Data Protection Act, 2012 (Act 843) Compliant
1. Information We Collect
When you open an account, apply for a loan, or use our services, we may collect:
- Personal Identification: Full name, date of birth, Ghana Card or Passport number, TIN, photographs.
- Contact Information: Phone number, email address, residential and postal address.
- Financial Information: Income details, employment information, transaction history, account balances.
- KYC Documentation: Proof of identity, proof of address, and source of funds as required under AML/CFT regulations.
- Digital Information: IP address, browser type, device information when using our online banking services.
2. How We Use Your Information
Your information is used to:
- Open and manage your accounts and process transactions.
- Assess loan applications and manage credit risk.
- Comply with Bank of Ghana regulations, AML/CFT laws, and tax reporting requirements.
- Communicate with you about your accounts, products and services.
- Improve our products, services and customer experience.
- Prevent fraud and protect the security of our systems.
3. Legal Basis for Processing
We process your data based on:
- Contractual Necessity: To fulfil our obligations under your account agreement.
- Legal Obligation: Compliance with the Anti-Money Laundering Act 2020 (Act 1044), Bank of Ghana directives and tax laws.
- Legitimate Interest: Fraud prevention, risk management and service improvement.
- Consent: For marketing communications and non-essential cookies.
4. Data Sharing
We do not sell your personal data. We may share information with:
- Bank of Ghana and other regulators as required by law.
- Credit Reference Bureaus for loan assessments and reporting.
- Third-Party Service Providers (payment processors, IT service providers) under strict confidentiality agreements.
- Law Enforcement when required by court order or legal obligation.
5. Data Security
We implement bank-grade security measures including:
- Encryption of data in transit (TLS) and at rest (AES-256).
- Role-based access controls and multi-factor authentication.
- Regular security audits and penetration testing.
- Incident response procedures aligned to our ISMS framework.
For more details, visit our Security Centre.
6. Data Retention
We retain your data for as long as your account is active and for a minimum of 10 years after account closure, as required by Bank of Ghana regulations and the Anti-Money Laundering Act.
7. Your Rights
Under the Data Protection Act, 2012 (Act 843), you have the right to:
- Access your personal data held by us.
- Correct inaccurate or incomplete information.
- Object to processing for direct marketing purposes.
- Withdraw Consent for optional data processing at any time.
To exercise these rights, visit any branch or contact us at [email protected].
8. Cookies
Our website uses essential cookies required for the site to function. We do not use third-party tracking or advertising cookies. Analytics cookies, if used, are anonymised and help us improve website performance.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated through our website and branch notices. The "Last Updated" date below reflects the most recent revision.
10. Contact the Data Protection Officer
For any questions or concerns about your data privacy:
You may also lodge a complaint with the Data Protection Commission of Ghana.
Last Updated: March 2026