Popular Searches

العربية

Data Privacy Notice

Data Privacy

Providing and holding personal information comes with significant rights on your part and significant responsibilities on ours. At Qatar Islamic Bank, we take your privacy seriously and are fully committed to keeping your information private. It is important that you know exactly what we do with the personal information that you and others provide to us, why we gather it and what it means to you.

 

Our Data Privacy Notice explains how we hold and use your personal information. You can download the current version of our Data Privacy Notice in our website.

Who we are

At Qatar Islamic Bank (“we”, “our”, “us”), we are deeply committed to protecting your privacy and ensuring the security of your personal data. As part of our ongoing commitment to transparency, we provide this Privacy Policy to inform you about how we collect, use, disclose and protect your personal information in accordance with applicable data protection laws.

This notice applies to all our products and services. We recognize the trust you place in us when you provide your personal data, and we are committed to upholding the highest standards of privacy and data security. This policy applies to all customers, employees and third-party users of our services.

If you have any questions about how your information is gathered, stored, shared or used, please contact our Data Privacy Office. You have rights over how we use your personal data, if you want to make a request or ask question about your rights under the PDPPL, just get in touch with us.

What Personal Data We Collect

In order to provide you with our banking products and services, we collect and process a variety of personal data. The types of personal data that we collect including but not limited to:

  • Personal Identification Information: We collect basic personal information such as your name, address, date of birth, nationality, passport number, ID number and government-issued identification.
  • Financial Information: We collect financial data including your bank account details, credit and debit card information, transaction records, loan history, creditworthiness and other relevant financial data required to offer financial products.
  • Contact Information: We may collect your phone numbers, email addresses, mailing addresses, and communication preferences to ensure that we can communicate with you regarding your account and services.
  • Transactional Data: This includes information related to your account activity, such as transaction history, deposits, withdrawals, loan repayments, investments, and transfers.
  • Sensitive Personal Data: In certain cases, we may collect sensitive data, including biometric data (e.g., fingerprints or facial recognition), health-related data for certain products and other data deemed sensitive under the PDPPL.
  • Minors’ Data: We may collect and process personal data of minors, when offering products or services specifically designed for minors. In such cases, we obtain explicit consent and authorization from the minor’s parent or legal guardian, who remain responsible for managing and supervising the minor’s account and related activities. The collection and processing of Minors’ data will be carried out in accordance with applicable data protection laws.

Personal data may be collected directly from customers, third-party service providers or from publicly available sources, as permitted by applicable laws.

How We Use Your Personal Data

Your personal data is collected for specific, legitimate purposes and we process it only to the extent necessary to provide our banking services, fulfill legal obligations and protect our interests. The main purposes for which we process your personal data include:

  • Service Delivery and Contractual Performance: We use your personal data to process transactions, manage your accounts, issue and manage banking products and provide customer support and related services.
  • Compliance with Legal Obligations: We process your data to comply with legal, regulatory, and contractual obligations, including compliance with Qatar’s PDPPL, QCB regulations, anti-money laundering (AML) laws, and know-your-customer (KYC) requirements.
  • Fraud Prevention and Security: Your data is used to detect and prevent fraudulent activity, to verify your identity, and to protect against unauthorized access to our systems and services.
  • Marketing and Promotional Communications: With your consent, we may use your data to send marketing communications about products, services, and promotions that we believe may be of interest to you. You can opt out of such communications at any time.
  • Operational and Performance Analysis: We may use your data to analyze the effectiveness of our services, to improve customer experience and to conduct research and development to enhance our offerings.

We will never use your personal data for purposes other than those specified at the time of collection, unless we obtain your explicit consent or are legally obligated to do so.

Legal Basis for Processing Your Personal Data

In accordance with the PDPPL and other applicable laws, we process your personal data on the following legal grounds:

  • Consent: Where you have provided your explicit consent to the processing of your personal data for specific purposes (e.g., marketing).
  • Contractual Necessity: The processing is necessary for the performance of a contract with you (e.g., to provide banking services or manage your account).
  • Legal Obligation: The processing is required for us to comply with legal obligations (e.g., KYC, AML compliance, tax reporting).
  • Legitimate Interests: We process your data for legitimate interests, such as protecting the security of our systems, preventing fraud, and improving our services. Where we rely on legitimate interests, we balance these interests against your rights and freedoms.

Where required by law, we will obtain your consent prior to processing your sensitive personal data.

Data Retention and Disposal

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and in accordance with legal, regulatory and operational requirements. The retention period may vary depending on the type of data, the nature of your relationship with the Bank and statutory obligations under the Qatar Central Bank (QCB) and the Personal Data Privacy Protection Law (PDPPL).

  • Financial Records: We retain financial transaction data for the duration of your relationship with us, plus any additional period required by regulatory bodies or for audit purposes.
  • Contractual Documents: Any data related to contracts, agreements or products is retained for the duration of the contract and any applicable legal retention periods.
  • Marketing Data: Data used for marketing purposes will be retained only for as long as you remain a customer or until you withdraw your consent.
  • Upon account closure your personal data will be securely deleted or anonymized once the retention period mandated by QCB, unless it must be retained for legal, regulatory or legitimate business reasons, in line with the Bank’s Data Retention and Disposal Guidelines.

Your Rights over Your Personal Data

Providing and holding personal information comes with significant rights on your part and significant obligations on ours. You have several rights in relation to how we use your information. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise:

You have the right to:

  • Right to Protection & Lawful Processing – You have the right to expect that your personal data will be collected and used in a fair, lawful and secure manner
  • Right to withdraw Consent – If you have given us consent to use your data, you can withdraw it at any time. Withdrawing consent will not affect any processing done before the withdrawal
  • Right to Object for Processing – You may object to our use of your data in certain cases, especially if we rely on legitimate interests as our legal basis or if it’s used for direct marketing
  • Right to request the deletion of data (right to be forgotten) – You can ask us to delete your personal data when it’s no longer needed or if you withdraw consent and there’s no other legal reason to keep it
  • Right to Request Correction – You can ask us to correct or complete any inaccurate or incomplete personal data we hold about you
  • Right to be notified for Processing – You have the right to be informed about how your data is collected and used. We will provide this information in a clear and accessible way
  • Right to be notified of a Data Breach – If your personal data is ever unlawfully accessed or shared, we will notify you as required by law
  • Right to Access – You can request details of the personal data we hold about you and obtain a copy of it
  • Right to Complain – If you are not happy with how we user your data or how respond to your request, you can complain to us.

To exercise any of these rights, please contact our Data Privacy Officer using the contact details provided below.

Automated Decision Making & Profiling

In certain instances, we may use automated decision-making to support our business operations. This includes systems that make decisions without human involvement, such as:

  • Pre-screening loan or financing eligibility
  • Automated fraud detection systems
  • Credit scoring based on historical patterns

Where such decisions produce legal or similarly significant effects, you will be notified in advance and you have the right to request:

  • Human Intervention
  • An explanation of the decision
  • The right to contest the outcome

How we use your information for Marketing and Research

We may use your data to send you marketing communications and conduct research activities, provided we have a lawful basis such as your consent or our legitimate interests (where allowed by law).

Marketing communications may include:

  • Product and Service updates
  • Offers and Campaigns
  • Invitations to surveys and feedback forms

Research Activities may include:

  • Customer satisfaction surveys
  • Service usage analytics to improve our offerings
  • Internal analytics to tailor services to customer preferences
  • You have the right to opt out of marketing communications at any time using the unsubscribe link in emails or by contacting us

We do not sell, rent or disclose your personal data to third parties for purposes unrelated to providing financial services or completing transactions you request, unless you provide explicit consent.

Data Security

We are committed to ensuring the security of your personal data. We use industry-standard security measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Encryption: Personal data is encrypted both in transit and at rest to protect it from unauthorized access.
  • Access Controls: Only authorized personnel have access to your personal data, and they are bound by strict confidentiality agreements.
  • Regular Audits: We conduct regular security audits and vulnerability assessments to ensure the ongoing safety and security of your data.
  • Incident Response: We have implemented procedures to detect, report and respond to data breaches, in accordance with our policies.

Despite these efforts, please note that no method of transmission over the Internet or electronic storage is completely secure. However, we are committed to maintaining a high level of security for your data and we also encourage our customers to take steps to protect their personal data, such as safeguarding login credentials and being vigilant against phishing attempts.

 For more information, please visit our “Information Security” page.

Data Transfers outside Qatar

In certain circumstances, we may transfer your personal data outside Qatar, for example, to third-party service providers, cloud service providers or regulatory bodies that are located in other jurisdictions. If we do transfer your data outside Qatar, we will ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs): We may use SCCs to ensure that your personal data is processed in a manner that complies with Qatar’s PDPPL and international standards.
  • Adequacy Decisions: Where applicable, we may transfer your data to countries that are deemed to provide an adequate level of data protection, such as certain European Union countries.
  • Third-Party Data Processing Agreements: We enter into data processing agreements with our third-party service providers to ensure they comply with the same level of data protection standards as required by law and regulations.

Monitoring and Recording of Communications

To ensure the security, quality and compliance of our services, we may record or monitor certain types of communications and interactions with you. This includes:

  • Telephone conversations (for training, verification and quality assurance)
  • In-branch conversations and service requests
  • Email correspondence and online chat transcripts
  • CCTV surveillance in and around QIB premises for security purposes

These recordings and footage may be used for:

  • Ensuring accurate processing of your requests
  • Internal staff training
  • Detecting and preventing fraud or unauthorized activity
  • Regulatory compliance and dispute resolution

By interacting with our branches or contact channels, you acknowledge that such communications may be recorded and retained in accordance with our data retention policies

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements or technological advancements. We will notify you of significant changes to this Privacy Policy by posting an updated version on our website and where necessary, by contacting you directly. We encourage you to review this policy periodically to stay informed about how we are protecting your privacy.

Contact Information

If you have any questions or concerns regarding this Privacy Policy, or if you wish to exercise your rights over your personal data, please contact our Data Privacy Officer at:

Qatar Islamic Bank & Data Privacy Officer (DPO)

Email : DataPrivacy@qib.com.qa

Doha, Qatar.