Privacy Statement

[ Version francaise ]

This Privacy Statement sets out how Bank of Africa United Kingdom plc uses and protects any personal information that you give us when you use this Website. Bank of Africa UK and its officers and employees will comply with this Privacy Statement as well as with all relevant laws and regulations and guidelines from supervising authorities.

Bank of Africa UK may change this Privacy Statement from time to time by updating this page. You are responsible for regularly reviewing this Privacy Statement. By accessing any part of this Website you consent to the use and transfer of your information by Bank of Africa UK on the terms set out in this Statement.

When using this Website, you are not required to provide us with any personal information and Bank of Africa UK does not monitor or collect any identifiable information from you. Bank of Africa UK will track the number of users who visit areas of the Website, but this tracking will not identify you. Bank of Africa UK may also record the location of your computer on the internet for systems administration and trouble shooting and to report aggregate information.

Bank of Africa UK works with third parties to research certain usage and activities on its Website for and on its behalf. In the course of this research cookies will be used. A cookie is a small amount of data that Bank of Africa UK’s web server sends to your browser when you visit certain parts of the Website for record keeping purposes. Cookies can make the World Wide Web more useful by storing information about your preferences on particular sites, thus enabling website owners to provide more useful features for their users.

Cookies do not enable Bank of Africa UK to gather personal information about you unless you give the information to Bank of Africa UK’s web server. Most internet browser software allows the blocking of all cookies or enables you to receive a warning before a cookie is stored.

Our Information

We are your data controller for the purposes of providing you with our services. Our details are as follows:

Bank of Africa United Kingdom plc with the registered Office:

Bank of Africa United Kingdom plc

Office: 26 Upper Brook St, Mayfair, London, W1K 7QE

Companies House Number: 05321714

Telephone:020 7429 5500

In this document, ‘Bank of Africa UK’, ‘Bank’, ‘we’, and ‘us’ refers to Bank of Africa United Kingdom plc and ‘you’ refers to Bank of Africa UK's suppliers, vendors and contractors.

Privacy Statement

This privacy statement explains our current policies and conveys our commitment to your privacy.

We are required to inform you that any personal data we have about you has a high level of protection against any unauthorised or accidental disclosure, access or deletion.

We have strict security procedures in place to ensure the storage and disclosure of your data. This is done to prevent unauthorised access to your data and to comply with the General Data Protection Regulation.

The Bank will only use and process your personal data for the purpose it was collected for. If we intend to process the data in any other way, other than what was originally specified, we will contact you before undertaking any further processing.

What type of personal information do we need to collect?

The Bank may obtain the following personal information about an individual:

  1. We can collect identity data such as title, first name, last name, maiden name, marital status, date of birth, gender, father’s name, ID number, nationality, passport details, national insurance number, signature, job position country of residence and country of tax residence.
  2. Contact data which can include billing address, delivery address, email and telephone numbers.
  3. Financial data that may include bank account number, bank statement and bank balance.
  4. Information that we are obliged to acquire by law such as tax residency.
  5. Transaction data which includes details about payments made through us and details of purchases made by you.
  6. Usage data which consists of information about how you use the Bank’s website, products and services.
  7. Data that is Open and data from Public Records which may provide us with any information that is openly available on the internet.
  8. The Bank doesn’t collect any sensitive data about its customer and suppliers. Sensitive data consists of: details about race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about health and genetic and biometric data.

Where do we get your personal information from?

The Bank can collect personal data through various sources:

  1. A data subject can provide information directly by completing forms, applications, or contacting the Bank via email, post or telephone.
  2. The information that is provided to the Bank when it conducts identity and address checks.
  3. Information that is received from companies that provide Politically Exposed Person (PEP) checks.
  4. Information that is received from companies that carry out due diligence checks.
  5. Data from agents and brokers that introduce potential clients to the Bank.
  6. Businesses that provide the Bank with Debit Card facilities.
  7. Payments and remittances received by the Bank.

Why do we need your personal data?

The Bank in its personal data processes has applied the following legal basis:

  1. When it has obtained clear consent from the data subject for a specific purpose.
  2. When it takes specific steps to enter in a contract or performs its contractual obligations such as providing Banking products to its customers.
  3. When it performs its legal or statutory obligations such as reporting to regulators or sanction screening.
  4. The Bank may process your personal information where it is in the Bank’s legitimate interest. The bank will ensure that, whilst it may pursue its legitimate interest, it puts systems and controls in place to safeguard the fundamental rights and freedom of the data subject. This may include processing your information to:
    1. identify new business opportunities and to develop a relationship with you;
    2. to process personal data for litigation purposes;
    3. manage and take decisions about your accounts; and
    4. for risk reporting and risk management.

Disclosing your information to other organisations

The Bank may decide to share personal data with outside organisations. This is vital for the delivery of its products and services, and to conduct its business and comply with all regulations.

  1. We can share personal information to authorities that can include auditors and regulators based in the United Kingdom and other relevant jurisdictions who require reporting in certain circumstances.
  2. Professional advisers including lawyers, auditors and insurers who provide consultancy, legal, insurance, private healthcare providers and accounting services.
  3. Companies that provide due diligence checks of customers.
  4. Companies that provide PEP checks of customers.
  5. Financial Service companies that help us to prevent, detect and report fraudulent and criminal activities
  6. Agents and brokers that provide business to the Bank.
  7. Data may be sent to various Bank of Africa United Kingdom branches and subsidiaries
  8. Banks and other financial services companies that provide agents, correspondents or intermediary banking services.
  9. Head Office reporting as necessary for the Bank.
  10. Banks and other financial services companies that provide payment or remittances services.

When is your data sent outside the EEA?

Personal data about individuals can be transferred to locations outside the European Economic Area (EEA). When this is done, the Bank ensures that this transfer is lawful. We also make every effort to ensure that there is an appropriate level of protection and safeguards in accordance with the GDPR and local data protection regulations.

Your rights

There are certain rights for data subjects in relation to their personal data.

  1. The right to be informed, access and rectify the information the Bank hold about them.
  2. The right to erase or restrict processing.
  3. The right to object to processing.
  4. The right to data portability.

Data subjects can exercise their rights by contacting the DPO by email at or in writing to Data Protection Officer: Bank of Africa United Kingdom plc, 26 Upper Brook Street, Mayfair, London, W1K 7QE

When you choose to exercise your rights, it may delay or prevent the Bank from performing its contractual and legal obligations. It could also mean that the Bank will need to cancel a product or service that it may be providing you.

Request a copy of Personal Information

You have the right to request a copy of the personal information that the Bank hold on you. To do so please write to Data Protection Officer, Bank of Africa United Kingdom plc, 26 Upper Brook Street, Mayfair, London,W1K 7QE or email at or complete the form. <Insert Link>

The Bank will not ask for a fee to access any personal data. However, it may charge a reasonable fee if the request is clearly unfounded, repetitive or excessive. Alternatively, the Bank can refuse to comply with request in such circumstances.

The Bank can request for more specific information to help confirm identity and to ensure the right to access your personal data. We may also contact you to ask for further information in relation to your request to speed up our response.

The Bank will ensure that it provides the information in the commonly used electronic format.

The Bank reserves the right to withhold any information if it has any adverse effects on the rights and freedoms of other data subjects. This means that revealing that information can be against the public or business interest.

We aim to ensure that we respond to all legitimate requests within one month. Occasionally it may take an additional two months if the request is particularly complex or multiple requests have been made. In this case, Bank of Africa United Kingdom will inform you and explain why such an extension is necessary.

Withdrawing consent

Withdrawing your consent

You have the right to withdraw consent for something you have consented to earlier. This can be done through the following ways:

  1. Submit the contact form through its website. <insert Link>
  2. Telephone main contact centre at +44 (0) 20 7429 5500
  3. In Branch.
  4. In writing to Bank of Africa United Kingdom plc London Headquarters

26 Upper Brook Street
London W1K 7QE
United Kingdom

Please allow us 5 working days to update our systems and records to reflect the request to change your preferences.

What do you do if you have a complaint?

Data subjects can report a concern to their local data protection regulators, the details of which are as follows:

  1. United Kingdom (ICO): or call their helpline at 0303 123 1113
  2. France (CNIL): or call their helpline at +33 (0)1 53 73 22 22
  3. Switzerland (FDPIC): or call their helpline at +41 (0)58 462 43 95
  4. DIFC – UAE (DIFCA): call their helpline at +971 (0)4 362 2222

Why we need accurate information from you?

You need to ensure that you have provided the bank with accurate and relevant information as well as informing the bank of any changes.

The Bank will report, as part of its legal obligations, to the regulatory authority based on the information that has been provided.

If inaccurate information is provided to the bank, we may not be able to provide products and services to you.

Automated Decision Making

The Bank in its processes, does not rely on automated decision making and profiling.

How long do we keep your data?

The Bank will hold on to personal information in line with its Data Retention Policy. The Bank will only retain personal data for as long as necessary to fulfil the purposes it was collected for, including for the purposes of fulfilling any legal, accounting, or reporting requirements. To determine the appropriate retention period for the collected personal data, we consider the amount, nature, and sensitivity of the data.

If the personal data in no longer needed, the Bank may destroy, delete or anonymise it.

Third party sites and social media

Please note that this Privacy Statement does not extend to third party service providers. Any social media post/comments and any public reviews you send to us through third party sites and social media such as Facebook or LinkedIn, will be shared under the terms of the relevant platform and could be made public. We do not control these platforms and are not responsible for this kind of sharing.

Cookies Policy

The Bank may gather and analyse information regarding usage of this website, including domain name, the number of hits, the pages visited, previous/subsequent sites visited, the location from which this website is being accessed and length of the user’s session. This information may be gathered by using a cookie. A cookie is a small text file placed on your hard drive by our web page server. You can choose whether to allow the use of a cookie by altering the settings of your browser. A cookie will make the use of this web site faster and easier.


If you have any questions about this Privacy Statement or our data processing activities, please either email your request to or write to The Data Protection Officer, Bank of Africa United Kingdom plc, 26 Upper Brook Street, Mayfair, London W1K 7QE, United Kingdom. Bank of Africa UK reserves the right to modify sections of this Privacy Statement at any time.


*The data controller is a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information is, or is to be, processed.

**The data subject means an individual who is the subject of personal information. In other words, the data subject is the individual the particular personal information is about.

*** The General Data Protection Regulation came into effect across the European Union on 25 May 2018, enacted in the UK by the Data Protection Act 2018 which remains in force since the secession of the UK from European Union on 1 January 2020, is a new law coming into effect introducing increased rights and transparency for individuals regarding their personal information and helping them understand how companies use their personal information.