email@example.com +234 706 4410 419
How We Manage Your Personal Data
This policy covers the use, storage and dissemination of personal data we obtain from you or about you when you interact with us in the provision of the banking services you request, during your use of the website, and when you complete surveys or register for our webinars or online contact form. This policy also describes our processing of the personal data of individuals representing our business partners and suppliers.
Personal data comprises all the details we hold or collect about you, directly or indirectly, your transactions, transactions you effect, financial information, interactions and dealings with us, including information received from third parties, the public domain, collected through use of our website.
This information include but not limited to customer name, email address
When we disclose personal information for a business purpose to external third parties, the same standards of security and confidentiality described in this policy will be upheld. These third parties act as data processors, acting solely on our instructions and on our behalf, and we establish contracts with them to ensure personal data is adequately protected. These contracts prohibit them from retaining, using, or disclosing any personal data for any purpose other than performing services under our direct instructions and in line with the purposes set out in this policy. The following describes some scenarios for which we may share personal data with a third party:
• Sharing for legal/regulatory purposes
• Sharing with service providers
Cookies are information often including unique identifiers that a website saves on your device or computer when you visit. Currently Eastman MFB use analytics cookies to help us understand how you use our site to discover what content is most useful to you
We will retain and use personal data for as long as is necessary, in any case until the purpose of data collection is achieved and subject to any requirements to retain information in order to comply with any applicable law, regulation, professional requirements or standards.
We have implemented appropriate technical and organizational security measures (such as Secure Sockets Layer (SSL) on our website and access controls on our information systems) to protect the personal data in our care, both during transmission and once we receive it. This includes measures to protect personal data from accidental or unauthorized destruction, loss, or alteration, and from unauthorized disclosure or access.
Eastman MFB takes reasonable and practicable security measures to ensure privacy. In the event of a data breach, we shall report such breach to the relevant authority and if necessary, affected individuals of personal data breach (where the personal data breach will likely result in high risks to the freedoms and rights of the individual) within 72 hours of becoming aware of the breach or being notified by any processor of a personal data breach.
We will take steps to investigate and recover personal data and will ensure security controls are improved to prevent a re-occurrence of the data breach. Personal data breach refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes.
Depending on location and applicable data protection regulation, an individual may be able to exercise some of the following rights regarding their personal data. An individual may be able to:
• request further details about how we process personal data
• request for a copy of any personal data which we hold
• withdraw consent to process personal data, where we rely on consent as a legal basis to justify personal data processing
• restrict/object to the processing of personal data
• request to update or delete personal data which we hold
• request to transfer personal data to a third-party provider of services (data portability)
Please note that we may ask individuals to provide us with the information necessary to confirm their identity before responding. We will aim to acknowledge enquiries within 24 hours and respond within one month unless otherwise required by law. Where permitted to do so, complying with your request may be subject to a fee to meet our associated costs.
We will consider all individual requests.
However, we may not fulfill requests under circumstances where exemptions exist, which include a need to keep processing information to comply with a legal obligation. If such an exception applies, we will notify individuals when responding to their request.
This document was last updated on September 20, 2023.