All rights reserved. These materials are confidential and proprietary to CBG, and no part of these materials shall be reproduced, published in any form or by any means, electronic or mechanical including photocopy, recording or otherwise, or stored in any information storage or retrieval system of any nature, nor shall the materials be disclosed to third parties without the prior express written authorization of CBG.
Consolidated Bank Ghana Limited (CBG) is an Indigenous Ghanaian Universal Bank licensed by Bank of Ghana under the Specialized Deposit – Taking Institutions Act, 2016 (Act 930). CBG, as a data controller, is very passionate about how the Bank processes information of customers /parties that is shared with us.
This privacy policy aims to provide you with information about how CBG processes your personal information (i.e.- for example, collection, use and disclosure of personal data, including special or sensitive personal data). CBG will only process information where the Bank has received the information directly from you as a data controller or by our clients where we are processors in accordance with their instructions and in line with the Bank’s obligations and your rights under The Data Protection Act 2012 - (Act 843), The EU General Data Protection Regulation (GDPR) and other Jurisdictional Data Protection laws that are applicable.
Security Codes means the user identification code (including Secure Access Image and Secure Access Message) with the Password details agreed between you and the Bank that are used to identify you whenever you use the Service.
To enable CBG fulfil the contract between the Bank and customers for the products or services you have requested, we may need to process your personal data for the purposes including the following:
We also have some legal and regulatory obligations in respect of the purposes for which we shall process personal data. This includes:
CBG collects Biometric Information from you when you enroll in our biometric identity program available through certain use of the Bank’s services and automatically as part of our anti-fraud protection, authentication, and customer support activities. These identifiers may include facial recognition information, fingerprints, as well as mathematical representations of your biometric identifier, such as the template maintained for comparison. We may use Biometric Information to identify and authenticate you, and for security and similar purposes. We may share Biometric Information with third-party service providers who assist with our information technology, security and fraud programs, our professional advisors, and as required by law or regulation. CBG will not sell your Biometric Information.
When we collect Biometric Information, you will receive a specific notice and consent request at the time of that collection. You are not required to consent to the collection of Biometric Information in order to use our services, although some functionality may not be available if you decline, and you may withdraw your consent at any time.
CBG will retain Biometric Information until the purposes for which it was collected have been satisfied and in line with our Data Retention Procedures.
CBG and our service providers may use commonly used tools such as cookies, web beacons, pixels, and similar technologies (collectively "cookies") to collect information about you so we can provide the experiences you request, recognize your visit, track your interactions, and improve experience with all customers.
You have control over some of the information we collect from Cookies and how we use it. For full details on how we use cookies and similar technologies please see our CBG Cookies Policy.
We shall process your information on the following basis:
We may share information with other people for any of the reasons provided above. The category of persons who may be entitled to information includes:
CBG shall keep your information for as long as it is necessary and relevant to the purposes set out in this privacy notice unless a longer retention period is required or permitted by law. When we have no ongoing legitimate business need to process your personal information, we may either delete or anonymize such information, or if this is possible (for example, because your personal information has been stored in backup archives), then we will securely store your information and isolate it from further processing until deletion.
Our security systems are designed to prevent loss, unauthorized destruction, damage and/or access to your personal information from unauthorized third parties. The Bank will maintain physical, electronic, and procedural safeguards that comply with standards to guard your non-public personal information. To ensure that we have the latest security controls and to provide assurance that CBG is compliant as in respect of information security requirements, we have obtained ISO 27001 certification and are currently in the process of obtaining PCI DSS certification.
You are entitled to your rights as enshrined in the Data Protection Act 2012, Act 843. These rights include:
You can at any time give notice to us to exercise your rights. We will within twenty-one (21) days after receipt of a notice inform you in writing that we have complied or intend to comply with your notice, or the reasons if we cannot comply with the request.
You can exercise your rights of access by completing the forms in the link below and submitting it to Dataprivacy@cbg.com.gh.
If you have any other privacy queries or complaints, you may also contact the Data Protection Supervisor (DPS) of the Bank through dataprivacy@cbg.com.gh
We may update the privacy policy from time to time. The updated version will be indicated by “Revised” and date. The updated version will be effective as soon as it is accessible. We encourage you to review this privacy notice frequently to be informed of how the Bank is protecting your information.
CBG is delighted to provide you with a copy of any personal data that is held about you. You are currently entitled to receive this information under the Data Protection Act 2012 (Act 843) and the EU’s General Data Protection Regulation (GDPR)
CBG will provide you with information about any processing of your personal data that is being carried out in accordance with the Data Protection Act 2012. We will endeavor to respond promptly to your request.
Kindly reach us via the email provided below for any explanation on how your data is processed, rectification, erasure, or copies to be shared.
Dataprivacy@cbg.com.gh.
OR
In writing to any nearest CBG Bank’s branch.