Privacy Policy

By viewing or using our site, you agree that you have read and accepted this privacy policy (as amended and posted on this site from time to time) and our terms of use as set out on the site (of which this privacy policy forms part). You may only use this site if you consent to the uses of your personal data being made as are set out in this privacy policy and if you agree to be bound by our terms of use and, where relevant, the SF Private Bank terms and conditions.

For any questions about our Privacy Policy or how it applies to specific data, please feel free to reach us at: [email protected]. We will ensure your concerns are resolved.

Introduction

Welcome to https://www.sf-privatebank.com/. In this privacy policy the expressions "we" and "us" mean SF Private Bank. We take your privacy seriously and this Privacy Policy explains the steps we take to ensure information about you is kept secure and confidential.

This privacy policy sets out details of the personal data we collect about our customers and how we may use that information to personalize, improve and continue to operate the SF Private Bank services. We advise visitors of our website to review it often for the periodic updates we do for our Privacy Policy. This Privacy Policy applies to:

  • Our cardholders globally.
  • Visitors and users of https://www.sf-privatebank.com/, and any other website and mobile application through which you interact with SF Private Bank in your use of the card or related services (collectively, the “Websites”).

What Information Do We Collect?

Personal Data that we collect about you:

Personal Data is any information that relates to an identified or identifiable individual. The Personal Data that you provide directly to us through our Sites will be apparent from the context in which you provide the data. In particular:

  • When you register for a SF Private Bank account we collect your full name, email address, physical address, date of birth, country of citizenship, country of residence, phone number, and account log-in username credentials.
  • Visitors and users of https://www.sf-privatebank.com/, and any other website and mobile application through which you interact with SF Private Bank in your use of the card or related services (collectively, the “Websites”).

When you respond to SF Private Bank emails or surveys, we collect your email address, name and any other information you choose to include in the body of your email or responses.

If you contact us by phone, we will collect the phone number you use to call SF Private Bank.

If you contact us by phone as a SF Private Bank user, we may collect additional information in order to verify your identity. If you are a SF Private Bank user, you will provide your contact details, such as name, postal address, telephone number, and email address for verification.

As part of your business relationship with us, our 3rd party service provider may also receive financial and personal information about you, such as your date of birth and government identifiers associated with you and your organization (such as your Social Security Number, Tax Number, or Employer Identification Number). If you are a customer, when you make payments or conduct any transactions through a SF Private Bank user’s website or application, our 3rd party service provider will receive your transaction information. The information that they collect will include payment method information (such as credit, debit, or prepaid card number or bank account information), purchase amount, date of purchase, and form of payment. Different payment methods may require the collection of different categories of information. The SF Private Bank user will determine the payment methods that enables you to use.

When we conduct fraud monitoring, prevention and detection activities, we may also receive your personal data from our business partners, financial service providers, identity verification services, and publicly available sources (e.g., name, address, phone number, country), as necessary to confirm your identity and prevent fraud. Our fraud monitoring, detection and prevention services may use technology that helps us assess the risk associated with an attempted transaction that is enabled on the SF Private Bank user’s website or the application that collects information.

Information that we collect automatically on our Sites:

When you make payments through the SF Private Bank services, we or our payment processor may collect information related to your payments, such as your payment method, account number, account type, or card expiry date. The use and storage of such information is governed by this General Privacy Policy and the privacy policy of the respective processor includes:

  • Browser and device data, such as IP address, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons and the language version of the Sites you are visiting.
  • Usage data, such as time spent on the sites, pages visited, links clicked, language preferences, and the pages that led or referred you to our sites.

How we use personal data

We will only use your personal data where the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • where we need to perform the agreement, we have entered with you;
  • where we need to comply with legal or regulatory authority; or
  • where it is necessary for our legitimate interests and only if your interests and rights do not override those legitimate interests.

Information Provided to Us by Third Parties

Information that we collect automatically on our sites:

To use your personal information described in above section, we may obtain those information from you when you purchase using cards or use related services, we may obtain personal information about you from the distributors, or other partners supporting the distribution and servicing of, those cards to help us with customer authentication and credit-related agreements. SF Private Bank may also collect information about you from third parties that perform services and analytics for us and collect your information such as demographic and interest data namely, gender, age range, location, sports enthusiast etc. These third parties may include credit bureaus, data providers, fraud detection services and data analytics providers.

What we do with the information provided to us by third parties:

When you visit our website, you provide us with your email address or mobile phone number through “refer-a-friend” options or social networking platforms. We use these email addresses and mobile phone numbers to send promotional offers, free trials, card products and services purchased by others for your use and SF Private Bank promotional marketing information, all in accordance with applicable laws. In case you wish to stop receiving marketing promotional information, please use the “unsubscribe” button.

Data Security

  • We have put in place appropriate and industry-standard security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to only those employees who have a legitimate reason and clearance to view and process it.
  • All our service providers with access to your personal data are all subject to a strict duty of confidentiality.
  • We have put in place procedures to deal with any suspected personal data breach and will notify you and the ICO of a breach where we are legally required to do so.
  • We secure your personal data on our servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All personal information is transmitted to other Websites using Secure Socket Layer (SSL) encrypted protection.
  • Consent

    By registering your details with us, you also consent to our using and/or disclosing your personal data for the following purposes: to selected third parties for the purposes of providing and operating our services; and providing or arranging for third parties to provide customer care/help desk facilities (which may involve disclosing your information to third parties solely for those purposes).

    In providing our service to you we may be required to transmit your personal data to 3rd parties located outside the EEA. By registering your personal data with us, you agree to such transfer and use of your personal data. We will always ensure that 3rd parties to whom your data is transferred have committed that they will comply with our data protection standards by putting in place a contract to ensure your information is adequately protected.

    Credit Industry Fraud Avoidance System (CIFAS)

    “The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found in our privacy policy.

    Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing”.

    Use of cookies

    The SF Private Bank website and card portals may use cookies, which are encrypted, to analyse the patterns of use of the customers in order to provide a more efficient service and user-friendly platform.

    Maintaining your account data

    As a registered customer, you have the ability to log in to your account using your username and password. Once you have logged in, you have the ability and obligation to maintain the accuracy of your personal data. If you update your data, you authorize us to re-verify the accuracy of this personal data. Keeping your account current will assist us in compliance matters and ensure you have more accurate access to your account.

    Data Storage and Data Retention

    The Safety and Security of data is crucial for us and hence we ensure the data we have is encrypted and thereby comply with the GDPR standards.

    Data Encryption: data is encrypted both when at rest and in flight. This applies equally to public cloud storage, preferably using user-managed keys, not just those provided by the cloud provider.

    Data Retention:

    • We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. There are some circumstances where personal data may be stored for longer periods (e.g., archiving purposes in the public interest, scientific or historical research purposes). Recital 39 of the GDPR states that the period for which the personal data is stored should be limited to a strict minimum and that time limits should be established by the data controller for deletion of the records (referred to as erasure in the GDPR) or for a periodic review.
    • SF Private Bank is obligated under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 to retain your personal data for a period of Six (6) years. This applies even if you do not complete your registration as a SF Private Bank customer.
    • We will not hold any of your personal data for more than five years after the termination of our relationship.

    Accessing and Updating

    You are entitled to see the information held about you and you may ask us to make any necessary changes to ensure that it is accurate and kept up to date within stipulated time. If you wish to do this, please contact us. We are entitled by law to charge a reasonable fee to meet our costs in providing you with details of the information we hold about you.

    Children’s Policy

    The SF Private Bank services are not intended for use by children. We do not knowingly collect personal information from children under the age of 18 years. In any case if you allow a child to use your device or card services, you should be aware that their personal information could be collected as described in this policy. We encourage parents to be involved in the online activities of their children to ensure that no information is collected from a child without parental permission.

    If we become aware that a child under 18 has opened an account or otherwise provided us with personal information, we take steps to terminate the child’s account and delete such information.

    Changes to Privacy Policy

    We may change this policy from time to time in order to keep it relevant with market demands and regulations. Furthermore, in order to keep you informed on the updates, we will attempt to notify you by posting an announcement on the SF Private Bank services or sending you an email; however, any changes to the Privacy Policy are effective as soon as we post them here. Please visit this page for updated policies.

    Revision History

    Last Reviewed/Revised Date: November 30th, 2022