Privacy Policy

As a data subject (recruitment candidate, customer, vendor, or employee) be assured that at WEMA BANK PLC. (hereinafter called “Wema Bank”), we are dedicated to protecting your privacy and providing you with the highest level of security at any point of interaction with us. Hence, we want you to engage with us knowing that we value your Personal Data and that we protect it. This Privacy Policy explains what information we collect, how we collect, share, use, and protect, store, and retain your personal information when you visit or use this site and other services offered by Wema Bank.  You are also informed of your rights regarding the information we process and how you can contact us. By continuing to visit our websites (www.wemabank.com, www.alat.ng, & outlet.alat.ng), while using any of our digital or mobile platforms/services, our Mobile Banking App, mobile authentication service when communicating with us through any of our social media or other interactive channels or any other engagement with us (“Services”), you accept and consent to the practices described in this policy.

PERSONAL INFORMATION COLLECTED AND COLLECTION METHODS

Personal information refers to data that could identify a specific individual such as names, addresses, e-mail addresses, and telephone numbers.

Depending on your medium of interaction with Wema Bank, we collect various types of information from you, as described below.

• Personal/Contact details (name, date of birth, passport information or other identification information phone number, email address, postal address, or mobile number), Biometric information (fingerprints, facial recognition, or voice recognition) or Information about your family and social circumstances (such as dependents, marital status, next of kin and contact details) will be collected on the bank mobile banking applications, social media, calls, SMS or interactions with our relationship management officers during account opening or account update.
• Transactional details will be requested when payment is made or when payment-related complaints are made. Also, visual images and personal appearance (such as copies of passports or CCTV images) will be requested for when there is a complaint made against the bank’s application or services rendered.
• Medical information (results of urine, blood, and X-ray analysis), Education and employment information will be requested from new staff during the onboarding process.
• Financial information (bank account number, debit card numbers, financial history) including information you provide to deliver payment initiation services and account information services regarding accounts you hold with other providers.

CONDITION FOR PROCESSING PERSONAL DATA

Wema Bank personnel or any third party acting on its behalf shall only process your personal data if at least one of these conditions are met:

• Consent: this refers to any freely given, specific, informed, and unambiguous indication through a statement or a clear affirmative action that signifies your agreement to the processing of your Personal Data by Wema Bank. Wema Bank does not intend to seek consent that may engender direct or indirect propagation of atrocities, hate, criminal acts, and anti-social conducts.
• Contract: processing is necessary for the performance of a contract or entering into a contract at your request.
• Legal obligation: processing is necessary for compliance with a legal obligation to which Wema Bank is subject.
• Vital interest: processing is necessary to protect your vital interests or those of another natural person.
• Public interest: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Wema Bank.

 

HOW WE USE YOUR PERSONAL DATA

To the extent permissible under applicable law, we may use your information for the following legitimate actions:

• Providing and operating the products and services you have requested.
• For other related purposes may include updating and enhancing Wema Bank records, understanding your financial needs, conducting credit checks, reviewing creditworthiness, and assisting other financial institutions to conduct credit checks.
• Identifying and informing you about other products or services that we think may be tailored to suit your interest.
• Reviewing credit or loan eligibility
• For crime/fraud prevention and debt collection purposes
• To plan, conduct, and monitor Wema Bank’s business.
• For improving the design and marketing of our range of services and related products for customer use.
• Compare information for accuracy and verify it with third parties/publicly available information.
• Manage our relationship with you.
• To monitor, carry out statistical analysis and benchmarking to identify potential markets and trends, evaluate and improve our business.
• Monitor activities at our facilities, including compliance with applicable policies.
• To comply with and enforce applicable legal and regulatory requirements, relevant industry standards, contractual obligations, and our policies.

 

Without your personal information, we may not be able to provide or continue to provide you with the products or services that you need.

TRANSFER OF PERSONAL DATA

Personal data collected by Wema Bank may be transferred among its various divisions (with personnel who have business need to know).  Other than to those individuals and entities listed below, your details will not be revealed by Wema Bank to any external body unless Wema Bank has your permission or is under either a legal obligation or any other duty to do so. For the purposes detailed above, your information may be disclosed to:

• Other Branches or Companies in the Wema Group (i.e., Wema Bank PLC, its subsidiaries, and affiliates).
• Any regulatory, supervisory, governmental, or quasi-governmental authority with jurisdiction over Wema Group members.
• Any agent, contractor or third-party service provider, professional adviser, or any other person under a duty of confidentiality to the Wema Group.
• Credit reference agencies and, in the event of default, debt collection agencies.
• Any actual or potential participant or sub-participant in, assignee, novate or transferee of any of the Wema Group’s rights and/or obligations in relation to you.
• Any financial institution with which Wema Bank PLC has or proposes to have dealings.

The above disclosures may require the transfer of your information to parties located in countries that do not offer the same level of data protection as your home country. However, Wema Bank PLC will ensure that the parties to whom your details are transferred treat your information securely and confidentially by implementing appropriate organizational and technical measures have been implemented to keep your Personal Information/Data confidential and secure. This includes the use of encryption, firewalls physical and environmental access controls, adequate authentication and authorization access controls, and other forms of security to ensure that your data is protected.

TRANSFER TO A FOREIGN COUNTRY  

Any transfer of personal data which are undergoing processing or intended for processing after transfer to a foreign country or to an international organization shall take place subject to the other provisions of this Regulation and the supervision of the Honorable Attorney General of the Federation (HAGF). Accordingly:

1. a transfer of personal data to a foreign country or an international organization may take place where the Agency has decided that the foreign country, territory, or one or more specified sectors within that foreign country, or the international organization in question ensures an adequate level of
2. the HAGF shall take into consideration the legal system of the foreign country particularly in the areas of rule of law, respect for human rights and fundamental freedom, and relevant legislation, both general and sectoral, including public security, defense, national security, and criminal and access of public authorities to personal data.
3. implementation of such legislation, data protection rules, professional rules, and security measures, including rules for the onward transfer of personal data to another foreign country or international organization which are complied with in that country or international organization, case- law, as well as effective and enforceable Data Subject rights and effective administrative and judicial redress for the Data Subjects whose personal data are being
4. the existence and effective functioning of one or more independent supervisory authorities in the foreign country or to which an international organization is subject, with responsibility for ensuring and enforcing compliance with the data protection rules, including adequate enforcement powers, for assisting and advising the Data Subjects in exercising their rights and for cooperation with the relevant authorities Nigeria; and
5. the international commitments of the foreign country or international organization concerned have entered, or other obligations arising from legally binding conventions or instruments as well as from its participation in multilateral or regional systems, in relation to the protection of personal

 

EXCEPTIONS IN RESPECT OF TRANSFER TO A FOREIGN COUNTRY

In the absence of any decision by the Agency or HAGF as to the adequacy of safeguards in a foreign country, a transfer, or a set of transfers of personal data to a foreign country or an international organization shall take place only on one of the following conditions:

1. You have explicitly consented to the proposed transfer after having been informed of the possible risks of such transfers due to the absence of an adequacy decision and appropriate safeguards and that there are no
2. The transfer is necessary for the performance of a contract between you and the Controller, or the implementation of pre-contractual measures taken at your
3. The transfer is necessary for the conclusion or performance of a contract concluded in your interest between the Controller and another natural or legal
4. The transfer is necessary for important reasons for public
5. the transfer is necessary for the establishment, exercise, or defense of legal claims.
6. The transfer is necessary to protect your vital interests or of other persons, whom you are physically or legally incapable of giving

Provided, in all circumstances, that you shall be manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country. This proviso shall not apply to any instance where the Data Subject is answerable in duly established legal action for any civil or criminal claim in a third country.

HOW WE ENSURE THE PROTECTION OF YOUR PERSONAL DATA

We have implemented appropriate organizational and technical measures (including physical access controls and secure software and operating environments) to keep your Personal Data confidential and secure. Please note, however, that these protections do not apply to information you choose to share in public areas such as third-party social networks. Where we have provided you (or where you have chosen) with a password that grants you access to specific areas on our site, you are responsible for keeping this password confidential. We request that you do not share your pin, password, or other authentication details (e.g., token-generated codes) with anyone.

PERSONAL DATA BREACH NOTIFICATION

Wema Bank will inform relevant authorities and if necessary affected individuals of personal data breach within 72 hours of being aware of the breach, where Personal Breach refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes. Remedies shall include but not be limited to investigating and reporting to appropriate authorities, recovering personal data, correcting it, and/or enhancing controls around it.

YOUR RIGHTS

Wema Bank Plc. would like to make sure you are fully aware of all your data protection rights. Every customer is entitled to the following:

• The right to be informed - To emphasize the need for transparency over the usage of personal data for targeted marketing, we ensure fair processing of information typically through this privacy policy.
• The rights to access - You have the right to request from Wema Bank for copies of your personal data where those requests are reasonable and permitted by law or regulation. We may charge you a fee for this service.
• The right to rectification - You have the right to request that Wema Bank correct any information you believe is inaccurate. You also have the right to request Wema Bank Plc. to complete information you believe is incomplete.
• The right to restrict processing - You have a right to ‘block’ or withdraw or revoke your consent to our processing of your information, which you can do at any time. When processing is restricted, we are permitted to store personal data, but not further process it.
• The right to erasure - You have the right to request the deletion or removal of personal data where there is no compelling legal or regulatory requirement for its continued processing. Wema Bank will make sure that this right is protected.
• The right to data portability - You have the right to request that the bank transfer the data that we have collected to another organization, or directly to you, under certain conditions. We will ensure that personal data is moved, copied, or transferred easily from one IT environment to another in a safe and secure way, without hindrance to usability.
• The right to refusal - You have the right to refuse the processing of your information if there are compelling legitimate grounds to do so and to the extent permitted by law or regulation.

To exercise your right(s), please contact the Data Protection Officer of Wema Bank at dpo@wemabank.com.

You also have the right to:

• Receive your Personal Data in a commonly used and machine-readable format and the right to transmit these data to another Data Controller when the processing is based on (explicit) consent or when the processing is necessary for the performance of a contract.
• Lodge a complaint with the National IT Development Agency (NITDA) where you believe our processing of your data violates the requirements of the Nigeria Data Protection Regulation 2019 (NDPR).

AUTOMATED PROCESSING INCLUDING PROFILING

 As a data subject, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning or significantly affects you. We are committed to complying with this right under NDPR.

If we use automated decision-making, we will provide you with clear and concise information about the types of decisions that may be made and the potential impact on you. We will also implement appropriate safeguards to protect your rights and freedoms, such as ensuring that decisions are fair and transparent and that you have the right to challenge the decision or request human intervention.

We may use automated decision-making in the following circumstances:

1. a) when it is necessary for entering into or performing a contract between you and Wema Bank.
2. b) when it is authorized by law, subject to appropriate safeguards to safeguard your rights and freedoms; or
3. c) when it is based on your explicit consent.

 If you wish to exercise your right to object to automated decision-making, you can contact our data protection officer or privacy representative. We are committed to ensuring that your rights under NDPR are respected and that you have control over how your personal data is processed.

 

MACHINE LEARNING MODELS AND BUSINESS RULES SURROUNDING THE MODELS

The Bank’s Data Analytics team has in-house machine learning models further described below:

 The Churn Model

This is a predictive classification model that measures the churn rate of the customers by segmenting these customers into different buckets based on some business rules using selected attributes of the customers as features.

THE PRODUCT RECOMMENDATION MODEL

This model takes one product at a time with respect to similarities between a customer and other customers using their common attributes. These attributes are inputs in building the model for recommending products to similar customers using user-based similarities.

CUSTOMER LIFETIME VALUE MODEL

This Is a predictive linear regression model that focuses majorly on the average balance of the customers in conjunction with the demographic and behavioral pattern of transactions of these customers in predicting the profitability of these customers.

CUSTOMERS SEGMENTATION

This is a rule-based engine that segments the bank’s customers into different categories based on some business rules. This grouping was done based on Customer Segments (HNI, Affluent & Mass Market), demographic characteristics and customer behavior.

PERSONAL DATA RETENTION PERIOD

We take the privacy of your personal data seriously, and we will only retain it for as long as is necessary for the purposes for which it was collected. Once the purpose for which the personal data was collected has been fulfilled, we will destroy the personal data, unless retention is required to comply with legal, regulatory, or accounting requirements or to protect Wema Bank's interests.

We will provide you with clear and concise information about the retention periods for different types of personal data, and the criteria used to determine these periods. We regularly review our retention policies to ensure that personal data is not retained for longer than necessary.

Please note that regulations may require the Bank to retain your personal data for a specified period even after the end of your banking relationship with us. However, we will ensure that we comply with the applicable legal and regulatory requirements.

If you wish to exercise your right to request the deletion of your personal data, you can contact our data protection officer. We will consider your request carefully and will provide you with a clear and concise explanation of any circumstances where your request may be denied.

It's also important to note that it is your responsibility to maintain the secrecy of any user ID and login password you hold. This will help to ensure that your personal data is kept secure and confidential.

2. USE OF COOKIES

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology, to improve your experience while on our websites. We would like to let you know a few things about our cookies:

• Some cookies are essential to access certain areas of this site.
• We use analytics cookies to help us understand how you use our site to discover what content is most useful to you.  

Wema bank Plc. uses cookies in a range of ways to improve your experience on our website, including:

• Allow us to recognize the PC you are using when you return to our web site so that we can understand your interest in our web site and tailor its content and advertisements to match your interests (This type of cookie may be stored permanently on your PC but does not contain any information that can identify you personally).
• Identify you after you have logged in by storing a temporary reference number in the cookie so that our web server can conduct a dialogue with you while simultaneously dealing with other customers. (Your browser keeps this type of cookie until you log off or close your browser when these types of cookies are normally deleted. No other information is stored in this type of cookie).
• Allow you to carry information across pages of our site and avoid having to re-enter that information.
• Allow you access to stored information if you register for any of our on-line services.
• Enable us to produce statistical information (anonymously) which helps us to improve the structure and content of our web site.
• Enable us to evaluate the effectiveness of our advertising and promotions.

 

Please note that by continuing to use our website, you consent to our use of cookies as described above. You can manage your consent to cookies through your web browser settings, which allow you to accept or reject cookies, or to be notified when a cookie is set. Please note that blocking all cookies may limit your ability to access certain features of our website.

Cookies do not enable us to gather personal information about you unless you give the information to our server. Most Internet browser software allows the blocking of all cookies or enables you to receive a warning before a cookie is stored.

For further information, visit allaboutcookies.org.

You are responsible for making sure the information provided to the Bank is accurate and should inform the Bank on any changes as it occurs, this will enable us to update your information with us.

Wema Bank respects the privacy of children. We do not knowingly collect names, email addresses, or any other personally identifiable information from children through the Internet or other touchpoints. We do not allow children under the age of 18 to open accounts nor provide online banking for children less than 18 years of age without the consent of a guardian. Our website may include linked 3rd party sites that would be of interest to children. We are not responsible for the privacy and security practices of these sites. Parents should review the privacy policies of these sites closely before allowing children to provide any personally identifiable information.  

To maintain the security of our systems, protect our staff, record transactions, and, in certain circumstances, to prevent and detect crime or unauthorized activities, Wema Bank PLC reserves the right to monitor all electronic communications to make sure that they comply with our legal and regulatory responsibilities and internal policies.

We operate and communicate through our designated channels, pages, and accounts on some social media sites to inform, help and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our services. The public can access and read any information posted on these sites. Please note that any content you post to such social media platforms is subject to the applicable social media platform’s terms of use and privacy policies. We recommend that you review the information carefully to better understand your rights and obligations regarding such content.

In providing your telephone, facsimile number, postal and e-mail address, or similar details, you agree that Wema Bank PLC may contact you by these methods to keep you informed about Wema Bank products and services or for any other reason. If you prefer not to be kept informed of Wema Bank products and services, please contact Wema Bank PLC by E-mail (purpleconnect@wemabank.com) or through any of our branches.

Our website, related websites, and mobile applications may have links to or from other websites. Although we try to link only to websites that also have high privacy standards, we are not responsible for their security, privacy practices, or content. We recommend that you always read the privacy and security statements on these websites.

Wema Bank reserves the right to amend its prevailing Data Protection and Privacy Statement at any time and will place any such amendments on our websites (www.wemabank.com, www.alat.ng, & outlet.alat.ng). The latest version of our privacy statement will replace all earlier versions unless it says differently. Please check back frequently to see any updates or changes to our Notice. This policy is not intended to, nor does it, create any contractual rights whatsoever or any other legal rights, nor does it create any obligations on Wema Bank PLC in respect of any other party or on behalf of any party.

If you have any questions, concerns, or comments about our privacy policy, you may contact our Data Protection Officer. Kindly address your request to “The Data Protection Officer” at 54, Marina Road, Marina, Lagos State, Nigeria, or via email (dpo@wemabank.com)

If you have any further questions or comments about us or our policies, please do not hesitate to contact us.

Email us at: purpleconnect@wemabank.com

Call us: +234-803-900-3700.

Download our full data privacy policy here.