Dear Customers, Kindly note that the bank’s fees and service charges has been updated effective 13th February, 2021. To check the updated fees and services charges, please click here
1. This Policy
This Policy is issued by the National Bank of Bahrain B.S.C. (“NBB”) on behalf of itself, and its branches,
and is addressed to individuals outside our organisation with whom we interact, including customers, business partners, vendors, visitors to our websites, and other recipients of our services (together, "you").
This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the
Processing of Personal Data, or changes in respect of the Personal Data Protection Law (the “PDPL”).
2. Processing your Personal Data
This section lists places where we get data that counts as part of your Personal Data.
Collection of Personal Data: We collect Personal Data about you:
Creation of Personal Data: We create Personal Data about you, such as records of your interactions with us, and details of your accounts, subject to the PDPL.
Unique application number: When you wish to install or uninstall the App containing a unique application number or when such application searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.
Relevant Personal and Sensitive Personal Data:
This section explains what different types of Personal Data mean.
Pursuant to the PDPL, the categories of Personal Data about you that we Process are as follows:
Type of Personal Data
Address; telephone number; and email address
given name(s); preferred name(s); gender; date of birth / age; marital status; Social Security number; passport number(s); driving license number(s); nationality; lifestyle and social circumstances; images of passports, driving licenses, and signatures; authentication data (passwords,
Names and contact details of family members and dependents
Your financial position; financial status; financial history; billing address; bank account numbers; credit card numbers; cardholder or accountholder name and details; instruction records; transaction details; and counterparty details
Details about payments to and from your accounts with us, and insurance claims you make
Details about how you use products and services from us and other organisations
Industry; role; business activities; names of current and former employers; work address; work telephone number; and work email address
IP addresses; cookies; activity logs; online identifiers; unique device identifiers; and geolocation data.
Sensitive Personal Data: Any personal information that directly or indirectly discloses any of the following: the ethnic origin of the individual, their ethnic group, political or philosophical views, religious beliefs, trade union affiliation, criminal record, or any data relating to their health or sexual status.
Processing your Sensitive Personal Data: We do not seek to collect or otherwise Process your Sensitive Personal Data, except where:
Purposes for which we may Process your Personal Data:
We will only use your Personal Data when the law allows us to do so, most commonly we will use your Personal Data in the following circumstances:
Anti-Money Laundering / KYC
Providing products and services to you
Operation of our website and App
Install the App and register you as a new App user
Detecting, investigating and preventing breaches of policy, and criminal offences, in accordance with applicable law.
Compliance with our legal and regulatory obligations under applicable law
Establishing, exercising and defending legal rights.
Improving our products and services
Detecting, preventing and investigating fraud.
3. Disclosure of Personal Data to third parties
We may disclose your Personal Data for legitimate business purposes (including providing services to you), in accordance with the PDPL. In addition, we may disclose your Personal Data to:
If we engage a third-party Data Processor to Process your Personal Data, the Data Processor will be subject to binding
contractual obligations to:
4. International transfer of Personal Data
We may need to transfer your Personal Data to third parties as noted in Section 3 above, in connection with the purposes set out in this Policy. For this reason, we may transfer your Personal Data to other countries that may have different laws and data protection compliance requirements, including data protection laws of a lower standard to those that apply in the country in which you are located, in such circumstance we shall ensure that your Personal Data shall be held in a manner consistent with the rules and standards expected in the Kingdom of Bahrain.
If you want to receive more information about the safeguards applied to international transfers of personal data,
please use the contact details provided in Section 10 below.
5. Data Security
We have implemented appropriate technical and organizational security measures designed to protect your
Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised
access, and other unlawful or unauthorised forms of Processing, in accordance with the PDPL.
6. How long we keep your Personal Data
This section explains how long we may keep your Personal Data for and why.
7. Your legal rights
Subject to the PDPL, you may have a number of rights regarding the Processing of your Personal Data, including:
To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please use the contact details provided in Section 10 below.
A cookie is a small file that is placed on your device when you visit a website. It records
information about your device, your browser and, in some cases, your preferences and browsing habits. We may
9. Direct Marketing
We may Process your Personal Data to contact you so that we can provide you with information on our products and services that may be of interest.
If you do not wish to receive marketing communications from us you can opt out at any time by contacting your
regular NBB contact. After you unsubscribe, we will not send you further promotional text messages, but we may continue to contact you to the extent necessary for the purposes of any services you have requested.
We may ask you to confirm or update your choices, if you take out any new products or services with us in future. We will also ask you to do this if there are changes in the law, regulation, or the structure of our business.
As NBB continues to update and improve its internal processes, systems and controls, we may notify you in the future about the best way for you to update your Personal Data and your preferences.
10. Contacting us
If you have any comments, questions or concerns about any of the information in this Policy, or any other issues
relating to the Processing of Personal Data by NBB, please contact your regular NBB client service contact, or:
National Bank of Bahrain
12th Floor Old Tower, P.O Box 106, Manama, Kingdom of Bahrain
Email: [email protected]
11. Defined terms
An independent public authority established under the provisions of the PDPL that is legally tasked with overseeing compliance with the PDPL.
Any person or entity that Processes Personal Data on behalf of the Data Protection Controller (other than employees of the Data Manager or Data Protection Controller).
includes the type of mobile device you use, a unique device identified (e.g. your device's IMEI number, MAC address of your Device's wireless network interface, or the mobile number used by your Device, mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, from the following parties: analytics providers, advertising networks, search information providers.
includes your current location disclosed by GPS technology
Information that is about any individual, or from which any individual is identifiable.
Process or Processed or Processing
Anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, classification, storage, modification, alteration, retrieval, use or disclosure by transmission, publishing, transferring, dissemination or otherwise making available to third parties, merging, blocking, wiping, restriction, erasure or destruction.
Sensitive Personal Data
Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health or any other information that may be deemed to
includes details of your use of any of our Apps or your visits to any of Our Sites including, but not limited to, traffic data and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.