Privacy Policy

1. Information We Collect

We may collect various types of personal information from you and about you depending on your relationship with IRAIC BANK. Personal information means any information that directly or indirectly identifies you personally.

1.1 Information You Provide Directly

• Identification Information: Full name, date of birth, marital status, nationality, gender
• Contact Information: Email address, phone number, residential address, mailing address
• Government Identifiers: Passport number, driver's license, tax identification number (where required)
• Financial Information: Income, assets, liabilities, bank account details, investment portfolio information
• Employment Information: Occupation, employer name, employment history
• Health Information: For insurance products, with your explicit consent
• Third-Party Information: Information about beneficiaries, authorized signatories, directors, shareholders, or dependents (you confirm you have obtained their consent)

1.2 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers (IMEI, MAC address, Android ID)
• Usage Data: Pages visited, features used, time spent, clickstream data, transaction history
• Location Data: Approximate location from IP address; precise GPS location with your consent
• Cookies and Tracking Technologies: We use cookies, pixels, and similar technologies to enhance your experience
• Recordings: Telephone calls, video conferences, and chat sessions for training, quality, and security purposes
• Surveillance Cameras: Images in and around our premises for security

1.3 Information from Other Sources

• Credit Bureaus: Credit reports, credit scores, and credit history
• Affiliates and Business Partners: Information shared within the IRAIC BANK group
• Public Records: Government registries, public databases, and legitimate news sources
• Fraud Prevention Agencies: Information to verify identity and prevent financial crime

2. Sensitive Personal Information

Sensitive personal information refers to information that, once leaked or illegally provided or misused, may harm your personal or property safety. This includes ID certificate information, biometric data, precise geolocation, health information, and financial account details.

We collect sensitive personal information only after obtaining your explicit consent where legally required. Refusal to provide consent for sensitive information may affect your ability to use certain services but will not affect your use of other services we provide.

3. How We Use Your Information

We may use your personal information for the following purposes:

4. Information Sharing and Disclosure

We do not sell your personal information to third parties. We are committed to limiting information sharing to what is required and obtaining your consent as needed. We may share your information with:

4.1 Affiliates and Subsidiaries

We may share your information within the IRAIC BANK group of companies for identity verification, compliance, and to better serve you. You may opt out of certain affiliate sharing.

4.2 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including data hosting, payment processing, customer support, analytics, and marketing assistance. These providers are contractually bound to protect your information and use it only for specified purposes.

4.3 Business Partners

With your consent, we may share information with financial partners for joint marketing or co-branded services.

4.4 Legal and Regulatory Disclosures

We may disclose information to comply with laws, regulations, court orders, or requests from regulatory authorities, including tax authorities and anti-money laundering agencies. This may include disclosures to authorities outside your country of residence.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

4.6 With Your Consent

We may share information for any other purpose disclosed to you and with your consent.

5. Data Security and Protection

Information security is our top priority. We maintain this commitment by implementing appropriate security and managerial measures to safeguard your personal information.

• Quantum Encryption: All data transmitted through our platforms is protected by quantum-resistant encryption protocols, an industry standard for security over the internet.
• Firewalls and Monitoring: Our servers are protected behind firewalls and continuously monitored to prevent unauthorized access.
• Access Controls: Strict access controls limit employee access to personal information based on job function. All staff sign confidentiality agreements and undergo regular security training.
• Incident Response: We maintain an incident response plan and conduct regular drills. In the event of a data breach, we will notify affected individuals and regulators as required by law.

6. Cookies and Similar Technologies

We use cookies, pixels, and similar technologies to enhance your experience, analyze usage, and deliver relevant content. These technologies may collect information about your device and browsing behavior.

You can manage your cookie preferences through your browser settings. However, disabling certain cookies may affect website functionality. For more details, please see our separate Cookie Policy.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Typically, we retain account information for up to ten years after account closure to comply with regulatory and tax obligations.

8. Cross-Border Data Transfers

As a global bank, your information may be transferred to, stored in, or accessed from countries outside your residence, including jurisdictions with different data protection laws. We ensure appropriate safeguards are in place through contractual clauses and compliance with international frameworks.

9. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right to Access: Request a copy of the personal information we hold about you.
• Right to Rectification: Correct inaccurate or incomplete information.
• Right to Deletion: Request deletion of your information, subject to legal exceptions.
• Right to Restrict Processing: Limit how we use your information in certain circumstances.
• Right to Data Portability: Receive your information in a structured, machine-readable format.
• Right to Object: Object to processing for direct marketing or based on legitimate interests.
• Right to Opt-Out: Opt out of information sharing with affiliates or marketing communications.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise your rights, please contact our Privacy Officer using the information below. We will respond within the timeframe required by applicable law.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt-out of the sale of personal information. IRAIC BANK does not sell your personal information. For more information, please visit our California Privacy Center or contact us.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a minor without parental consent, we will take steps to delete it.

12. Changes to This Privacy Policy

We may update this policy periodically to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this policy indicates when changes were made. We will notify you of material changes through our website or other communication channels.