Top
Alfransi Bank
Toggle Menu

Privacy Notice


1. Privacy Notice


At Banque Saudi Fransi (“BSF”,” Bank”, “us”, “we”, “our”) we value your privacy and value the trust you place in us when you share your Personal Data. This Privacy Notice (the “Notice”) outlines how we Collect, Process, use, manage, disclose and protect your Personal Data. This Notice is framed according to the applicable regulations including the Personal Data Protection Laws and Regulations in the Kingdom of Saudi Arabia (“PDPL”).



2. Why We Collect, Process, and Use Your Personal Data


We may use your Personal Data to provide you with our services including:


  • Provide Banking Products and Services: To open account, issue credit/debit cards, using BSF mobile and web applications, payment services, loans, investment, and any other service or product offered by BSF in the future as one of its banking services.

  • Operational Efficiency: Ensuring accurate transactional recordings, verification, validation, and efficient billing.

  • Safety & Security: Ensure your account security through advanced fraud prevention and cutting-edge cybersecurity measures.

  • Regulatory Compliance and Reporting: Meeting our obligations to comply with regulatory requirements (i.e. KYC, verifying your identity) and to present reports to supervisory bodies, as strictly necessary, maintaining confidentiality to the extent legally permissible.

  • Criminal Activity Monitoring: Monitoring transactions against fraud, and suspicious activity detection, prevention, investigation, combating money laundering, fraud, and terrorism financing.

  • Credit Assessment: Collaborating with trusted entities and licensed credit bureaus to assess creditworthiness for loan applications or credit facilities.

  • Marketing and Communication: to conduct general, aggregated, or tailored marketing materials and activities, we may use your personal data to keep you informed and updated about our products, services, and special offers. Consent if often required for direct marketing activities.

  • Financial Profiling: Evaluating your financial behaviors, credit statuses, and history to determine your eligibility for specific banking products or services.

  • Enhanced Customer Service: Addressing your concerns, inquiries, and ensuring a high quality banking experience.

  • Feedback, Analytics, & Improvement: Regularly gathering feedback and generating reports using analytics and customers behaviors and preferences to refine our offerings and enhancing your banking experience.

  • Notification: timely notification regarding changes in your account balance or other notifications related to banking transection (withdraw, deposit, and point of sale or online purchase, etc.)

  • Awareness: inform you about various security measures, precautions, and best practices to safeguard your accounts and Personal Data. These messages might include tips on avoiding phishing scams, protecting passwords or OTPs, and provide guidance on safe banking practices.


3. Lawful basis for processing your Personal Data


At BSF, we prioritize transparency in our dealings, especially when it comes to managing and utilizing the Personal Data you entrust us with. We gather and use your data based on the following lawful purposes:


  • Contractual Obligation: To fulfill our promises, offer our services, and maintain the high standards of banking you expect from us.

  • Legitimate Interest: To achieve the Bank’s lawful interested and continuously improve our services and protect both the Bank and its customers, without prejudice to your rights and interests.

  • Actual interest: To achieve moral or material interest to you, such as securing your account.

  • Legal Obligation: To meet our regulatory and legal requirements as a Banking institution operating in the Kingdom of Saudi Arabia, whether pursuant to laws applicable to us or applicable to you.

  • Consent: When we process your personal data based on your consent.


4. What Personal Data We Collect, Process, and Use


When you are a customer or legal guardian of our customer or related party (including, who fully or partially lack legal capacity, corporates, enterprises, and other legal entities.), to provide you with our services, products, we may collect the following data:


Type of Personal Data Description
Personal Data Full name, gender, nationality, citizenship, National/Residency ID, passport, mobile number, email address, telephone number, age, birth date, birth place, marital status, national address, personal assets, account number, credit/debit cards numbers, account balance, account transaction data, education level, and any relationship with politically exposed person and relevant data.
Credit Data Personal income, credit record, property, assets (financial, real state, stock, etc.,) investment, tax identification number, SIMAH report, and any other data relevant to personal credit status.
Biometrics Data Signature, handwriting, fingerprint, voice, and face recognition data.
Health Data In some conditions we may collect medical reports, health condition, whether physical, mental or psychological conditions.
Other Data Personal Data for compliance with laws and regulations and regulatory requirements, or for delivering online services. Such as, location (including geographic location and network IP address), cookies, communication records (including video or audio records).
Personal data arising from customer investigation, e.g., Personal Data collected during customer due diligence, sanction or anti-money laundering checks.


5. How We Collect Your Personal Data


  • When you directly provide us your Personal Data.

  • When we collect and verify your Personal Data from other sources. such as, licensed credit bureaus, regulatory bodies, public entity, financial and regulatory authorities.

  • In some cases, we collect certain data based on your Consent, which ensures that we use your data only in ways that you agreed to.


6. Data Retention, Storage, and Destruction


Your Personal Data will be stored and retained securely to the extent necessary or as required by the law, and for a minimum of ten years or for the duration necessary to fulfill the outlined purposes in this Notice. This duration might be changed or extended based on your continued usage and benefiting of our services and products, and/or based on regulatory requirements for the retention of Personal Data or connected information. At the lapse of such duration(s) or upon your request to the extend technically applicable and legal permissible, such data will be destructed securely.



7. Data Protection


Your data security is important to us. We deploy both organizational and technical measures, including periodic audits, staff training, and strict policy and procedures for protection against unauthorized data access or processing. Rest assured, BSF stores your Personal Data with appropriate security measures, such as encryption, masking, and restricted access mechanisms.


Although we do our due diligence, we make no warranties, towards the security of third-party links in our websites. BSF assumes no responsibility for the completeness, accuracy, reliability, nor the protection from third-parties (including without limitation software, websites, etc.,), if any, which may be linked to our websites.



8. How We May Share Your Personal Data


Your Personal Data may be shared:


  • within BSF’s affiliates, subsidiaries, sister companies (“BSF Group”).

  • With competent authorities, agencies, and regulatory bodies, whether for verification purposes, to fulfil regulatory compliance obligations, or for other legal requirements.

  • With third party who assist in providing service on behalf of BSF.

  • Where there is a legitimate interest, public interest, or legal obligation.

  • Competent authorities for credit assessment and reporting.

  • With payment service providers to facilitate your payments.

BSF maintains the utmost confidentiality of all collected data. Data disclosure occurs only under legal mandates or to enhance our services, in accordance with this Notice.


In the case of transferring Personal Data outside the Kingdom, or sharing it with external entities, is carried out judiciously, adhering to the Personal Data Protection Law of the Kingdom of Saudi Arabia.



9. How We Use Cookies


When you visit our website or our application, we use cookies to enhance your experience and improve the functionality of our services. Cookies are small text files that are stored on your device. They help us understand how our applications or website are being used and to enhance your experience when you allow us.



10. Individual Who Lacks Legal Capacity


For customers who fully or partially lack legal capacity, we require legal guardian Consent before Processing any Personal Data.



11. Your Rights as Our Customer


1. Right to be Informed


You have the right to be informed about the legal basis and the purpose of the Collection and Processing of your Personal Data.


2. Right to Access Personal Data


You have the right to access or receive a copy of your Personal Data through the channels provided by BSF in a structured, commonly used, and readable soft or hard copy format if possible.


3. Right to Access


You have the right to access your Personal Data through the channels provided by BSF.


4. Right to Request Correction


You have the right to request correction, completion or updating of your Personal Data available to BSF.


5. Right to Destruction


As long as there is no legal requirement or legitimate interest to Process or retain the data, you have the right to request Destruction of your Personal Data available to BSF, if it is no longer needed for the purpose it was originally collected.


6. Right to Withdraw Consent


You have right to withdraw your Consent as long as there is no legal requirement to Process the data.



12. Privacy Notice Amendments


BSF may update this Notice occasionally, especially to stay compliant with new laws. Always refer to this section for the latest version. The current version was last updated on September, 2024 .



13. Contacting Us


Maintaining the privacy and trust of our customers data is of utmost importance to BSF, and for any queries or to exercise any of the rights mentioned, please contact our Data Privacy Office at DPO@bsf.sa.


BSF is under the control and supervision of the Saudi Central Bank (SAMA).



Term Explanation
PDPL Personal Data Protection Law.
Personal Data Any element of data, regardless of its source or form, that independently or when combined with other available information could lead to the identification of an individual specifically, or that may directly or indirectly make it possible to identify an individual, including but not limited to name, personal identification number, addresses, contact numbers, license numbers, records, personal assets, bank and credit card numbers, photos and videos of an individual, and any other data of personal nature.
Collection The collection of Personal Data by BSF by the provisions of this Law, either from the Data Subject directly, a representative of the Data Subject, any legal guardian over the Data Subject, or any other party.
Destruction Any action taken on Personal Data that makes it unreadable and irretrievable, or impossible to identify the related Data Subject.
Processing Any operation carried out on Personal Data by any means, whether manual or automated, including collecting, recording, saving, indexing, organizing, formatting, storing, modifying, updating, consolidating, retrieving, using, disclosing, transmitting, publishing, sharing, linking, blocking, erasing and destroying data.
Consent Consent is a crucial concept that refers to the Data Subject’s freely given, specific, informed, and unambiguous agreement to the Processing of their Personal Data. It's a fundamental requirement for organizations to collect, use, or share Personal Data lawfully and transparently.
Data Subject The individual to whom the Personal Data relates (also referred to as “you” or “customer(s)” in this Notice).

Contact Us