Privacy Policy

Introduction

Ashmore Trust Bank (hereinafter referred to as "Ashmore Trust," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. As a data controller, we process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and relevant banking privacy codes and regulations.

This Privacy Policy applies to all individuals whose personal data we process, including current and prospective customers, their representatives or authorized signers, beneficial owners, newsletter subscribers, event attendees, and job applicants.

Personal Data We Collect

Personal data refers to any information relating to an identified or identifiable natural person. The categories of personal data we may process include:

Identity Information

• Basic identifiers such as full name, title, prefix, suffix, and date of birth
• Contact details including email address, postal address, and telephone numbers
• Information from identity documents (passport, driver's license, national ID card)
• Your relationship with us (e.g., account holder, authorized representative, beneficiary, guarantor)

Financial Information

• Account numbers, balances, and transaction history
• Payment instructions, recipient account details, and transfer amounts
• Investment portfolios and trading activity
• Credit history and creditworthiness information
• Loan agreements and repayment records

Communication Records

• Records of your interactions with us (calls, emails, secure messages)
• Date, time, and method of communication
• Call recordings and meeting notes (where permitted by law)
• Correspondence related to your accounts or inquiries

Security and Fraud Prevention Data

• Internal reference registers of individuals we cannot do business with
• External fraud prevention databases and sanctions lists
• Security footage from our branch locations and ATMs
• Transaction pattern analysis for fraud detection

Technical Information

• IP addresses and device identifiers
• Website browsing behavior and preferences
• Cookie preferences and settings
• Mobile app usage data

Information from External Sources

• Business registration details from public registries
• Credit bureau reports and credit scores
• Publicly available information from newspapers, internet, or social media
• Information from credit reference agencies

Job Application Data

• Resume/CV, cover letter, and employment history
• Educational background and qualifications
• References and interview notes

Event Registration Data

• Dietary requirements or accessibility needs
• Attendance records and preferences

We collect this information directly from you when you interact with us—for example, when you open an account, apply for a loan, subscribe to our newsletter, or submit a job application. We may also obtain information from third parties such as credit bureaus, public registers, or other financial institutions where permitted by law.

Purposes and Legal Basis for Processing

We collect and use your personal information for specific, legitimate purposes as outlined below. Each processing activity is supported by an appropriate legal basis under data protection law.

Customer Acceptance and Onboarding

Before establishing a relationship, we must verify your identity and assess whether we can accept you as a customer. This includes conducting required due diligence checks.

Legal basis: Legal obligation (anti-money laundering regulations), legitimate interest (risk management)

Contract Performance

We process your data to enter into and execute agreements with you, including maintaining accounts, processing transactions, and providing banking services.

Legal basis: Performance of a contract

Payment Processing

To facilitate payments and transfers, we must process transaction details including sender and recipient information.

Legal basis: Performance of a contract, legal obligation

Fraud Prevention and Security

We monitor transactions and account activity to detect and prevent fraudulent or unusual activity, protecting both you and the financial system.

Legal basis: Legal obligation, legitimate interest

Legal and Regulatory Compliance

We are subject to various legal obligations, including anti-money laundering laws, tax reporting requirements, and court orders that require processing personal data.

Legal basis: Legal obligation

Marketing and Communications

With your consent, we may send you information about products and services that may interest you. You can withdraw consent at any time.

Legal basis: Consent (where required), legitimate interest

Statistical Analysis and Research

We analyze aggregated data to improve our services, develop new products, and conduct statistical research.

Legal basis: Legitimate interest

Recruitment

To evaluate job applications and manage the recruitment process.

Legal basis: Performance of pre-contractual measures, consent

Sharing Your Personal Data

We may share your personal information with the following categories of recipients:

Within the Ashmore Trust Group

We may share data with affiliated companies within the Ashmore Trust group for internal administrative purposes and to provide you with consistent service.

Financial Institutions and Partners

• Correspondent banks to facilitate international transfers
• Payment processors and clearing houses
• Credit reference agencies and credit bureaus
• SWIFT for secure financial messaging (see below)

Government and Regulatory Authorities

• Tax authorities (e.g., IRS, state tax agencies)
• Financial intelligence units and law enforcement
• Banking regulators and supervisory authorities
• Courts and tribunals pursuant to legal orders

Service Providers

• IT and cloud service providers
• Legal and accounting professionals
• Marketing and communications agencies
• Background check and fraud prevention services

When we engage third-party processors, we enter into data processing agreements that require them to protect your data in accordance with applicable law and our instructions.

International Transfers

To provide our services, it may be necessary to transfer your personal data to recipients outside the European Economic Area. When we make such transfers, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or adequacy decisions for certain countries.

Retention Period

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including to meet legal, regulatory, tax, accounting, or reporting requirements.

Specific retention periods are determined based on:

• Legal and regulatory requirements (e.g., tax laws requiring retention for up to 7 years)
• The nature of our relationship with you
• Potential legal claims or disputes
• Risk management and security considerations

When data is no longer required, we securely delete or anonymize it. In some cases, we may retain data for longer periods where necessary for legitimate business purposes, such as fraud prevention or security, but we limit access to such data to the minimum necessary.

Your Rights

As a data subject, you have the following rights regarding your personal information:

• Right of Access: You may request confirmation of whether we process your personal data and, if so, access to that data and information about how it is processed.
• Right to Rectification: You may request correction of inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You may request deletion of your personal data where there is no compelling reason for its continued processing. Note that we may be required to retain certain data for legal or regulatory reasons.
• Right to Restriction: You may request restriction of processing in certain circumstances, such as when you contest the accuracy of the data or object to processing.
• Right to Data Portability: You may request receipt of your personal data in a structured, commonly used, machine-readable format and have the right to transmit that data to another controller.
• Right to Object: You may object to processing based on legitimate interests, including profiling. We will comply unless we have compelling legitimate grounds for the processing that override your interests.
• Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable law.

To exercise your rights, please contact us using the information provided in the "Contact" section below. We may need to verify your identity before processing your request. We will respond to your request within the timeframe required by law.

Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and against accidental loss, destruction, damage, alteration, or disclosure.

Our security measures include:

• Encryption of data in transit and at rest
• Access controls and authentication requirements
• Regular security assessments and penetration testing
• Employee training on data protection and security
• Incident response procedures
• Physical security measures at our facilities

If you have questions about the security of your personal data, or if you suspect any misuse, please contact our Data Protection Officer immediately.

Cookies

Our websites and online banking applications use cookies and similar technologies to enhance your experience and provide essential functionality.

What are cookies? Cookies are small text files stored on your device when you visit a website. They help us recognize your device, remember your preferences, and understand how you interact with our site.

Types of cookies we use:

• Strictly necessary cookies: Required for the website to function properly. These cannot be disabled.
• Functional cookies: Remember your preferences and choices to enhance your experience.
• Analytics cookies: Help us understand how visitors use our site so we can improve it.
• Marketing cookies: Used to deliver relevant advertisements and measure campaign effectiveness.

We do not place non-essential cookies without your consent. You can manage your cookie preferences through our cookie consent tool, available on our website. You may also adjust your browser settings to block or delete cookies, though this may affect website functionality.

For more detailed information about the specific cookies we use and how to manage them, please visit our Cookie Declaration page.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will notify you through appropriate channels, such as by posting a notice on our website or contacting you directly.

The most current version of this policy will always be available on our website. We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us:

To request access to or a copy of the personal information we hold about you, please send a written request to the above address, accompanied by a copy of a valid government-issued identification document.