This page outlines the types of personal information we collect, and the measures we take to protect it
CrediMax B.S.C has created this privacy statement in order to demonstrate our firm commitment to your privacy. The following discloses our information gathering and dissemination practices for CrediMax B.S.C official website: www.credimax.com.bh Our Internet Banking Service might requires you to provide your contact details i.e. email address and demographic information if applicable. Your contact information is used to notify you about new products available, special offers or to communicate other CrediMax news. You may opt-out of receiving future mailings by calling our customer services call center or sending us email on [email protected]. Your data collected at our website is used for marketing purposes only and will NEVER be sold on an individual basis.
Our website may use browser cookies to maintain information about your site session; most notably, the ‘state’ of your current web session. Cookies help us identify you; this in-turn makes your experience at www.credimax.com.bh smoother and more enjoyable. These cookies contain absolutely no personal and confidential information.
Our website provides you the opportunity to opt-out of receiving communications from CrediMax B.S.C. by calling our customer services call center or sending us an email on [email protected]
Our website has a security measures in place to protect the loss, misuse and alteration of the information under our control. All information you send to CrediMax B.S.C or via our mother company “BBK” via their Internet Banking such as your Customer ID and ePIN and other transaction details are encrypted using the Secure Socket Layer (SSL) Certificate. The security of your information is a vital role; therefore, multiple types of additional security measures have been put in place for your protection. These measures include frequent professional evaluations of both external and internal security structures, detection of uncharacteristic customer behavior and monitoring and quickly blocking attempts by fraudsters to obtain Customer IDs, passwords and ePINs.
For any further inquiry about this privacy statement, the practices of CrediMax B.S.C website, or your dealings with this website, please do not hesitate to contact us:
Address:
CrediMax B.S.C, P.O. Box 5350, Manama – Kingdom of Bahrain
+973 17117117
+973 17214193
Download Data Privacy Statement
CrediMax B.S.C.(c) (CrediMax) is committed to maintaining the confidentiality, integrity, and security of personal and sensitive information collected from customers, in accordance to applicable laws.
This privacy statement defines CrediMax procedures to process personal and sensitive personal data collected and processed by CrediMax through all means including requests for new services and products via CrediMax’s various channels (including but not limited to branches, website and mobile applications).
CrediMax recognizes the importance of data privacy, and treats your data in accordance to applicable data protection regulations.
This statement should be read in conjunction with any other privacy notices or fair processing notices and product terms and conditions we may provide on specific occasions when we are collecting or processing personal data.
This privacy statement has been developed in line with the provisions of Bahrain’s Personal Data Protection Law (30/2018).
This privacy statement shall be updated from time to time so you may wish to check it each time you submit Personal Data on our websites and applications.
This privacy statement explains how we collect, use, store and share the personal data you provide us when requesting CrediMax’s services through any of the Company’s various channels.
By accessing and using our electronic services and mobile applications, you agree to the terms and conditions of this privacy statement.
Any information of any form related to an identifiable individual, or an individual who can be identified, directly or indirectly, particularly through his/her personal ID number, or one or more of his/her physical, physiological, intellectual, cultural or economic characteristics or social identity.
To determine whether an individual can be identified, all the means used by, or that may be available to, the Data Controller or any other person, shall be taken in consideration.
Any personal information that reveals, directly or indirectly, the individual’s gender, race, ethnicity, political or philosophical views, religious beliefs, union affiliation, criminal record or any data related to his/her health or marital status.
The person who decides, solely or in association with others, the purposes and means of processing of certain personal data. In the events where such purposes and means are prescribed by Law, the Data Controller shall be the person who is responsible for the processing.
The person who processes the data for and on behalf of the Data Controller, not including whoever works for the Data Controller or Data Processor.
The person who’s in charge of data privacy matters at the organization and support compliance with the requirements of data privacy laws by providing internal guidance and monitoring as well as external interaction and liaison.
Any operation or set of operations carried out on personal data by automated or non-automated means, such as collecting, recording, organizing, classifying in groups, storing, modifying, amending, retrieving, using or revealing such data by broadcasting, publishing, transmitting, making them available to others, integrating, blocking, deleting or destroying them.
Any communication, by any means, through which a marketing or advertising material is directed to a specific person.
As part of our legitimate business use and regulatory requirements, CrediMax may collect the following information about past, existing and prospective clients (individuals and legal entities) for the purpose of providing our services. In addition, CrediMax may collect some of the following information about CrediMax third party service providers, guests visiting CrediMax facilities, online channels and social media users as relevant.
This information includes (and is not limited to):
Data class | Indicative data elements |
Individual’s information | Name, Phone Number, Residential Address, CPR Number, Passport Number, Email Address, Date of Birth, Employment Information, Salary Information, credit information |
Legal entity’s information | Entity Name, Commercial Registration Number, Registered Address, Incorporation Information, Shareholder Information, Management Information, credit information |
Financial information of legal entities | Turnover (Sales), Net Profit, Net Worth (Total Assets, Total Liabilities) |
Transaction information | Cards Transactions (Transaction Amounts, Corresponding Merchant, Country of Merchant) |
Cookies, log files and web beacons | IP Address, Device Identifiers |
In certain cases, CrediMax may collect Sensitive Personal Data about you for the purpose of providing you with our products and services.
CrediMax will ensure not to collect this information without your consent unless it is allowed under applicable data privacy laws:
Sensitive Personal Data Category | Reasons for collection |
Location data | In certain cases where you wish to open an account using our digital channels, CrediMax may use geo-location feature to verify your location. |
Biometrics | In certain cases where you wish to open an account using our digital channels, CrediMax may use facial recognition mechanisms to verify your identity. |
Criminal and court records including CBB account blocks, Politically Exposed Person (“PEP”) status | To fulfil our legal and regulatory obligations. |
Voice recording and virtual recording | During your interaction with CrediMax, we may record your calls for quality assurance purposes and to evidence your decisions. In addition, we may retain images captured by video surveillance in marked areas at CrediMax branches and premises for our vital interest and to fulfil our regulatory obligations. |
In order to properly provide our services and to adhere to regulatory requirements, CrediMax collects Personal Data about you from the following sources:
Personal Data collected by CrediMax is restricted to the minimum information required to provide our services or as required by regulators. The consequences of not providing the requested information when CrediMax rely solely on a contractual or legal obligation may result in our inability to provide services requested by you.
When you visit CrediMax websites and mobile applications, we may collect certain information automatically from your device such as:
As the Data Controller, we have a responsibility to apply technical and organizational measures capable of protecting the data against unintentional or unauthorized destruction, accidental loss, unauthorized alteration, disclosure or access, or any other form of processing.
We have instituted adequate measures for providing an appropriate level of security aligned to the nature of the data being collected and processed, and the risks that may arise from this processing. Our various security measures include but are not limited to data encryption, either at rest or in-transit, strong authentication, accessing monitoring, and rigorous access controls either from network or application level. Data is shared within CrediMax and its third parties (including employees, group companies, contractors, agents, etc.) on a need to know basis and under strict confidentiality arrangements.
Notwithstanding this, despite our best efforts, we cannot absolutely guarantee the security of data against all threats. We have implemented suitable measures to identify, monitor and report any breaches to personal data in line with the requirements of the law.
CrediMax limits access to personal information to those working with CrediMax and BBK’s Group Companies, regulators, government authorities, vendors, consultants, external auditors and appointed experts, employees, contractors, business partners or agents who require such access in connection with providing products or services to you or for other legitimate business purposes or as required to comply with the relevant laws and regulations.
We may process your Personal Data for:
CrediMax only discloses data to third parties when explicitly requested by you, when required as per legal/regulatory requirement, have a public or vital interest to do so such as fraud prevention and financial crime, to perform contractual obligations, or when CrediMax have a legitimate business reason to do so. Third-party recipients of data may include:
We may need to transfer data outside Bahrain for the purposes specified on this privacy statement and for providing uninterrupted services to you (such as data availability, remittance, internal operation and validation and availability of electronic services and mobile applications).
This may include sharing your personal data with:
– Card schemes companies (Visa, MasterCard, etc.).
– Bank of Bahrain and Kuwait subsidiaries, affiliated companies, contractors and subcontractors in countries with adequate or inadequate level of security measures for the purposes specified within this statement.
In all cases, CrediMax will apply safeguards to ensure protection of your personal data when transferred outside Bahrain. These measures may include for instance, contractual confidentiality and data protection agreements to ensure protection of data.
When CrediMax transfer Personal Data outside Bahrain, CrediMax will ensure adherence to the legal and regulatory obligations. Bahrain’s personal data protection law sets out the circumstances under which Personal Data can be transferred outside of Bahrain.
Under the provisions of the applicable laws, you are provided with the following rights in relation to the processing of your Personal Data. To exercise your rights under the Law, you will be requested to provide a valid proof of identity, in order for CrediMax to fulfil its responsibility of verifying your identity before processing your request. You may exercise any of these rights free of charge.
You have the right to request and obtain information on the Personal Data which CrediMax holds and processes, and the purpose for which it is maintained by CrediMax.
You have the right to object to processing of your Personal Data under the following instances:
However, the Personal Data Protection Law stipulates that under certain circumstances, CrediMax may have legitimate reasons to perform the processing of Data even when you have an objection. In this case, CrediMax shall continue to process your Data or reject providing you with the product or service you have asked for to satisfy these legitimate interests, including but not limited to: completion of a contract to which you are a party, implementation of an obligation prescribed by Law, protection of your vital interests, defending a legal claim, fraud prevention and anti-money laundering purposes, or exercising the legitimate interests of CrediMax or any third party involved.
You also have the right to object to being contacted by us for direct marketing purposes. On receipt of such objection, we will ensure that you are removed from our relevant marketing databases, as applicable. You have the option to opt-in or opt-out from receiving marketing communications, and update your communication and direct marketing preferences through our various contact channels.
You may submit an application to request to rectify, block or erase your Personal Data, as the case may be, if the processing thereof is done in contravention of the provisions of the law, and in particular, if the data is incorrect, incomplete or not updated, or if the processing thereof is illegal.
At any time, subsequent to providing consent, you have the right to withdraw the consent provided. Withdrawal of consent will be applicable to future use of the Personal Data and will not in any way impact legitimate use of the personal information prior to the withdrawal of the consent.
You have the right to request that another method be used to evaluate you when a decision has been taken solely based on automated processing of your personal data.
This right applies to evaluations of (i) your financial position; (ii) the level of your efficiency for borrowing; (iii) your behavior or (iv) your trustworthiness.
In such a situation you may request that another method be adopted including a human intervention, for example a staff member reviewing your application for eligibility of a product or service and we will carry this out free of charge.
We may further reject your request if we have determined that you pose a risk from compliance, fraud, or operational perspective.
You may submit a complaint to Bahrain’s Personal Data Protection Authority, if you have reason to believe that any violation of the provisions of the privacy laws has occurred or that we are processing Personal Data in contravention to its provisions.
For more information on the procedures to submit a compliant to the Personal Data Protection Authority, you may refer to the Authority’s website.
If you believe there has been a breach of privacy regarding your personal data, please contact us on [email protected]
CrediMax may use your identity, contact information and profile data to directly market products and/or services that may be of interest to you.
You have the option to opt-in or opt-out from receiving marketing communications, and update your communication and direct marketing preferences through our various contact channels.
Please note that in case of opting out from receiving marketing materials, CrediMax will continue to use your contact details to send you important notifications, such as changes to our Terms and Conditions, transactional notifications, and any other notification required when CrediMax have a lawful basis to do so.
For any questions or clarification on this privacy statement, feel free to contact our Data Privacy team on [email protected]
© 2024 CrediMax. All Rights Reserved