Privacy Policy

Privacy Policy

This Privacy Policy describes how Trust Development Bank (hereinafter referred to as "the Bank") collects, uses, processes, stores, and protects personal data when an individual or entity enters into a banking relationship with the Bank, whether directly, through the website, or via any other service provided. The Bank is committed to ensuring that all processing of personal information complies with applicable legal and regulatory requirements.

1. Collection of Personal Data

In the course of establishing and maintaining a banking relationship, the Bank may collect and process personal data relating to clients, their legal representatives, managers, authorized persons, and any individuals associated with the client relationship. Such data may include:

  • Identification and civil status information
  • Copies of identification documents
  • Contact details
  • Professional and financial information
  • Information relating to legal representatives or authorized persons

To fulfill statutory and regulatory obligations — particularly those relating to anti-money laundering (AML), counter-terrorist financing (CTF), fraud prevention, risk management, and transaction monitoring — the Bank may collect additional information regarding:

  • Individuals associated with the client
  • Beneficiaries, recipients, or intermediaries involved in transactions
  • Parties connected to financial operations linked to the client

Personal data may be obtained directly from the client when opening an account, subscribing to products or services, executing transactions, or communicating instructions. Data may also be obtained from authorized third parties, including commercial registers, public databases, and legally recognized sources.

2. Purposes of Processing

Personal data collected by the Bank will be processed for specified, legitimate purposes, including but not limited to:

2.1 Account and Product Management

  • Administration of account(s), products, and banking services
  • Execution and recording of transactions and orders
  • Fulfillment of contractual obligations

2.2 Relationship Management and Marketing

  • Management of the banking relationship
  • Customer support, service enhancement, and quality monitoring
  • Organization of events and provision of information on relevant products or services
  • Statistical and behavioral analysis for internal purposes

2.3 Regulatory and Compliance Requirements

  • Verification of identity and legal capacity
  • Monitoring of transactions and evaluation of operational risks
  • Prevention of fraud, financial crime, and conflicts of interest
  • Compliance with AML/CTF regulations and reporting obligations

In accordance with applicable laws, the Bank may also record electronic communications — such as telephone calls, emails, instant messages, and other digital channels — for regulatory, security, and quality-assurance purposes.

3. Communication of Personal Data to Third Parties

Personal data may be shared with:

3.1 Entities within the Trust Development Bank

To enable:

  • Management of the banking relationship
  • Provision and support of banking products and services
  • Execution of transactions
  • Centralized accounting, reporting, and operational functions

3.2 Service Providers and Subcontractors

The Bank may entrust certain services to external providers selected for their expertise and reliability. Such providers may support IT processing, document management, customer support, and operational functions. Each provider is bound by strict contractual obligations relating to confidentiality, security, and limited use of personal data.

In all cases, the Bank ensures that appropriate organizational, physical, and technical safeguards are implemented to maintain the security and confidentiality of personal information.

4. International Transfers of Personal Data

Given the international nature of the Bank’s operations, personal data may be transferred to countries outside the African Economic Area, whose data-protection frameworks may differ from those of the African Union.

Such transfers are carried out under:

  • A binding contractual framework compliant with the African Commission’s 2011 standard contractual clauses for data transfers; and
  • Prior authorization from national data-protection authorities, where required.

The Bank may also disclose personal data to official, administrative, judicial, or regulatory authorities — whether inside or outside the African Economic Area — particularly in connection with AML/CTF requirements or other legal obligations.

5. Security of Processing

The Bank implements robust technical, physical, and organizational measures designed to:

  • Protect personal data against accidental or unlawful destruction
  • Prevent unauthorized access, alteration, or disclosure
  • Safeguard the confidentiality, integrity, and availability of information

These security measures are continuously reviewed and updated to ensure compliance with evolving legal standards and technological developments.

6. Rights of Data Subjects

Individuals whose personal data is processed by the Bank have the following rights, in accordance with applicable law:

  • Right of Access: To obtain confirmation of whether their data is being processed and to receive a copy of that data.
  • Right of Rectification: To request correction or updating of inaccurate, incomplete, or outdated information.
  • Right of Erasure: To request deletion of personal data where legally permissible.
  • Right to Object: To object, on legitimate grounds, to the processing of their data (noting that this may affect the Bank’s ability to provide certain services).
  • Right to Restrict Processing: In circumstances defined by law.
  • Right to refuse use for marketing purposes: Individuals may, without justification, object to the use or sharing of their information for commercial or marketing activities.

These rights may be exercised by contacting the client’s usual relationship manager or designated customer-service representative.