BLC Bank S.A.L (hereafter “BLC” “we” “us” “our”) is committed to protect and respect the privacy & rights of every Individual (hereafter “you”). We are dedicated to ensure the confidentiality and privacy of data entrusted to us and seek to be transparent when we collect and use your personal data.
We will protect and use your personal data in the most appropriate way as indicated by this “Privacy Notice” and in accordance with the provisions of Law 81/2018 , BDL basic circular no # 146/2018, and EU General Data Protection Regulation 679/2016 (“GDPR”).
We comply also with the Lebanese banking secrecy Law and therefore, maintain confidentiality regarding our customer’s data, which have been entrusted or made accessible to us with respect to the business and /or contractual relationship.
In this Privacy Notice, we describe our policies and practices regarding your personal data and the way we process them; However and for further details you may refer to our Data Protection Policy.
This section aims to provide definitions for terms/expressions that have particular meaning:
In order to address your request, we have to collect and process data about you.
The type of personal data we process depends on the services and products requested or agreed upon in each case.
We will ask you to provide us with personal data, when you intend to enter into a business and/or contractual relationship with us, as well as during the course of this relationship. Moreover, during the course of our relationship, you must disclose any changes to your personal data without undue delay.
We lawfully obtain data from:
We collect and further process your personal data in compliance with the applicable data protection legal framework, for the following reasons:
We may process some of your data by automatic means, in order to evaluate certain personal aspects (profiling), in the following cases:
We only use your personal data for direct marketing purposes if:
We respect the rights you have under the personal data legal framework, namely the following:
You can exercise any of your rights by referring to any of our branches or by contacting our Data Protection Officer using the details set out in paragraph 15.
It is important to note that the rights set out above are not unconditional and the specific circumstances of the processing being undertaken by BLC determines if these rights may be exercised. Further data concerning these rights and their application can be obtained from the Data Protection Officer.
The Bank commits to take the appropriate and reasonable administrative and technical measures for the safety of the data and their protection from accidental or unlawful loss, misuse, forbidden transmission or access and of any other form of unlawful processing. Although we are fully committed to protect your personal data, security cannot be absolutely guaranteed against threats. In the event that we become aware of a data breach, which may cause you a disadvantage, we will notify you accordingly without undue delay.
Moreover you are responsible for protecting and maintaining protection of any identification, authentication and other security measures regarding our services and products (e.g. PIN numbers, usernames and passwords, mobile devices, card numbers and account numbers), as described in the relevant contracts and/or terms and conditions.
This Privacy Notice may be updated from time to time and without prior notice, in order to reflect our current practices and/or in accordance with any changes in the applicable legal framework. You will always be able to find the most recent version on BLC website and application.
Any visit you make to the site or application where the notice is published subsequent to its update is considered as your approval to the updated version.
Please make sure you carefully read the terms & conditions related to these websites/platforms before submitting your personal data.
For any matters arising out of and/or in connection with this Privacy Statement, you can contact our Data Protection Officer (DPO) on the following address:
Email: [email protected]
Tel: 961 1 387000
BLC is committed to conduct its activities in compliance with Banking Secrecy Law and Data Protection obligations. BLC is aiming to protect the Individuals’ personal data by enforcing a Data Protection Policy that provides the highest level of privacy and security regarding collection and use of data.
This policy describes how the Bank may collect, use, protect and disclose Individuals’ personal information. Personal information comprises all the details BLC holds or collects directly or indirectly about Individuals , their transactions, financial information, interactions or dealings with BLC, including information received from third parties and information collected through the use of BLC website and electronic banking services.
The main legal basis establishing data protection requirements at BLC Bank is the provisions of national law no# 81/2018 , General Data Protection Regulation (GDPR), and BDL circular no # 146/2018 that intend to:
BLC will ensure that the data collected, are effectively protected in order to fulfill individuals’ reasonable expectations of privacy by complying with the applicable laws and regulations.
The purpose of this policy is to set out the principles of data protection that BLC Bank shall follow and to provide a managed framework for fulfilling BLC Bank business needs, accountability and legal responsibilities.
This policy applies to the personal data of individuals, being current and former employees, representatives, shareholders, BOD members, prospective, current and former customers, authorized signatories, beneficial owners, guarantors, advisers, contractors, service providers, partners, payers, payees and security providers. It applies also to personal data gathered in respect of onboarding customers at the outset of any business relationship and after its conclusion.
This policy covers all personal data processed regardless of the mean on which that personal data is stored.
BLC will be guided by data protection Principles relating to processing of personal data.
Personal data may or will be collected, stored, used processed, transferred or disclosed in or outside Lebanon for the following purposes:
BLC will only process sensitive personal data where it is strictly necessary to be carried out for a specific purpose. BLC will take special care when processing sensitive personal data because it represents a greater intrusion in individual privacy than when processing non sensitive data, in particular in ensuring the necessity of the Processing and security of the Sensitive Personal Data.Access to a data subject personal Data is limited to authorized persons whose status, duties and responsibilities specifically require or justify access to such data.
BLC shall put in place a procedure to be followed by all employees to deal with any suspected personal data breaches. The suspicious case will be reported immediately to the DPO for further investigation and conclusion. A log of personal data breaches will be maintained and submitted periodically to Senior Management.
BLC may disclose and/or transfer a data subject’s Personal Data both inside and outside Lebanon for the purposes highlighted in this policy and allowed or required by applicable laws and regulations to the following:
BLC will reasonably make sure that third parties who receive personal data of a data subject shall treat the personal data with confidence and in accordance with Data protection law and regulations. BLC will not transfer data of the data subject to any third party to be used for direct marketing purposes without obtaining the prior consent of the data subject.
Data subjects have rights when it comes to how BLC handle their personal data. These include rights to:
BLC must impose direct compliance obligations on data processors by including specific contractual requirements in any agreement with the data processor. BLC will consider the following requirements when dealing with a third party:
Board of Directors
Data Protection Officer –DPO
The Head of Compliance is appointed as DPO who shall be entrusted with the duty to perform the following tasks:
Group / Departments Heads
Information Security Department