Introduction

The First Iraqi Bank (FIB) offers financial services to private and business customers. „FIB“ or „we“ or „us“ refers to First Iraqi Bank Company and the FIB Corporate Family in this privacy policy. The FIB Corporate Family means FIB´s subsidiaries, joint ventures and other corporate entities under common ownership and/or any of their agents, consultants, employees, officers and directors.

This privacy policy applies whenever you use the banking mobile app or otherwise access any of our products, services, content, first-iraqi-bank.com and/or the other domains provided by the FIB, together referred as „services.“ This privacy policy describes:

• What information we collect and why
• How we use this information and with whom we share it
• How you can access that information
• The choices you can make about how we collect, use, and share that information
• How we protect the information we store about you

Information we collect

We collect the following types of information:

• Your telephone number and password when you open your account at the FIB.

• Information provided by you during the onboarding process. For a Personal User this includes:

  • Name and address
  • Date of birth
  • ID document number
  • Issue and expiry date of the ID document
  • Any results gathered when checking your identity against international crime databases

• Information provided by you during the onboarding process. For a Business User this includes:

  • Your name and address
  • Date of birth
  • ID document number
  • Issue and expiry date of the ID document
  • Any results gathered when checking your identity against international crime databases
  • All personal information mentioned above from all beneficiary owners of your business
  • All information about your business provided by you during the onboarding. This includes category of business, opening hours, contact details, address, ownership structure, information included inside the business certificate uploaded by you
• History of all transactions performed through the FIB mobile app including transaction amount, transaction date, beneficiary account and account balance. This sensitive personal information is gathered exclusively to perform internal banking processes or to fulfil regulatory requirements and will never be shared with the general pub
• Your behaviour using the FIB mobile app. To further improve our mobile app and service we may record and analyse your behaviour while using the FIB mobile app. This data can also be gathered and processed using a third-party provider. It will at all times be gathered and stored anonymously without any connection to your ident
• Communications between you and the FIB. For example, we may send you service-related messages (e.g. account verification, changes/updates to features of the service, technical and security notices). Note that you may not opt-out of service-related messages.

How we collect information

collect information directly from you, as well as automatically through the use of our service, in some cases, from third parties. Information that you give us: Typically the information we collect directly from you are the information given from you to us during the onboarding process, relationship information like the content of customer service requests that you initiate, reviews you submit on our products, or responses to surveys. You decide how much information you share with us in most cases, but not sharing required information may limit your ability to engage in certain activities such as the information required to open an account. Information collected automatically: When you use or interact with our services, we receive, and store information generated by your activity. Like usage data and other information automatically collected from your mobile device. This information may include your IP address; mobile device type and OS version; preferred language; geographic location using IP address or the GPS, or wireless technology on your device. We also may log the length of time of your visit and the number of times you visit and use the Service. In most cases this information is automatically generated by various tracking technologies. Tracking technologies may include „Cookies“, „flash LSOs,“ „web beacons“ or „web bugs“ and „clear GIFs“. If you don´t want the FIB to collect, store, use or share your information in the ways described in this privacy policy, you may not use the FIB´s services.

What we use your personal information for

We use your personal information to:

• Provide FIBs services to you
• Respond to your requests, inquiries, comments, or concerns
• Enable you to personalise FIB services and to select content you want to access or to share with a third party
• Notify you about changes or updates to the FIBs and other products services, including those belonging to related third parties
• Provide you special offers and other information about related events, products and services and to invite you to participate in surveys, competitions and promotions, as determined by your choices and communication preferences
• Evaluate and improve FIB and other products and services and to develop new products or services
• Identify and analyse usage trends and determine the effectiveness of our promotional campaigns
• Provide technical, product and other support and help keep FIB services working, safe and secure; and
• Comply with our legal obligations

Third Party Providers

The FIB uses certain trusted third parties to help us provide, improve, promote, and protect Services. For example, we may use third parties to help us provide customer support, manage our ads on other sites or assist with data storage. These third parties may access, process or store your information to perform tasks only for the purposes we have authorised, and we required them to provide at least the same level of protection for your information as described in this Privacy Policy. We also may share with third parties aggregated or anonymised information that does not directly identify you.

Cookies and tracking technologies

We and our third-party partners may use various technologies to collect and store service usage data when you use our service (as discussed above), and this may include using cookies and similar tracking technologies, such as pixels, web beacons, and if you use our mobile apps, through our SDKs deployed on your mobile device. For example, we may use web beacons in the messages we send, which enable us to track certain behavior, such as whether the message sent was delivered and opened and whether links within the message were clicked. Both web beacons and SDKs allow us to collect information such as the recipient’s IP address, browser, message client type and other similar data as further described above details. We use this information to measure the performance of our message campaigns, to provide analytics information, enhance the effectiveness of our service, and for other purposes described above.

Data retention

The FIB will keep your personal data for the minimum period necessary for the purposes set out in this notice, namely (i) for as long as you are a registered subscriber or user of our products or (ii) for as long as your personal data are necessary in connection with the lawful purposes set out in this notice, for which we have a valid legal basis or (iii) for as long as is reasonably necessary for business purposes related to provision of the services, such as internal reporting and reconciliation purposes, warranties or to provide you with feedback or information you might request. Where required by law, we will delete your biometric data within three years of your last interaction with the services.

In addition, if any relevant legal claims are brought, we may continue to process your personal data for such additional periods as are necessary in connection with that claim. Once the abovementioned periods, each to the extent applicable, have concluded, we will either permanently delete, destroy, or de-identify the relevant personal data so that it can no longer reasonably be tied to you.

Communications

When you send us a message asking for support or information via WhatsApp, we use your telephone number to thank you for your comment and/or reply to your question, and we will store your communication and our reply for any future correspondence. Beyond our initial reply, we will never use your telephone number to send you any unsolicited message or information, nor will we share it with or sell it to anyone else for such use.

When you request information or other services from us, we use your telephone number and other information you give us to provide you with the information or other services, until you ask us to stop, or until the information service is no longer available.

We will never use your telephone number or any other information to provide you with any unsolicited messages or information, nor will we share it with or sell, rent or lease it to any third party for such uses.

Business transfers

If you have registered to use the FIB services, we will not sell, rent, swap, or authorize any third party to use your personal information without your permission. In the future, we may sell, buy, merge or partner with other companies or businesses. In such transactions, we may include your information among the transferred assets.

Children under the age of 18

Our mobile app is not intended for children under 18 years of age and you must be at least 18 years old to have our permission to use this mobile app. We do not knowingly collect, use, or disclose personally identifiable information from children under 18.

Contact list

FIB will ask for your permission to access your contact list in order to make transfers to other FIB users using their phone numbers.

By allowing access to your contact list, FIB will cross check the phone numbers with already existing FIB users and will display whether those users already own a FIB account and will facilitate the transfer.

Future changes to the privacy policy

We may update this policy as necessary to reflect changes we make and to satisfy legal requirements. We´ll post a prominent notice of material changes in our mobile app. We´ll give you reasonable notice before any material changes take effect.