At Guaranty Trust Bank (Kenya) Limited. (hereinafter called “GTBank”), we treat your personal information as private and confidential. We are dedicated to protecting your privacy and providing you with the highest level of security at any point of interaction with us. This Privacy Policy describes what personal information we collect, what we do with it and how we protect it.
This policy (together with our Terms and Conditions) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By continuing to visit our website (www.gtbank.co.ke) and other GTBank customer touchpoints, you accept and consent to the practices described in this policy.
The Bank will inform you when personal data about you is being collected and your right to have the data protected and be advised of the reasons for obtaining the data.
Data is collected directly from you unless consent to obtain data from elsewhere is granted by yourself.
Where the Bank requires references from third parties on individuals such as employees, borrowers, guarantors, account holders etc. including references from Credit Reference Bureaus of former employers in the case of employees, the Bank is obliged to notify you that the Bank is sourcing such information from a third party.
In order to achieve our goal of providing you with the best banking service, we sometimes collect certain information during your visits to perform certain tasks such as grant you access to some parts of our web site or conduct research on your behaviour on our site in order to improve our services. We will not disclose your information to any person outside our organization except as described in this Privacy Policy.
Cookies are small text files stored on your computer or mobile devices whenever you visit a website. Cookies have many uses, such as memorizing your preferences to tailor your experiences while on our site– or to help us analyse our website traffic.
GTBank uses cookies to improve your experience while on this site. We would like to let you know a few things about our cookies:
Some cookies are essential to access certain areas of this site;
We use analytics cookies to help us understand how you use our site to discover what content is most useful to you
Kindly refer to our cookie policy for more information on cookies.
The collection and use of personal data by GTBank is compliant with the Data Protection Act 2019 which indicates that data shall be processed in accordance with the following principles:
Any personal information provided by you to GTBank will be used with your consent, or under the following underlisted instances:
Your personal information is used in:
We may also collect, use and exchange your information in other ways permitted by law.
We sometimes use automated systems and software to help us reach decisions about you, for example, to make credit decisions, to carry out security, fraud and money laundering checks, or to process your data when you apply for some of our products and services.
This type of processing is carried out under lawful basis and you can contact us to request that automated processing be reviewed by a human being if you detect any inaccuracies in your personal data.
You have the right not to be subject to a decision based solely on automated processing including profiling except where:
I. Decision is necessary for entering or performing a contract between the Bank and you.
II. Authorized by a law to which the Bank is subject.
III. You have given consent.
Where the Bank takes a decision based solely on automated processing:
I. The Bank must as soon as reasonably practicable notify you in writing that a decision has been taken based solely on automated profiling.
II. The Bank must upon request from you, reconsider the decision or take a new decision that is not solely based on automated processing.
We may share the information about you and your dealings, to the extent permitted by law, with the following:
We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party.
Information about our customers and their usage of our website is not shared with third parties for their marketing purposes. We do not disclose any information about any user’s usage of our web site except in specific cases, and we do not share information with any unaffiliated third parties for marketing purposes unless you expressly give us permission to do so
We take appropriate technical and organizational measures to prevent loss, unauthorized access, misuse, modification or disclosure of information under our control. This may include the use of encryption, access controls and other forms of security to ensure that your data is protected. We require all parties including our staff and third-parties processing data on our behalf to comply with relevant policies and guidelines to ensure confidentiality and that information is protected in use, when stored and during transmission. Our security controls and processes are also regularly updated to meet and exceed industry standards.
Where we have provided you (or where you have chosen) a password which grants you access to specific areas on our site, you are responsible for keeping this password confidential. We request that you do not to share your password or other authentication details (e.g. token generated codes) with anyone.
All Personal Information you provide to us is stored on our secure servers as well as secure physical locations and cloud infrastructure (where applicable). Whenever your information is transferred to another location, we will take all necessary steps to ensure that your data is handled securely and in accordance with this privacy policy.
The Bank may transfer personal data outside Kenya. However, prior to such transfer the Bank will ensure that valid grounds exist (as provided under section 48 of the Data Protect Act) prior to such transfer and that proper safeguards have been put in place to address the security and protection of such data.
We retain your data for as long as is necessary for the purpose(s) that it was collected. Storage of your data is also determined by legal, regulatory, administrative or operational requirements. We only retain information that allows us comply with legal and regulatory requests for certain data, meet business and audit requirements, respond to complaints and queries, or address disputes or claims that may arise.
Data which is not retained is securely destroyed when it is identified that is no longer needed for the purposes for which it was collected.
You also have the right to:
Keeping your account information accurate and up to date is very important. You have access to your account information, which includes your contact information, account balances, transactions and similar information through various means, such as account statements, mobile Banking and Internet Banking.
If you discover any inaccuracies in your personal information, please promptly notify us, via our e-channels, branch network or Contact Centre, and provide the required documentary evidence, to enable us to implement the necessary updates or changes.