To enable Novum Bank Limited (hereafter “we”) to provide the services offered on our websites, we collect certain information from you and process it as required. This Data Protection Policy explains in detail the information we collect, process and use, and for what purposes. This Data Protection Policy also specifies your rights and our obligations under the relevant data protection regulations. One of our main priorities is to protect your personal data within the scope of our services throughout the entire business process, and we want you to feel secure when you visit our websites.
1. Your Personal Data
Personal data is specific information regarding your personal or material circumstances. To provide our services to you, we will ask you to supply certain items of personal information, such as your full name, your current address, your date of birth, your mobile phone number and your e-mail address (“Your Personal Data”). In addition, you must choose a user name and password for your user profile (“Your Security Data”). (“Your Personal Data” and “Your Security Data” are henceforth jointly referred to as “Your Data”.)
Your Data is collected, processed (this includes storage and transmission) and used exclusively in compliance with the current data protection regulations, including the German Data Protection Act (BDSG), the Maltese Data Protection Law and the EU Council Directive 95/46/EC on the protection of individuals with regard to the processing of personal data (“Directive”), and for the purposes specified below.
The principal who is responsible for processing the data within the meaning of the BDSG and the Directive is Novum Bank Limited, with its head office at 4th Floor, Global Capital Building, Testaferrata Street, Ta’Xbiex XBX 1403, Malta, registered in the company registry of the Malta Financial Services Authority under C 46997.
3. We use Your Data for the following purposes
We use Your Data in compliance with the applicable legislation insofar as it is required to process a money transaction, e.g. for authorisation of transactions, and to enable us to identify you when you are using our services. In case of a money remittance it is necessary that we transfer parts of your data to the recipient bank. Furthermore, we will store the remitter’s data at least as part of your transaction history at Novum Bank Limited. You must ensure that you have obtained all necessary consents for the use of the recipient`s data before the transaction.
We also use Your Data to verify a user’s identity where we are bound to do so in accordance with the applicable anti money laundering and prevention of terrorism legislation and/or if we suspect that a crime has actually been committed (e.g. fraud or other fiscal offences). In order to be compliant with legal requirements concerning the prevention of money laundering and fraud, we are obliged to observe certain transfer limits. In case your transactions exceed these transfer limits and you are located in Germany, we will carry out an identity check through the German post office (PostIdent) to verify your identity. Concerning all other countries, please send us a certified copy of your passport for verification.
If you contact our Customer Services department, we may store any written correspondence between you and us. We use this information to carry out our services. Moreover, we may also record any telephone calls you have with us for the same purposes; however, in this case we will inform you that we are about to do so, and will obtain your consent at the start of each call.
We store information about your use of our services in line with the Laws of Malta, particularly, the Banking, data Protection and Fiscal Laws in Malta.
When you visit our websites, we automatically receive information about which of our websites you are visiting and the browser you are using. This information will be stored anonymously, and we will use it for statistical purposes to manage the data load on our servers, to improve our services and to make our websites more user-friendly.
Cookies are small data files that are stored on your computer. For example, when you click on the flag of a particular country on our websites, a cookie is added to your computer that stores the flag you selected so that the language version relating to that particular flag is called up when you next visit that website. Our websites can also be used without cookies. Most browsers are set to automatically accept cookies, but you can disable the setting for saving cookies or set your browser so that you are notified when cookies are sent.
5. Direct marketing
We may contact you electronically (by email, SMS or MMS) to inform you about our range of similar products or services. You reserve the right at any time to refuse to allow Your Data to be used in this way, and we will emphasise this fact every time you are contacted for marketing purposes. If you do not want Your Data to be used for the purposes stated, please contact our Customer Services department.
6. Transmitting Your Data to third parties
As a matter of principle, we do not transmit Your Data to third parties unless we are required to do so to perform our contractual obligations towards you (e.g. to process transactions). If, within the scope of our performance of the contract, we use sub-contractors to process Your Data on our behalf and in accordance with our instructions, this will be carried out subject to written agreements regarding contract data processing that comply with the provisions of the Maltese Data Processing Act. For the implementation of your desired transaction it can be necessary that we disclose Your Data to banks beyond the European Economic Area (“EEA”). By releasing a transaction you are automatically giving your consent for transmitting Your Data to the appropriate bank in the country you have chosen.
7. Third party websites
Some of our websites contain links to third party websites which are subject to the data protection rules of those third parties. We are in no way responsible for such websites or for the data protection rules pertaining to them. If you supply Your Data to third party websites, please read the relevant data protection rules very carefully before you submit any personal information.
8. Data integrity
We, and any contract data processing agents we employ, will take all the necessary technical and organisational security measures to protect Your Data from loss or misuse. Your Data is therefore stored in a secure operating environment on a server located in Germany, and protected from access by unauthorised persons. In certain cases, your personal data may be encrypted on transmission using Secure Socket Layer technology (“SSL”). This means that a recognised encryption method is used when your computer communicates with our servers.
9. Retention Period
We will only store Your Data for as long as it is required for the purposes for which it has been collected, and/or to the extent that we are obliged to do so under the applicable legislation on data retention.
10. Your right to disclosure and to correct Your Data
You have the right to ask us at any time to provide written information about Your Data stored on our servers and how it is processed. If Your Data is incorrect, you have the right and the duty to demand that we correct it or to change the appropriate data yourself. Where applicable, we shall erase or block Your Data at your request, unless applicable law requires otherwise. In any of the above cases, please contact our Customer Services department.
11. Amendments to this Data Protection Policy
We may amend this Data Protection Policy at any time within the limits of the applicable legislation. Prior to any amendments we shall give written notification by sending an email message to you. For this reason, it is necessary that we have your actual personal data at all times.
If you have any queries or comments regarding our Data Protection Policy, please contact our Customer Services department.