good faith and belief that such action is necessary in any of the following circumstances:
- We have your consent to share the information;
- To comply with a legal obligation;
- To bring you improved service across our array of products and services, when permissible under relevant laws and regulations, by disclosing your personal information with Sterling Bank’s affiliated websites and businesses;
- To protect and defend the rights or property of the Bank;
- To prevent or investigate possible wrongdoing in connection with our Service;
- To protect the personal safety of users of our Service or the public;
- To protect against legal liability;
- in the event of a reorganisation, merger, or sale we may transfer any and all personal information we collect to the relevant third party or
Joint Account Holders
When you open or use a joint account, your Personal Data will be shared with the other Account Holder. For instance, the joint account holder will be able to see transactions made by you. We may act on the authority of one joint Account Holder to share or allow a third party access to your account information for the provision of payment services, including transaction details. In this regard, we will treat the authority of one Account Holder as authorisation on behalf of the other Account Holder.
We may share your information with any person or entity which guarantees your credit obligations to us as part of security requirement for a credit scheme or facility advanced to you.
Automated Processing and Analytics
We may use automated statistical analysis of the information you provide to us about you to make automated lending decisions, when you apply for a financial product, for example, a loan facility or use such statical data to manage existing credit arrangements you my have with us. We may also employ statistical analysis to determine whether a product or service best suits your needs or otherwise.
How we secure your Information
We have implemented appropriate organisational and technical measures to keep your Personal Information/Data confidential and secure. This includes the use of encryption, access controls and other forms of security to ensure that your data is protected. We require all parties including our staff and third-parties processing data on our behalf to comply with relevant policies and guidelines. Where you have a password which grants you access to specific areas on our site or to any of our services, you are responsible for keeping this password confidential. We request that you do not share your password or other authentication details (e.g. token generated codes) with anyone.
Although we have taken measures to secure and keep your information confidential, because the security of your data is important to us, please be aware that no method of transmission over the Internet, or method of electronic storage can guarantee 100% security at all times. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security, you are responsible for securing and maintaining the privacy of your password and Account/profile registration information and verifying that the Personal Data we maintain about you is valid, accurate and up to date. If we receive instructions using your account login information, we will consider that you have authorised the instructions and process your instruction accordingly and without incurring any liability for doing so.
How long we keep your information.
We retain your Information for as long as the purpose for which the information was collected continues. The information is then securely destroyed unless its retention is required to satisfy legal, regulatory, internal compliance or accounting requirements or to protect Sterling’s interest.
Please note that regulations may require Sterling to retain your personal data for a specified period even after the end of your banking relationship with us.
Information from locations outside Nigeria
Accuracy and update of your Information
You are responsible for making sure the information provided to the Bank is accurate and should inform the Bank on any changes as it occurs, this will enable us to update your information with us.
You have certain rights in relation to the personal data we collect as provided by the Nigeria Data Protection Regulation 2019 (NDPR), these rights include:
- A right to access your personal data
- A right to rectify/update your information in our possession
- A right to request the erasure of personal data
- A right to withdraw your consent to processing of personal data. This will however not affect the legality of processing carried out prior to any such withdrawal
- Right to object to processing of personal data. This will only be applicable where there are no legal or operational reasons.
- Request that your personal data be made available to you in a common electronic format and/or request that such data be sent to a third party.
- Request that your information be erased. We might continue to retain such data if there are valid legal, regulatory or operational reasons
These rights are however subject certain limitations as provided in the NDPR.
Privacy of minors
We do not knowingly collect names, email addresses, or any other personally identifiable information from children through the internet or any other touch-points. We do not allow children under the age of 18 to open accounts nor provide online banking services for children less than 18 years of age without the consent of a guardian. If you are a parent or guardian and you are aware that your child has provided us with Personal Data without verification of parental consent, please promptly contact us.
Social Media Platforms
Our Services may allow you to connect and share your actions, comments, content, and information publicly or with friends. We are not responsible for maintaining the confidentiality of any information you share publicly or with friends.
Our Services may also allow you to connect with us on, share on, and use third-party websites, applications, and services. Please be mindful of your personal privacy needs and the privacy needs of others, as you choose whom to connect with and what to share and make public. We cannot control the privacy or security of information you choose to make public or share with others. We also do not control the privacy practices of third parties. Please contact those sites and services directly if you want to learn about their privacy practices.
As part of our recruitment process and as an applicant, you explicitly consent to the collection, use, transfer, and storage or in any other form of your personal data contained in application forms/letters, curriculum vitae (CV)/resumes obtained from your identity document(s) or collected through interviews/other forms assessment by Sterling Bank Plc or its affiliates. This information is for the exclusive purpose of assessing and evaluating applicants suitability for employment in any current or prospective position within our organisation, verifying applicants identity and the accuracy of your details provided to us or for other related purposes. We shall, in line with our internal policies, controls and relevant Data Protection Regulations ensure that this data is not disclosed or assessed by unauthorised persons. By providing any information on Sterling’s career page, you confirm that you have read the terms and privacy statement and accept it. As an applicant, you consent to Sterling Bank using the data provided in accordance with terms described above.
Third Party Websites
Our website, related websites and mobile applications may have links to or from other websites that are not operated by us. We have no control over and assume no responsibility for the security, privacy practices or content of third party websites or services. We recommend that you always read the privacy and security statements on these websites.
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform specific Service-related roles or to assist us in analysing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose outside of the service-specific need for which the data is required.
Changes to this Policy
The Data Protection Officer
Sterling Bank Plc
20 Marina, Lagos.