Cookies
This website uses cookies in order to improve user experience. Please click 'I accept' to consent the use of this technology by Bank of Valletta p.l.c. Click here for more information on cookies or to view the Bank's Privacy Notice.
Get in touch - Bank of Valletta - BOV Group
Customer Service Centre - Bank of Valletta - BOV Group
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
  • ... >
Maximise Banner
Minimise Banner
next Previous
next Previous
next Previous
next Previous
Bank of Valletta p.l.c. Privacy Notice
1. Purpose of this document
In this notice “BOV”, “the Bank”, “we”, and “us” refers to Bank of Valletta p.l.c. and its subsidiaries; BOV Asset Management Ltd and BOV Valletta Fund Services Ltd, and “our” shall be construed accordingly. “You” includes any attorney duly appointed by means of a power of attorney/mandate, trustees, executors, curators, guardians or any other legitimate representatives.


BOV is committed to protecting the privacy and security of your personal data.


BOV is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this Privacy Notice.


This Privacy Notice sets out the basis for which any of your personal data is collected and processed by us. It covers the types of information that we collect about you, why this is collected, with whom this will be shared and what measures we take to protect your data, in line with data protection legislation, including the General Data Protection Regulation and Data Protection Act (Chapter 586 of the Laws of Malta. Additionally, this Notice also details your rights in terms of data protection and how to approach the Bank on this subject matter. This Notice can be updated at any time to reflect changes in requirements or relevant laws. If there are any substantial changes to the way we process data or changes that will affect you directly, we will notify you of these changes. 


2. Who are we?

Bank of Valletta p.l.c is licensed as a credit institution in terms of the Banking Act (Cap. 371 of the Laws of Malta) and is also in possession of a licence under the Investment Services Act (Cap. 370 of the Laws of Malta). The registered address of the Bank is situated at 58, Zachary Street, Valletta, VLT 1130, Malta. 3. General Data Protection Regulation Principles
In complying with the GDPR, we ensure that the personal information that we hold about you is:
  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Retained only for as long as required for the identified purposes and in line with our retention policy.
  • Stored securely.
4. The data we collect about you

We are data controllers of your personal data and shall process your personal data for the purposes of providing service/s and/or products and to improve the same and for the other reasons set out in this notice, including clause 7 below. If you are availing yourself of our investment services we shall also process your personal data for the purposes of providing the service/s set out in the Terms of Business provided to you.

The term “personal data” refers to all personally identifiable information about you and includes all information which may arise or may be derived or collected about you throughout the relationship with us and that can identify you personally.
There are other types of data known as ‘special category’ that include sensitive personal information which require additional levels of protection.

We collect and process your personal data mainly to provide you with access to our services and products, and to help us improve same.

The following is the data that we collect:
  • Personal contact details: your name, address, contact numbers and personal e-mail address;
  • Identification information: identity card/ passport, date of birth, nationality and citizenship, signature, TIN (taxpayer identification number);
  • Information obtained when using our online services: usernames and login credentials; 
  • Localisation information;
  • Information obtained by our monitoring systems for security and privacy purposes: recordings of telephone calls, CCTV in and around our premises;
  • Banking information: financial information arising from your relationship with us and decisions we may have taken about your ability to manage credit terms, transaction and payments history, salary information, documentation necessary to evidence source of wealth and source of funds, or when necessary for the provision of investment services ;
  • Records of your correspondence with us;
  • Information provided to us by yourself when filling out forms, visiting our branches etc.
5. How do we collect your personal information?

We may collect personal data about you from different sources, data including the following:

  • Data given to us directly by yourself;
  • Data collected automatically when you use BOV services;
  • Data collected from communications with the Bank;
  • Data collected from CCTV present around our premises; and
  • Data collected from other publicly available sources.
6. Scope of Processing

We will only use your personal information when the law allows us to. In general and most commonly, we will use your personal information in the following circumstances:
  • Where it is necessary for performing the contract we have entered into with you;
  • Where we need to comply with a legal obligation;
  • Where it is in the public interest to do so; or for official purposes.
There can be rare occasions where it becomes necessary to use your personal information to protect your interests (or someone else's interests).
More specifically, the Bank will process personal data for the purposes mentioned hereunder only, namely:
  • To be able to provide the product or service that you have applied for, in order to fulfil our contract with you;
  • To provide you with statements and other data regarding those products and services;
  • For internal assessment and analysis (including credit and/or behaviour scoring, market, product analysis, risk management, and in order to protect our legitimate interest);
  • For the detection and prevention of fraud, prevention of money laundering, prevention and detection of market abuse and other criminal activity which the Bank is bound to report, including the carrying out of customer due diligence. This will be done in order to fulfil our legal obligations and to safeguard our legitimate interest as well as public interest;
  • In furtherance of our legitimate interest in developing and improving the Bank’s products and services;
  • For direct marketing, such as to inform you, by mail, telephone, e-mail or other electronic means, about other products and services supplied by the Bank, its subsidiaries, associates, agents and by other carefully selected third parties, and for research purposes;
  • To safeguard our legal rights, such as in the case of enforcing or protecting our security, or recovering amounts owed to us by you or your co-debtors, or other persons whose borrowing you have secured;
  • In compliance with legal obligations which are imposed on us, including (amongst others) MiFID II, money-laundering detection and reporting, obligations under FATCA and CRS, and other obligations imposed upon us in terms of applicable law;
  • If you have opted in, to inform you about our services and products.

We may use your data to protect you in the following ways:
  • We may record phone calls to confirm details of our conversations, for your protection, to train our staff and to maintain the quality of our service.
  • We use CCTV to record images in and around our premises to prevent and detect crime.
  • Before we provide any service, we will carry out anti-money laundering checks, which may include searches to confirm your identity.
Your data may be transferred to and stored in locations outside the European Economic Area (EEA), including countries that may not have the same level of protection for personal data.
In doing so we shall ensure that transfers to each of these countries will be protected by appropriate safeguards, namely that such third party recipients are either subject to an adequacy decision or to appropriate safeguards in accordance with the applicable privacy laws and/or any other applicable legislation. We shall also ensure that we have a justifiable ground for such a transfer, such as our legitimate interest.

7. Lawful basis for processing your personal data

Since we process your data for various reasons, the lawful basis behind each process varies but the hereunder is the exhaustive list of all bases for processing your data in line with the GDPR:
  • You as the data subject has given consent to the processing of your personal data Article 6(1)(a)).  Processing required for us to perform a contract (Article 6(1)(b)).
  • Processing required for us to carry out our legal obligations as a financial institution (Article 6(1)(c)).  Processing required to protect your interests or those of another person (Article 6(1)(d)).
  • Processing required to enable us to perform a public task (Article 6(1)(e)).  Processing required for the purposes of our legitimate interest (Article 6(1)(f)).
The Bank will only use your personal information for the purposes for which it was collected, unless it is reasonable to consider that we need to use it for another reason and that reason is compatible with the original purpose.
8. Other Products and Services

From time to time we would like to tell you about our other products and services, and those arranged by us with other suppliers such as insurance companies.

Any personal data you provide in the process of enquiring/ arranging any of our other products and services is provided in the strictest confidence. If you have already provided your consent, we will continue to rely on this permission until you request us to stop contacting you or to withdraw consent.
Marketing Material
The Bank would like to send you information about BOV products and services which we think may be of interest to you and also products from our partners and relevant third parties. Processing for direct marketing will only be lawful if prior consent has been acquired. If you have previously agreed to us contacting you about marketing but have now changed your mind, we kindly ask you to contact us as advised below so that we can update your preferences.
You have the right to stop the Bank from using your contact details for marketing purposes at any time, as advised in Sections 13 and 16.
9. Data we share and with whom

We do not share personal data with companies, organisations and individuals outside of the Bank unless one of the following circumstances applies:
  • With your consent - We will share personal data with companies, organisations or individuals outside of the Bank when we have your consent to do so
  • For external processing - We provide personal data to trusted businesses or persons to whom we may outsource certain functions from time to time, in order to provide you with the products or services you have requested, and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures
  • For legal reasons - We will share personal data with companies, organisations or individuals outside of the Bank if we have a good-faith belief that access, use, preservation or disclosure of the data is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request
  • enforce applicable terms of service, including investigation of potential violations
  • detect, prevent, or otherwise address fraud
  • protect against harm to the rights, property or safety of the Bank, our users or the public as required or permitted by law
We may share your information for the above mentioned purposes with others such as:
Our employees and representatives, members of the BOV Group and our affiliates; our third party service providers, agents, delegates, sub-contractors and/or any other party which may be engaged or otherwise used by us (including suppliers of the Bank and any person engaged by us to carry out services) for any purpose as mentioned in section 6 above;
  • Any other individuals with whom you hold a joint account, beneficiaries, and intermediaries;
  • Any transactional data shared amongst parties involved in the transactions;
  • Maltese or foreign authorities who may request such data in carrying out their functions such as law enforcements units, government, courts and other regulatory bodies;
  • Other financial institutions, lenders and holders of security over any property you charge to us or pledge in our favour, tax authorities, trade associations, credit reference agencies, payment service providers and debt recovery agents;
  • Any fund managers who provide asset management services to you and any brokers who introduce you to us or deal with us for you;
  • The Central Bank of Malta in order to update the Central Credit Register maintained by the Central Bank of Malta;
  • Fraud and crime prevention agencies who will use the data provided to verify your identity, detect and prevent fraud and other financial crimes;

We may share non-personally identifiable data publicly. For example, we may share data publicly to show trends about the general use of our services.
If the Bank is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal data and give affected users notice before personal data is transferred or becomes subject to a different Privacy Notice.

10. Data Retention

We will not retain your personal data for longer than it is required for the maintenance of your relationship with us, or for any legal or regulatory requirements. Your information will be processed and kept for as long as necessary for us to be in compliance with our legal obligations, industry practices and/or accepted standards (including where processing may be necessary for the establishment, exercise or defence of legal claims).

Data will be kept within the Bank according to the schedule set out in our internal data retention policy.

11. Data Security

We make sure to use reasonable measures to protect the personal data within the Bank. If you have reason to believe that your interaction with us is no longer secure, please advise us immediately.

12. Data Subject Rights
Your rights in connection with personal data under certain circumstances, by law you have the right to:
  • Request access to your personal data (known as a subject access request). This enables you to receive a copy of the personal data we hold about you and how we process it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party.

13. Withdrawal of consent
In the case where you have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.
To withdraw your consent, please contact the Bank via the available channels as detailed in Section 16. All requests will be responded to in a timely manner.

14. Use of data processors

As controllers of data, we make use of data processors who are third parties and provide services to us. To regulate our relationship, we have contractual agreements in place to safeguard our interests and your personal data. They are not authorised to do anything with your personal data unless specifically instructed by us. When we do this, we will make sure that it has an appropriate level of protection and that the transfer is lawful. We may need to transfer your data in this way to carry out our contract with you, to fulfil a legal obligation, to protect the public interest and/or for our legitimate interests.

15. Updates to this Privacy Notice

We reserve the right to update this privacy notice at any time. The updated privacy notice will be published on our website. If you have any questions about this Privacy Notice, please contact us at [email protected] Should you have any queries or would like to update your data processing preferences, please contact us on the Data Protection Officer’s details hereunder. All requests and queries related to data protection should be directed to the DPO’s attention whilst queries in relation to other matters should be directed to the Bank’s contact details. If you believe there are areas within which our service could be improved, please contact the Bank’s customer service as advised here.

16. Contact details

The Bank has appointed a Data Protection Officer as the main point of contact between individuals and itself in relation to queries about personal data and the processing involved thereof. The Data Protection Officer can be contacted on the hereunder details. Should you feel the need to escalate the matter further, you can make a complaint to the Supervisory Authority in Malta which is the Information and Data Protection Commissioner; contact details are below.
Bank’s Data Protection Officer Contact Details:
Land Line: (356) 2275 3700
Address: Bank of Valletta p.l.c.
Level 3/R, Centris Business Gateway,
Triq is-Salib tal-Imrieħel Zone 3,
Central Business District
Birkirkara CBD 3020 – Malta
Bank contact Details:
Land Line: (356) 2131 2020
Address: Customer Issues Unit,
Bank of Valletta p.l.c.
Level 4, 45 Triq ir-Repubblika,
Il-Belt Valletta VLT 1113 – Malta
Supervisory Authority Contact Details:
Land Line: (356) 2328 7100
Address: Information and Data Protection Commissioner
Floor 2, Airways House
High Street
Sliema, SLM 1549
Malta.





Share this item:
Print page
My Guide has identified the following related material
next Previous
 
BOV Pjazza
next Previous
Bank of Valletta p.l.c. is a public limited company regulated by the MFSA and is licensed to carry out the business of banking and investment services in terms of the Banking Act (Cap. 371 of the Laws of Malta) and the Investment Services Act (Cap.370. of the Laws of Malta).