business@eastmanmfb.com +234 706 4410 419

Data Protection & Privacy Policy

How We Manage Your Personal Data

The purpose of this document is to inform the customers, employees and connected person of how Eastman Microfinance Bank Nig Limited manages Personal Data (as defined below) which is subject to the Nigeria Data Protection Regulation 2019..

Contents

  • Consent
  • Personal Data
  • Collection of Personal Data
  • Purpose for the Collection, Use and Disclosure
  • Disclosure of Personal Data
  • Use of Cookies and Related Technologies
  • Data Security
  • Third-Party Sites
  • Data Retention
  • Your Rights
  • Contacting Us, Feedback, Withdrawal of Consent, Access and Correction of Personal Data
  • Right to Amend the Policy

Consent

By interacting with us, filling out our forms both electronically and physically at our branch office or via our authorized employee, submitting information to us, or signing up for any products or services offered by us, the user agrees and consent to Eastman Microfinance Bank collecting, using, and disclosing such Personal Data to the authorised service providers and relevant third parties in the manner outlined in this Policy.

Personal Data

In this Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, bank verification number, passport or other identification numbers, telephone number(s), mailing address, email address, transactional data and any other information relating to any individuals which you have provided us in any form you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you.

 

 

Collection of Personal Data

Generally, we collect Personal Data in the following ways:

  • when you interact with us using our our online electronic messaging and chat option like Emails, Whatsapp and website contact form
  • when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
  • when you interact with our staff, including relationship managers and their assistants, example via telephone calls (which may be recorded), letters, fax, face-to-face meetings, electronic meetings and emails;
  • when your images are captured by us via closed-circuit television cameras (“CCTVs”) while you are within our premises, or via photographs or videos taken by us or our representatives when you attend events hosted by us;
  • when you use some of our services provided through online and other technology platforms, such as websites and apps, including when you establish any accounts with us;
  • when you request that we contact you, or include you in an email or other mailing lists; or when you respond to our request for additional Personal Data, our promotions and other initiatives;
  • when you are contacted by, and respond to, our marketing representatives, daily collection agents and other service providers;
  • when we seek information about you and receive your Personal Data from third parties in connection with your relationship with us, for example, from referrers, business partners, public agencies or the relevant authorities;
  • through physical access, internet and information technology monitoring processes;
  • in connection with any investigation, litigation, registration or professional disciplinary matter, criminal prosecution, inquest or inquiry which may relate to you or any Connected Person; and/or;
  • when you submit your Personal Data to us for any other reason.
  • When you browse our website and platforms, We do not, at our website and platforms, automatically collect Personal Data, including your email address unless you provide such information.

If you provide us with any Personal Data relating to a third party (for example, information of your spouse, children, parents, or a Connected Person), by submitting such information to us, you represent to us that you have obtained the consent of the third party to you providing us with his/her Personal Data for the respective purposes. “Connected Person” may include but is not limited to any beneficial owner, authorised signatory, director, shareholder, an officer of a company, partner or member of a partnership, settlor, trustee, beneficial owner, protector or grantor of trust, mandate holder, power of attorney holder, surety, third party security provider, provider of funds, founder and/or employee, the payee of designated payment, representatives, agents or nominees.

You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested.

You agree to inform Eastman Microfinance Bank immediately of any change of facts or circumstances which may render any information or Personal Data previously provided inaccurate, untrue or incorrect and provide any information or documentation as Eastman Microfinance Bank may reasonably require for verifying the accuracy of the updated information or Personal Data.

Purposes for the Collection, Use and Disclosure of Your Personal Data

Generally, the Bank, uses and discloses your Personal Data for the following purposes:

  • responding to, processing and handling your complaints, queries, requests, feedback and suggestions;
  • verifying your identity and customer due diligence as required by law
  • managing the administrative and business operations of Eastman Microfinance Bank and complying with internal policies and procedures (including but not limited to facilitating business continuity planning);
  • audit purposes;
  • verifying or confirming trade/investment orders or instructions from you or for your account (including but not limited to instructions on fund transfers or remittances);
  • matching any Personal Data held which relates to you for any of the purposes listed herein;
  • resolving complaints and handling requests and enquiries;
  • preventing, detecting and investigating crime, including fraud and money-laundering or terrorist financing, and analysing and managing commercial risks (including but not limited to preventing and detecting loss of Eastman Microfinance Bank proprietary and sensitive information);
  • project management;
  • providing media announcements and responses, for example in relation to complaints or lawsuits;
  • requesting feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to design our products, understand customer behaviour, preferences and market trends, and to review, develop and improve the quality of our products and services;
  • managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
  • managing and preparing reports on incidents and accidents;
  • organising events, seminars or training;
  • complying with any applicable rules, laws and regulations, codes of practice or guidelines, obligations, requirements or arrangements for collecting, using and disclosing Personal Data that apply to Eastman Microfinance Bank or that it is expected to comply, according to:
  • any law binding or applying to it within Nigeria existing currently and in the future;
  • any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within Nigeria existing currently and in the future;
  • any present or future contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers that is assumed by or imposed on Eastman Microfinance Bank because of its financial, commercial, business, or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations;
  • to assist in law enforcement and investigations by relevant authorities;
  • in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
  • archival management (including but not limited to warehouse storage and retrievals); and/or
  • any other purpose relating to any of the above.
  • These purposes may also apply even if you do not maintain any account(s) with us or have terminated these account(s).

Also, Eastman Microfinance Bank collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:

  • If you are a prospective customer:
  • evaluating your eligibility to open an account with us and your financial and banking needs and providing recommendations to you as to the type of products and services suited to your needs;
  • assessing and processing any applications or requests made by you for products and services;
  • and/or any other purpose relating to any of the above.
  • opening, maintaining or closing of accounts and our establishing or providing banking and trust services to you;
  • processing fund transfers or any other instructions provided concerning the account of a Eastman Microfinance Bank customer;
  • where account or relationship managers or staff of the bank have been assigned to service your account , using your telephone number(s) to contact you from time to time to take your instructions, and/or provide you with information and updates about the bank’s service.
  • processing applications for and facilitating the daily operation of services and credit facilities provided to you;
  • conducting credit checks at the time of application for credit and at the time of regular or special credit reviews;
  • facilitating or processing your application for investment products and/or other services offered by Eastman Microfinance Bank;

 

  • providing internet banking services (including but not limited to carrying out special handling requests for PIN mailers and tokens);
  • networking to maintain customer relationship;
  • providing client servicing (including but not limited to responding to individual requests by customers, mailing services, reconciliation services and providing customer satisfaction);
  • facilitating the transfer of funds within Eastman Microfinance Bank accounts or from Eastman Microfinance Bank accounts to external banking accounts and vice versa;
  • administering exceptional approvals, fee adjustments or waivers;
  • registering the pledge or charge that you or the surety or the third party security provider has granted in favour of Eastman Microfinance Bank as security for the credit facilities granted by Eastman Microfinance Bank to you;
  • administering debit cards (including but not limited to processing card applications, transactions and credit limit approvals);
  • providing cheque deposits and issuance services;
  • determining and collecting amounts owed by you or the borrower for whom you act as surety or third party security provider or those providing security or acting as surety for your liabilities and obligations;
  • enabling any Company or third party to perform the functions that Eastman Microfinance Bank may have outsourced to it concerning the management of your account or transactions;
  • If you are an employee or agent of a referrer or other intermediary:
  • marketing services and products;
  • processing commission remuneration;
  • performing due diligence and reference checks; and/or
  • any other purpose relating to any of the above.
  • If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by Bank;
  • managing project tenders or the supply of goods and services;
  • processing and payment of vendor invoices;
  • complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities (which includes disclosure to regulatory bodies or audit checks); and/or
  • any other purpose relating to any of the above.
  • If you are a party or counterparty to a transaction (for example, a beneficiary of a fund transfer or payment):
  • providing cash, payment and transactional services (including but not limited to the execution, settlement, reporting and/or clearing of the relevant transaction); and/or
  • any other purpose relating to any of the above.
  • If you sit on the Eastman Microfinance Bank Board of Directors:
  • facilitating appointment to the Board (including but not limited to managing the publication of directors’ statistics on annual reports and circulars);
  • complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities (including but not limited to disclosures to regulatory bodies or conducting due diligence);
  • administrative matters (including but not limited to the maintenance of statutory registers and lodgement of directors’ fee);
  • any other purpose relating to any of the above.

Eastman Microfinance Bank will collect and process your Personal Data in accordance with the legitimate purposes consented to by you provided that further processing may be done for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes as provided for in the Data Protection Regulation

Disclosure of Personal Data

Eastman Microfinance Bank will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be provided, for the purposes listed above (where applicable), to the following entities or parties:

  • counterparties and their respective banks concerning transactions for your account including fund transfers, payments, issuance of standby letters of credit.
  • third party recipients of reference letters;
  • any person (1) who provides security or acts as surety for your liabilities and obligations to Eastman Microfinance Bank or (2) for whom you act as surety or third party security provider;
  • agents, contractors, vendors, installers, or third-party service providers who provide administrative or operational services to the Bank, such as courier services, telecommunications, information technology, payment, payroll, processing, training, market research, storage, archival, customer support investigation services or other services to Eastman Microfinance Bank;
  • Our service providers: Eastman Microfinance Bank use other companies, agents or contractors to perform services on our behalf or to assist us with the provision of our services and products to you, including:
  • infrastructure and IT service providers, including cloud storage for data, email archiving etc.
  • marketing, advertising and communications agencies.
  • credit reference agencies
  • external auditors and advisers.
  • offsite archival storage providers
  • In the course of providing such services, these service providers may have access to your personal information. However, we will only provide our service providers with personal information which is necessary for them to perform their services, and we require them not to use your information for any other purpose. We will use our best efforts to ensure that all our service providers keep your personal information secure.
  • agents, contractors, vendors or other third-party service providers in connection with marketing, products and services offered by the Bank;
  • analytics, search engine providers or third-party service providers that assist us in delivering our products, services, websites and platforms as well as improving and optimising the same;
  • credit reporting agencies;
  • debt collection agencies;
  • our professional advisers such as our auditors and lawyers;
  • third parties who provide corporate advisory services or due diligence services in connection with you, any Connected Person or your account held with the Bank;
  • relevant government regulators, government agencies/ministries, statutory boards or authorities or law enforcement agencies who have jurisdiction over Eastman Microfinance Bank
  • corporate service providers or lawyers, who are appointed by you;
  • collection and repossession agencies concerning the enforcement of repayment obligations for loans;
  • third parties who organise promotional or marketing events, seminars or training;
  • any person to whom Eastman Microfinance Bank is under an obligation or otherwise required to make disclosure under the requirements of any law binding on or applying to Eastman Microfinance Bank
  • any other party to whom you authorise us to disclose your Personal Data to.

Use of Cookies and Related Technologies

Our websites use cookies and other technologies. Cookies are small text files stored in your computing or other electronic devices when you visit our website and platforms for record-keeping purposes. Cookies are stored in your browser’s file directory, and the next time you visit the website or platform, your browser will read the cookie and relay the information back to the website, platform or element that originally set the cookie.

Currently Eastman Microfinance Bank’s website use analytics cookies to help us understand how you use our site to discover what content is most useful to you

 

Data Security

Eastman Microfinance Bank will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you,

We have implemented technical and organisational security measures to safeguard the personal information in our custody and control. Such measures include, for example, limiting access to personal information only to employees and authorised service providers who need to know such information for the purposes described in this policy; adopting security protocols on networks and systems; using email security settings when sending and/or receiving highly confidential emails; applying physical access controls such as marking confidential documents clearly and prominently, storing confidential documents in locked file cabinets; restricting access to confidential documents on a need-to-know basis; using privacy filters; disposal of confidential documents that are no longer needed, through shredding or similar means; using a mode of delivery or transmission of personal data that affords the appropriate level of security (e.g. registered post instead of the normal post where appropriate); confirming the intended recipient of personal data as well as other administrative, technical and physical safeguards.

While we endeavour to protect our systems, sites, operations and information against unauthorised access, use, modification and disclosure, due to the inherent nature of electronic data, we cannot guarantee that any information, stored on our systems, will be safe from intrusion by others, such as hackers. We partner with our service provider to engage various forms of security method like Encryption, Backup and Recovery, Firewall and Access control, all together put in place to ensure the protection against data breaches.

Third-Party Sites

Our website may contain links to other websites operated by third parties. We are not responsible for the privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the privacy policies of such third party websites.

Data Retention

We will only retain your personal data for as long as necessary for the purpose for which that data was collected and to the extent permitted by applicable laws. In general, we will keep your personal data for between five (5) to ten (10) years (depending on the type of information, and in accordance with our internal policies) after your relationship with us is terminated. However, there may be circumstances that mean we must retain your personal information for longer. To determine how long it is necessary to retain your personal information, we calculate retention periods in accordance with the following criteria:

  • the currency of your relationship with us and the types of products or services you have with us;
  • the length of time it is reasonable to keep records to demonstrate that we have fulfilled our obligations to you and under the law;
  • any limitation periods within which claims might be made;
  • any retention periods prescribed by law or recommended by regulators, industry bodies or associations; and
  • the existence of any relevant proceedings.

Your Rights

The data protection laws provide individuals with the following rights:

  • Right of subject access: The right to make a written request for details of personal information we hold about you and to request a copy of that personal information.
  • Right to rectification: The right to have inaccurate information about you rectified.
  • Right to erasure (‘right to be forgotten’): The right to have certain personal information about you erased.
  • Right to restriction of processing: The right to request that your personal information is only used for restricted purposes.
  • Right to object: The right to object to the use of personal information (including the right to object to marketing).
  • Right to data portability: The right to ask for the personal information you have made available to us to be transferred to you or a third party in machine-readable formats.
  • Right to withdraw consent: You have the right to withdraw any consent you have given us to handle your personal information. If you withdraw your consent, this will not affect the lawfulness of the use of your personal information before the withdrawal of your consent. These rights may not apply in all cases. If we are not able to comply with your request, we will explain why. In response to a request, we will ask you to verify your identity if we need to and to provide information that helps us to understand your request better. If you would like more information about your rights or to exercise any of your rights, please contact with the details below.
  • Right to lodge a complaint with a supervising authority: You have the right to lodge a complaint with the National Information Technology Development Agency or a Data Protection Compliance Organisation licensed by the Agency.

Contacting Us – Feedback, Withdrawal of Consent, Access and Correction of your Personal Data

If you:

  • have any questions or feedback relating to your Personal Data or our Data Protection Policy;
  • would like to withdraw your consent to any use of your Personal Data as set out in this Data Protection Policy; or
  • would like to obtain access and make corrections to your Personal Data records, please contact us as follows:

Eastman Microfinance Bank
2a Colliery Avenue GRA Enugu,
Nigeria

Please note that if your Personal Data has been provided to us by a third party, you should contact that such party directly to make any queries, feedback and access and correction requests to Eastman Microfinance Bank on your behalf.

If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, Eastman Microfinance Bank may not be in a position to continue to provide its products or services to you.

A withdrawal of consent may also result in the termination of any agreements you have entered into with Eastman Microfinance Bank and your being in breach of your contractual obligations or undertakings, and Eastman Microfinance Bank’s legal rights and remedies in such event are expressly reserved.

Right to Amend the Privacy Notice

Eastman MFB may periodically change its privacy policy to reflect updates to personal data processing activities conducted. Changes will become effective as of the published effective date. Hence, our privacy policies will be dated to reflect the most recent update.

Personal Banking

Corporate Banking

About EastmanMFB

Help & Resource