Skip to content

Privacy Policy

Si vous souhaitez consulter la version française de la politique de confidentialité, merci de cliquer ici

We're committed to safeguarding your privacy and personal information


Introduction

First Abu Dhabi Bank France (“FAB France”) as a branch of First Abu Dhabi Bank PJSC (“FAB PJSC”) is committed to providing the highest level of protection to the processing of its customers’ personal data based on applicable data protection laws and regulations.

This policy describes how FAB France alone, or jointly with FAB PJSC, may collect, use, store, disclose or otherwise process your personal data including personal data provided when using Bank’s websites (“FAB Websites”). For more information on joint processing, please refer to the "Outline of the Joint Responsibility Agreement" section of this document.

Personal data comprises all the details that FAB France, if applicable with FAB PJSC, collects and processes directly or indirectly about the client as individual client or representative of a corporate client, for instance information about the identity and contact details (such as name, email id, contact number) of the client , his / her transactions, financial information, interactions or dealings with FAB France, including information received from third parties and information collected through use of FAB Websites, cookies or other similar tools and our electronic banking services.

The use of the FAB Websites and any products and services supplied are subject to the Bank’s Terms and Conditions.

If the customer has any questions regarding this data protection policy or the protection of his / her personal data, they may please contact FAB France’s Data Protection Officer and data protection team at the following:

Data Protection Officer France
10 rue Magellan,
75008, Paris, France.
Email: dpofabfrance@bankfab.com

For more information about using of cookies please refer to First Abu Dhabi Bank’s Cookie Policy.

Retention of Personal Information

The customer’s personal data processed by FAB France are kept in a form which permits the customer identification for no longer than is necessary for the purposes for which the personal data are processed in line with legal, regulatory or statutory obligations.

At the expiry of such periods, customer’s personal data will be deleted or archived to comply with legal retention obligations or in accordance with applicable statutory limitation periods.

Purpose of the processing Retention period
Processing applications for products and services, including assessing customer suitability and performing necessary checks and risk assessments
Data are processed for the duration of the contractual relationship plus the duration of legal prescriptions
Providing products and services (including electronic banking services), including effecting payments, transactions and completing instructions or requests Data are processed for the duration of the contractual relationship plus the duration of legal prescriptions
Establishing and managing banking relationships and accounts Data are processed for the duration of the contractual relationship plus the duration of legal prescriptions
Preventing, detecting, investigating and prosecuting crimes (including but not limited to money laundering, terrorism, fraud and other financial crimes) in any jurisdiction, identity verification, government sanctions screening and due diligence checks Data are processed for five years from the closure of the account or the termination of the relationship

Complying with applicable local or foreign law, regulation, policy, voluntary codes, directive, judgement or court order from any authority, regulator or enforcement agency or body or any request coming from said entities

Data are processed for the duration of legal prescriptions
Surveillance of premises Data processed through CCTV system are stored for 1 month
Establishing, exercising or defending legal rights in connection with legal proceedings (including any prospective legal proceedings) and seeking professional or legal advice in relation to such legal proceedings Data are processed until the judgment has acquired the authority of a final decision
Monitoring and improving our website and its content Data are processed for a maximum period of 13 months from the date of deposit in the user's terminal equipment unless the data subject objects
Conducting market research and surveys with the aim of improving our products and services The data used for statistical purposes are no longer qualified as personal data once they have been duly anonymized
Sending the customer  information about our products and services for marketing purposes and promotions For customers, data are processed for the duration of the contractual relationship plus three years

For prospects, data are collected for three years from the last contact

For commercial and marketing communication, data are kept until the data subject objects or withdraws its consent
Carrying out studies and surveys to establish analysis reports on FAB France's compliance with its internal rules and regulations, in particular banking regulations. The data is kept for 5 years from the closing of the account or the termination of the relationship
Carrying out consultations and/or declarations to the Fichier National des Incidents de remboursement des Crédits aux Particuliers, as well as to the Fichier Centrale des Chèques.

The information is either kept in the file for five years from the date on which the incident is declared to FICP, or deleted upon full payment of the sums due.

The measures relating to a conventional recovery plan are kept for the entire duration of the plan's implementation, without being able to exceed seven years, or are written off as soon as the debts to all creditors included in the plan or in the judgment have been paid in full.

The judge's decisions relating to the closure of the personal recovery proceedings are maintained for a period of five years.

Information relating to regularized payment incidents must be deleted from the file no later than 48 hours following notification of the adjustment to the merchant. Information relating to unregulated payment incidents can only be kept in the file for a period of 3 years starting from the occurrence of non-payment.

Ensure the security of information systems, and consequently prevent, detect and avoid any data leakage.

The data in the logs are kept for six months and then deleted.
The data necessary for the monitoring of vulnerabilities and security incidents are kept for five years, except in the case of legal proceedings (retention for the duration of the proceedings)

Billing management The accounting records are kept for a period of ten years from the end of the financial year.
Management of the exercise of their rights by data subjects The data is kept for the duration of the management of the rights, increased by the legal prescription periods.
Managing the monitoring and improvement of our website and its content Depending on the type of cookies used, the data is kept between 6 and 13 months maximum.

Outline of the agreement between joint controllers

Contact Point

The Data Protection Officer, whose contact details are set out above, is the point of contact for the customers and can be contacted for any questions relating to data processing.

Data Subject Rights Subject to applicable law, regulations and/or banking industry guidelines, the customer may have the right to invoke a data subject right in relation to his / her personal data being processed by FAB France.

FAB France shall provide information on action taken on a request pertaining to the rights above without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. FAB France shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay.

To invoke customer’s data subject rights, the customer may send an email or a postal mail to data protection officer (see contact details above).

Finally, the customer is entitled to lodge a complaint with a competent Data Protection Authority where existing, concerning FAB France’s compliance with the applicable data protection laws and regulation.

FAB France may be allowed by law, in particular in case of excessive or manifestly unfounded request, to charge a fee for fulfilling the request of the customer, subject to applicable conditions.

The rights that the customer can invoke as a data subject can be:

Security

The security and confidentiality of the customers’ Personal Data is important to FAB France which has invested significant resources to protect the safekeeping and confidentiality of the personal data. When using external service providers acting as processors, the bank requires that they adhere to the same standards as FAB France. Regardless of where the personal information of the customer is transferred or stored, the Bank takes all steps reasonably necessary to ensure that personal data is kept secure.

Changes to this Privacy Policy

FAB may in its absolute discretion update this policy from time to time.