Privacy & Cookies Policy
Sonali Bank (UK) Limited is committed to respecting and protecting your privacy. The purpose of this policy is to outline how the Bank has established measures to protect your privacy and information rights.
We recognise that you have rights as a ‘data subject’, and that we have an obligation to uphold these.
This privacy notice aims to outline how we maintain these rights. In particular, it outlines:
• How we collect and process your information
• Why we do this
• How you can exercise your rights;
• Who to contact in the event you’re unhappy with our performance.
Right to be informed
This encompasses the obligation for us to be transparent in how we collect and use your personal data.
Right of access
You have the right to access your personal data and supplementary information.
Right to rectification
If the information we hold on you is inaccurate or incomplete, you can request we correct this.
Right to erasure
You can request we delete or remove personal data where there is no compelling reason for us to continue processing
Right to restrict processing
You have the right to request we cease processing your data, if:
• You consider it inaccurate or incomplete;
• Where you object to processing and we are considering
• W hether we still have a legitimate interest to process it.
• Where we don’t need the data for the original reason we collected it, but may need it to support a legal claim
Right to data portability
Where you have consented to our processing your data, or where the processing is necessary for us to deliver a contract, you can request a copy of that data be provided to a third party in electronic form.
Right to object
You have the right to object to our processing under certain circumstances. For example, you can object to direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.
Rights relating to automated decision making including profiling
Where we apply automated decision making, we must
• give you information about the processing;
• introduce simple ways for you to request human intervention or challenge a decision;
• carry out regular checks to make sure that our systems are working as intended
Information related to automated decision making is contained later in this notice.
Information we collect
We will prior to commencing a banking relationship with you and periodically thereafter collect personal information about you such as your Name, Address, Date of Birth, Telephone Number, Source of Funds/Wealth, Purpose of the Transaction/Service which may include a copy of your Passport, Utility Bill and/or other documentation, required to comply with the relevant laws and regulations and/or to provide banking services to you.
Why we collect this
The lawful basis for processing such information about you is:
• That the Bank has a legal obligation to do so and processing is necessary for theBank to comply with relevant laws and regulations.
Such laws and regulations would typically include Anti Money Laundering, Combating Terrorist Finance, Anti Bribery and Corruption, Fraud and Tax Evasion.
• To ensure we have up-to-date information on file -required by law- to enable us to provide relevant services to you.
How we process this
We will keep this documentation either in hard copy or electronically throughout your banking relationship with Sonali Bank (UK) Limited. When your relationship with the Bank ceases we will continue to retain such information in accordance with legal requirements – for a minimum period of 6 years or longer if required, but not exceeding 10 years, following which it will be deleted from our records.
Transfer of data
Sonali Bank (UK) Limited may outsource certain services to third parties which may include scanning of documentation or storing of data. The bank will only use reputable 3rd parties located in the UK to perform such services. We will require such service providers to comply with the relevant laws and regulations to ensure that your data is safe and handled securely.
In order to perform a banking service, for example to remit money to a beneficiary in Bangladesh, we have to provide certain data relating to remitter and beneficiary to Sonali Bank Limited and/or its branches (the Group) where data protection laws do not provide the same level of protection as in the UK. However, we will make sure that such customer information is protected in accordance with the applicable data protection laws/secrecy and security code applying to members of the group.
The Bank/Group will only use the details you have provided to us in order to perform banking services or to comply with the relevant legal obligations and requirements. The Bank will not disclose your information to any external organisation unless required to do so by law nor will it use the data you provide for any other purpose, unless specific consent has been obtained from you.
Retention of data
We hold information we collect from you to support our legal and regulatory requirements. Once your relationship with Sonali Bank (UK) Limited ceases we will retain such information/data for six years or longer if required, but not exceeding 10 years. Thereafter your data will be deleted from our systems/files.
Automated decision making
The bank currently does not exercise automated decision making or profiling.
Securing your information
The Bank maintains strict security systems designed to prevent unauthorised access to your information by anyone, including its staff. All Bank staff with permitted access to your information are specifically required to observe the Bank’s confidentiality obligations.
The Bank has a wide range of Information Security controls (both technical and procedural) to ensure your data is secure and to support its commitment to GDPR, these include:
• Access control
• Physical Security
• Information and System Segregation
• System Resilience
• Change Management controls
• 24/7 Monitoring and Incident Response
• Staff Security Awareness
• Security by Design
• Data Discovery, Extraction and Destruction capabilities
If you have any questions in respect of this policy, or would like to exercise your rights as a data subject (for example, to correct data or to exercise your right to access) please contact Sonali Bank (UK) Limited, as data controller at
Sonali Bank (UK) Limited
29-33 Osborn Street
London, E1 6TD
Telephone: +44 (0)207 877 8200
If you are not satisfied that we have responded to your query adequately, or if you have a complaint, the Information Commissioner’s Office can be contacted as follows
Information Commissioner’s Office
Water Lane, Wilmslow
Cheshire, SK9 5AF
Telephone: +44 (0)303 123 1113 or 01625 545745