Privacy Policy
This Privacy Policy regulates how personal information can be used by United Bank for Africa Cameroon (“UBA” or “the Bank”) and its partner Ossix Technologies, LLC (Ossix).
In line with the provisions of the CEMAC Data Protection Regulation and other applicable Data Privacy laws and regulations, UBA and Ossix maintain the following privacy principles, which govern how we collect, use and manage your personal data.
Lawful Reasons for Collecting Personal Data by the Bank
- The Consent of the Data Subject.
- Offer of Banking and allied services to the Data Subject.
- Offer of employment to the Data Subject.
- Performance of Contract.
- Compliance with Legal obligation.
- Necessary to protect the vital interests of a person in line with Data Privacy regulations.
- Necessary for the performance of a task carried out in the public interest.
- In the legitimate interests of the Bank (except where those interests are overridden by the interests or rights and freedoms of the data subject).
Collection of Personal Information
United Bank for Africa Cameroon is a registered Bank with Headquarters in Douala, at 1719 Boulevard de la Liberté, Akwa, Boîte Postale 2088.
As a responsible business, UBA is committed to compliance with data protection regulations in collecting and processing personal data as defined in Cameroun Data Protection Regulation and other applicable Data Privacy regulations.
The regulations of the CEMAC sub-region and Cameroonian law give you certain rights regarding our use of your personal data, including the right to:
- Request access to the personal data we have collected about you to review, modify, or requesting deletion of the data.
- Request a copy of the personal data that we have collected about you and to have any inaccuracies in that data corrected.
- Request that we cease processing your personal data.
- Lodge a complaint with a competent data protection authority.
- Data portability.
Note that some laws may prevent us from providing access to your personal data or otherwise fully complying with your request depending upon the circumstances and the request. For example, producing your information may reveal another person’s identity. We reserve the right to charge an appropriate fee for complying with your request where applicable law allows, and/or deny your requests where they may be manifestly unfounded, and excessive, or otherwise objectionable or unwarranted under applicable law.
What do we need?
United Bank for Africa Cameroon will be known as the “controller” and “processor” of the personal data you provide to us.
We will only collect basic personal data from you, which will include Name, Address, Nationality, Email, Phone number, ID Number, Bank Verification Number (BVN), IP address, device unique ID, device serial number, network adapter MAC address, device OS version, device OS name, location, mobile network and any other information as may be mandated by the regulatory requirements of the respective countries and their applicable central bank requirement.
We will NEVER ask for personal banking information such as card details (CVV); PIN, Password; Secure Passcode; or Token number.
We will NEVER ask for information relating to sensitive data such as your religious, philosophical, political or trade union opinions or activities, sex life or genetic and biometric information, health and social measures.
Why do we need it?
We require your basic personal data to provide you with banking services you have engaged us for based on the requirements from the respective Central banks and/or governmental regulations in line with the applicable Data Privacy regulations and our Data Privacy Framework/Policy.
What do we do with it?
To enable you to obtain banking services through us, we will require you to collect, store and process some of your personal data as required under the law. Your consent is required to make banking services available to you in accordance with the law/regulation in force.
All the personal data that the Bank collects from you will be held and processed from our Facilities at Douala Headquarters or any of our sister companies, subsidiaries, parent companies and/or authorised service providers (third parties) where applicable in a secure manner. Unless required by a Legal or regulatory requirement for the Banking services, your data will be held confidential. We will take all reasonable actions to ensure that the personal data of all customers and employees are handled securely and in a controlled manner. The Bank complies with the latest Information security standards such as PCI-DSS, ISO/IEC 27001:2013 etc.
How long do we keep it?
As a regulated financial services institution, we will retain your personal data for ten (10) years or as may be required by regulation in the country under consideration, after which it will be disposed of as required under the respective Government laws and Banking regulations. Please note that regulations may require the Bank to retain your personal data for a specified period, even after your banking relationship with us ends.
Use or Sharing of Personal Data
All personal data collected will be processed from our Facilities at Douala Headquarters or any of our sister companies, subsidiaries, parent company and may be shared with Third parties and Service providers to complete the service to the customers in line with CEMAC Data Protection Regulation and any applicable Data Protection Laws.
In addition, we may disclose your personal data:
- If we are required to do so by law or legal process;
- To law enforcement authorities or other government officials;
- When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity;
- If disclosure is necessary to protect the vital interests of a person;
- To enforce our Terms and Conditions;
- To protect our property, services and legal rights;
- To prevent fraud against UBA, our subsidiaries, affiliates and business partners;
- To support auditing, compliance, and corporate governance functions; or
- To comply with any applicable laws.
Data Security
At UBA, security is our top priority, and we always strive to ensure that your personal data shall be protected against unauthorised or accidental access. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal data with us.
Our web servers are protected behind “firewalls”, and our systems are monitored to prevent unauthorised access. We will not send personal information to you by ordinary email. As the security of ordinary email cannot be guaranteed, you should only send emails to us using the secure email facility on our website.
All practical steps shall be taken to ensure that personal data will not be kept longer than necessary and that the Bank will comply with all statutory and regulatory requirements concerning the retention of personally identifiable information.
Our commitment to Data Security is paramount to us at UBA. Your personally identifiable information is kept secure in line with applicable Data Protection Regulations. Only authorised members of staff, agents and contractors (who have agreed to keep information secure and confidential) have access to this information.
Security Assurance
UBA and its customers shall play an important role in protecting against online fraud. You should be careful that your bank account details, including your User ID and Password, are not compromised by ensuring that you do not knowingly or accidentally share, provide or facilitate unauthorised use of it. Please do not share your User ID and password or allow access or use of it by others. UBA endeavours to put in place high standards of security to protect your interests.
You should safeguard your unique User ID and Password by keeping them secret and confidential. Never write them down or share these details with anyone. If you think your User ID and password have been disclosed to a third party, is lost or stolen, and unauthorised transactions may have been conducted, you are responsible for informing us immediately.
Remedies for personal data violation
If your personal data is violated at any given time, you are at liberty to contact the Data Protection Officer (DPO) of the bank at dataprotectionoffice@ubagroup.com.
Within a reasonable timeframe of UBA receiving a complaint, UBA shall notify the Individual in line with data privacy requirements of either, (i) UBA’s position with regard to the complaint and any action UBA has taken or will take in response; or, (ii) when the individual will be informed of UBA’s position, which date shall be in line with data privacy requirements.
Remedies shall include but are not limited to investigating and reporting to appropriate authorities, recovering the personal data, correcting it and enhancing controls around it.
Cross Border Transfer
Given the scope of our banking operations, we process data inside and outside Cameroon and rely on legally-provided mechanisms to lawfully transfer data across borders. Countries where we process data may have laws different from, and potentially not as protective as, the laws of Cameroun and the EU.
UBA shall not transfer your personal data to a foreign country or international organisation in contravention of CEMAC Data Protection Regulation, General Data Protection Regulation and other applicable Data Protection Laws.
Please click here to express your consent to allow us to collect and use your personal data to continue providing you with banking services.
Please contact us if you want to know more about our Data Privacy policy and withdraw some or all of your consent. We will be more than glad to help you in accordance with the regulations.
Data Retention
As a regulated financial services institution, we will retain your personal data for ten (10) years or as may be required by regulation in the country under consideration, after which it will be disposed of as required under the respective Government laws and Banking regulations. Please note that regulations may require the Bank to retain your personal data for a specified period, even after your banking relationship with us ends.
Your obligations
Where you share personal data of third parties with us, including your directors, officers and authorised signatories (Data Subjects), you are responsible for and warrant that you shall obtain their written consent for the processing and transfer of their personal data for the purpose of your contract with us and the provision of banking services to you.
Jurisdiction
This Privacy Policy is established in compliance with Cameroonian and CEMAC law.
For any disputes that may arise during the interpretation or execution of this Privacy Policy, the dispute will be brought before the competent courts of Douala, to which the parties assign exclusive jurisdiction.
Use of Cookies
Cookies are small bits of information that are automatically stored on a person’s web browser in their computer that can be retrieved by this site.
Your visit to our websites, digital and electronic platforms (“Site”) may be recorded to analyse the number of visitors and general usage patterns. Some of this information will be gathered through the use of “cookies”. Should you wish to disable these cookies, you may do so by changing the setting on your browser.
The Site may use cookie and tracking technology depending on the features offered. Cookie and tracking technology are useful for gathering information such as browser type and operating system, tracking the number of visitors to the Site, and understanding how visitors use the Site.
Cookies can also help customise the Site for visitors. Personal information cannot be collected via cookies and other tracking technology; however, if you previously provided personally identifiable information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.
Changes to Privacy Policy
We review this Privacy Policy regularly and reserve the right to make changes at any time to take account of changes in our business and legal requirements. We will place updates on our website (www.ubagroup.com).
Privacy Contact Information
If you have any questions, concerns, or comments about our privacy policy, you may contact us using the information below:
- Data Protection Office, UBA
- Email:dataprotectionoffice@ubagroup.com, cfc@ubagroup.com, cfccameroon1@ubagroup.com
- Phone +237 233 50 67 82
- UBA Cameroon 1719 Boulevard de la Liberté, Akwa,