LAGOS BUILDING INVESTMENT COMPANY PLC

PRIVACY STATEMENT



INTRODUCTION

As a data subject (recruitment candidate, customer, vendor, or employee) be assured that at LBIC PLC. (hereinafter called “LBIC PLC”), we are dedicated to protecting your privacy and providing you with the highest level of security at any point of interaction with us. Hence, we want you to engage with us knowing that we value your Personal Data and that we protect it. This Privacy Policy explains what information we collect, how we collect, share, use, and protect, store, and retain your personal information when you visit or use this site and other services offered by LBIC PLC Bank. You are also informed of your rights regarding the information we process and how you can contact us. By continuing to visit our websites (www.lbicplc.com), while using any of our digital or mobile platforms/services, our Mobile Banking App, mobile authentication service when communicating with us through any of our social media or other interactive channels or any other engagement with us (“Services”), you accept and consent to the practices described in this policy.



PERSONAL INFORMATION COLLECTED AND COLLECTION METHODS

Personal information refers to data that could identify a specific individual such as names, addresses, e-mail addresses, and telephone numbers. Depending on your medium of interaction with LBIC PLC, we collect various types of information from you, as described below.





CONDITION FOR PROCESSING PERSONAL DATA

LBIC PLC personnel or any third party acting on its behalf shall only process your personal data if at least one of these conditions are met:



HOW WE USE YOUR PERSONAL DATA

LBIC PLC personnel or any third party acting on its behalf shall only process your personal data if at least one of these conditions are met: To the extent permissible under applicable` law, we may use your information for the following legitimate actions:

Without your personal information, we may not be able to provide or continue to provide you with the products or services that you need.



TRANSFER OF PERSONAL DATA

Personal data collected by LBIC PLC Bank may be transferred among its various divisions (with personnel who have business need to know). Other than to those individuals and entities listed below, your details will not be revealed by LBIC PLC to any external body unless LBIC PLC has your permission or is under either a legal obligation or any other duty to do so. For the purposes detailed above, your information may be disclosed to:



The above disclosures may require the transfer of your information to parties located in countries that do not offer the same level of data protection as your home country. However, LBIC PLC will ensure that the parties to whom your details are transferred treat your information securely and confidentially by implementing appropriate organizational and technical measures have been implemented to keep your Personal Information/Data confidential and secure. This includes the use of encryption, firewalls physical and environmental access controls, adequate authentication and authorization access controls and other forms of security to ensure that your data is protected.



TRANSFER TO A FOREIGN COUNTRY

Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a foreign country or to an international organization shall take place subject to the other provisions of this Regulation and the supervision of the Honorable Attorney General of the Federation (HAGF). Accordingly:

  1. A transfer of personal data to a foreign country or an international organization may take place where the Agency has decided that the foreign country, territory or one or more specified sectors within that foreign country, or the international organization in question ensures an adequate level of protection.
  2. The HAGF shall take into consideration the legal system of the foreign country particolarly in the areas of rule of law, respect for human rights and fundamental freedom, relevant legislation, both general and sectoral, including public security, defense, national security and criminal and access of public authorities to personal data.
  3. Implementation of such legislation, data protection rules, professional rules, and security measures, including rules for the onward transfer of personal data to another foreign country or international organization which are complied with in that country or international organization, case- law, as well as effective and enforceable Data Subject rights and effective administrative and judicial redress for the Data Subjects whose personal data are being transferred.
  4. The existence and effective functioning of one or more independent supervisory authorities in the foreign country or to which an international organization is subject, with responsibility for ensuring and enforcing compliance with the data protection rules, including adequate enforcement powers, for assisting and advising the Data Subjects in exercising their rights and for cooperation with the relevant authorities Nigeria; and
  5. The international commitments of the foreign country or international organization concerned has entered, or other obligations arising from legally binding conventions or instruments as well as from its participation in multilateral or regional systems, in relation to the protection of personal data.


EXCEPTIONS IN RESPECT OF TRANSFER TO A FOREIGN COUNTRY

In the absence of any decision by the Agency or HAGF as to the adequacy of safeguards in a foreign country, a transfer, or a set of transfers of personal data to a foreign country or an international organization shall take place only on one of the following conditions:

  1. You have explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers due to the absence of an adequacy decision and appropriate safeguards and that there are no alternatives.
  2. The transfer is necessary for the performance of a contract between you and the Controller, or the implementation of pre- contractual measures taken at your request.
  3. The transfer is necessary for the conclusion or performance of a contract concluded in your interest between the Controller and another natural or legal person.
  4. The transfer is necessary for important reasons of public interest.
  5. The transfer is necessary for the establishment, exercise, or defense of legal claims.
  6. The transfer is necessary to protect your vital interests or of other persons, where you are physically or legally incapable of giving consent.

Provided, in all circumstances, that you shall be manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country. This proviso shall not apply to any instance where the Data Subject is answerable in duly established legal action for any civil or criminal claim in a third country



HOW WE ENSURE PROTECTION OF YOUR PERSONAL DATA

We have implemented appropriate organizational and technical measures (including physical access controls and secure software and operating environments) to keep your Personal Data confidential and secure. Please note, however, that these protections do not apply to information you choose to share in public areas such as third-party social networks. Where we have provided you (or where you have chosen) with a password which grants you access to specific areas on our site, you are responsible for keeping this password confidential. We request that you do not share your pin, password, or other authentication details (e.g., token generated codes) with anyone.



PERSONAL DATA BREACH NOTIFICATION

LBIC PLC will inform relevant authorities and if necessary affected individuals of personal data breach within 72 hours of being aware of the breach, where Personal Breach refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes. Remedies shall include but not limited to investigating and reporting to appropriate authorities, recovering personal data, correcting it and/or enhancing controls around it.



YOUR RIGHTS

LBIC Plc. would like to make sure you are fully aware of all your data protection rights. Every customer is entitled to the following:



AUTOMATED PROCESSING INCLUDING PROFILING

As a data subject, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning or significantly affects you. We are committed to complying with this right under NDPR

If we use automated decision-making, we will provide you with clear and concise information about the types of decisions that may be made and the potential impact on you. We will also implement appropriate safeguards to protect your rights and freedoms, such as ensuring that decisions are fair and transparent, and that you have the right to challenge the decision or request human intervention.
We may use automated decision-making in the following circumstances:

If you wish to exercise your right to object to automated decision-making, you can contact our data protection officer or privacy representative. We are committed to ensuring that your rights under NDPR are respected and that you have control over how your personal data is processed.



MACHINE LEARNING MODELS AND BUSINESS RULES SURROUNDING THE MODELS

The Bank’s Data Analytics team have in-house machine learning models further described below:

The Churn Model

This is a predictive classification model that measures the churn rate of the customers by segmenting these customers into different buckets based on some business rules using selected attributes of the customers as features.



THE PRODUCT RECOMMENDATION MODEL

This model takes one product at a time with respect to similarities between a customer and other customers using their common attributes. These attributes are inputs in building the model for recommending products to similar customers using user-based similarities.



CUSTOMER LIFETIME VALUE MODEL

This Is a predictive linear regression model that focus majorly on the average balance of the customers in conjunction with the demographic and behavioural pattern of transactions of these customers in predicting the profitability of these customers.



CUSTOMERS SEGMENTATION

This is a rule-based engine that segments the bank’s customers into different categories based on some business rules. This grouping was done based on Customer Segments (HNI, Affluent & Mass Market), demographic characteristics and customer behaviour.



PERSONAL DATA RETENTION PERIOD

We take the privacy of your personal data seriously, and we will only retain it for as long as is necessary for the purposes for which it was collected. Once the purpose for which the personal data was collected has been fulfilled, we will destroy the personal data, unless retention is required to comply with legal, regulatory, or accounting requirements or to protect LBIC’S interests.

We will provide you with clear and concise information about the retention periods for different types of personal data, and the criteria used to determine these periods. We regularly review our retention policies to ensure that personal data is not retained for longer than necessary.

Please note that regulations may require the Bank to retain your personal data for a specified period even after the end of your banking relationship with us. However, we will ensure that we comply with the applicable legal and regulatory requirements.

If you wish to exercise your right to request the deletion of your personal data, you can contact our data protection officer. We will consider your request carefully and will provide you with a clear and concise explanation of any circumstances where your request may be denied.

It's also important to note that it is your responsibility to maintain the secrecy of any user ID and login password you hold. This will help to ensure that your personal data is kept secure and confidential.



USE OF COOKIES

Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology, to improve your experience while on our websites. We would like to let you know a few things about our cookies:

Please note that by continuing to use our website, you consent to our use of cookies as described above. You can manage your consent to cookies through your web browser settings, which allow you to accept or reject cookies, or to be notified when a cookie is set. Please note that blocking all cookies may limit your ability to access certain features of our website.

Cookies do not enable us to gather personal information about you unless you give the information to our server. Most Internet browser software allows the blocking of all cookies or enables you to receive a warning before a cookie is stored.

For further information, visit allaboutcookies.org.



MAINTAINING ACCURATE INFORMATION

You are responsible for making sure the information provided to the Bank is accurate and should inform the Bank on any changes as it occurs, this will enable us to update your information with us.



PRIVACY OF CHILDREN

LBIC respects the privacy of children. We do not knowingly collect names, email addresses, or any other personally identifiable information from children through the internet or other touchpoints. We do not allow children under the age of 18 to open accounts nor provide online banking for children less than 18 years of age without the consent of a guardian. Our website may include linked 3rd party sites that would be of interest to children. We are not responsible for the privacy and security practices of these sites. Parents should review the privacy policies of these sites closely before allowing children to provide any personally identifiable information.



ELECTRONIC COMMUNICATION

To maintain the security of our systems, protect our staff, record transactions, and, in certain circumstances, to prevent and detect crime or unauthorized activities, LBIC PLC reserves the right to monitor all electronic communications to make sure that they comply with our legal and regulatory responsibilities and internal policies.



SOCIAL MEDIA

We operate and communicate through our designated channels, pages, and accounts on some social media sites to inform, help and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our services. The public can access and read any information posted on these sites. Please note that any content you post to such social media platforms is subject to the applicable social media platform’s terms of use and privacy policies. We recommend that you review the information carefully to better understand your rights and obligations regarding such content



CONTACTING YOU

In providing your telephone, facsimile number, postal and e-mail address, or similar details, you agree that LBIC PLC may contact you by these methods to keep you informed about LBIC products and services or for any other reason. If you prefer not to be kept informed of LBIC PLC, bank’s products and services, please contact LBIC PLC by E-mail (dpo@lbicplc.com) or through any of our branches.



LINKS TO OTHER WEBSITES

Our website, related websites and mobile applications may have links to or from other websites. Although we try to link only to websites that also have high privacy standards, we are not responsible for their security, privacy practices or content. We recommend that you always read the privacy and security statements on these websites.

POLICY UPDATES

LBIC PLC reserves the right to amend its prevailing Data Protection and Privacy Statement at any time and will place any such amendments on our websites (www.lbicplc.com). The latest version of our privacy statement will replace all earlier versions unless it says differently. Please check back frequently to see any updates or changes to our Notice. This policy is not intended to, nor does it, create any contractual rights whatsoever or any other legal rights, nor does it create any obligations on LBIC PLC in respect of any party or on behalf of any party.



PRIVACY CONTACT INFORMATION

If you have any questions, concerns, or comments about our privacy policy, you may contact our Data Protection Officer. Kindly address your request to “The Data Protection Officer” at LBIC HOUSE 1, Assbifi Road, Central Business District, Alausa, Ikeja P.O. Box 7525, Lagos Nigeria or via email (dpo@lbicplc.com) If you have any further questions or comments about us or our policies, please do not hesitate to contact us.

Email us at: dpo@lbicplc.com