Skip to main content
  1. INTRODUCTION

This Privacy Notice explains how JN Bank Limited (“JN Bank”) collects, uses, and discloses your personal information, including the types of information we process and the reasons for which we process them. The personal information we collect from you depends on the nature of the services we provide and how we interact with you. This Notice may be supplemented by the Privacy Notice of The Jamaica National Group Limited.

  1. WHO WE ARE

JN Bank is a member company of The Jamaica National Group Limited (the parent company). Our Head Office is in Jamaica and we have a Representative Office in Canada and a sister company, JN Bank UK, in the United Kingdom. JN Bank takes its data protection responsibilities very seriously. The effective management of all personal data, including its security and confidentiality, lies at the very heart of our business and underpins our practices and processes.

As an organisation with a global presence, we are subject to the varying requirements of data protection legislation in the jurisdictions where we operate. Our aim is to be as consistent as possible and obey all applicable laws and apply the highest standard of privacy laws to our approach.

We are a part of a diversified Group that provide services including banking, insurance, investment management, money remittance, bill payment, information technology and fleet management.

  1. OUR DATA PROTECTION COMMITMENT

The JN Group respects our customers, employees, and other stakeholders’ right to privacy and we commit to take great care to safeguard their personal data in our possession. We commit to adopt and observe appropriate data protection standards in compliance with the Data Protection Act, 2020, the General Data Protection Regulations (GDPR) and all other applicable Privacy laws and regulations in the territories in which we operate. Part of our commitment to data protection compliance is our sustained commitment to deploy stringent security measures to protect the personal data entrusted to us.

The JN Group cares about and values data privacy!

  1. THE TYPES OF INFORMATION WE COLLECT

We collect various types of information that may identify you as an individual (“personal information”). The personal information that we collect varies depending on the type of product being offered.

Most of the Personal Information we collect relates to the individual who is conducting a banking transaction with us. We may also ask for Personal Information about other individuals if we need it, for example, information about the sender of a wire transfer to a customer account.

If you provide us with Personal Information about someone else, we will assume that you have their permission, where required. We will process Personal Information about such individuals according to this Privacy Policy so it may be helpful to bring this Privacy Policy to their attention.

The information we collect from/about you may include the following:

a)       Personal Identifiers

For example: name, driver’s license number, passport number, photo ID, TRN, SSN, NI number, mother’s maiden name

b)       Contact Details

For example: email address, telephone numbers, residential address, mailing address, proof of address

c)       Employment Information

For example: employment status, employer name and address, income, proof of employment

d)       Demographic Details

For example: date of birth, gender, age, nationality, marital status, residency, citizenship, birth certificate

e)       Banking Information

For example: bank name and branch, account number, account type

f)        Background Check Information

For example: sanction list checks

g)       Financial Information

For example: credit report, credit card statement, bank statement, income, expenses

h)       Account Login Credentials:

For example: username and password

i)        Employee Information:

For example: employment history, dependent information, emergency contact, background check information

j)        Online Details

For example: IP address, operating system, and browser type, when you visit our sites or use our online services.

k)       Political Affiliation

Whether politically exposed person

l)        Criminal History

Criminal charges and convictions

 

  1. HOW WE GET YOUR PERSONAL INFORMATION
  1. Most of the personal information we process is provided to us directly by you when you:
  • Request information about our products and services.
  • Apply for a product or service from us.
  • Speak to us on the phone or in one of our locations (this includes recorded calls and the notes we make).
  • Contact us through our website.
  • Supply us with information in the normal course of our providing a product or service to you.
  • Send us correspondences (such as letters and emails).
  • Participate in customer surveys.
  • Apply for and maintain employment with JN Bank.
  • Attend an event hosted by us or take part in our competitions or promotions.
  1. We also receive personal information indirectly, from the following sources:

Information we Collect Automatically

  • We may collect certain types of information about you automatically when you use our services, visit our websites, or communicate with us online or through email exchanges. We may collect this information through the use of “cookies” to gather statistical data about your browsing actions and patterns from the devices that you use (such as computers and mobile phones) to connect to our website or e-commerce services. When you visit our websites, we may collect certain information related to your device, such as your device’s IP address, what pages your device visited, and the time that your device visited our website.  We keep track of user activity in relation to the types of services our customers and their users use, and the performance metrics related to their use of the services. We use various technologies to collect information which may include saving cookies to users’ computers. Further information about our use of cookies can be found in our Cookie Notice below.
  • We may also collect information through recorded calls made to/from us, to facilitate our organizational needs such as, improving the quality of the service we provide to you.
  • We have Closed Circuit Television Systems (CCTV) throughout our locations to ensure the security and safety of our staff, customers, and other visitors, whilst within or situated on the premises of JN Bank.

Information Collected from Third Parties

We may collect personal information about you from third parties, such as credit reporting and fraud prevention agencies, government bodies, and recruitment agencies.

  1. HOW WE USE YOUR PERSONAL INFORMATION

We will use the information we collect about you, in connection with the following:

a) To offer, administer and manage the products and services we provide to you, including opening, updating, and maintaining your account and providing customer care services.
b) To check your identity and verify the accuracy of the information you provide to us.
c) To carry out “Know Your Customer” due diligence checks including data validation, sanction checks, credit reference checks, assessing credit worthiness and other customer acceptance, vetting and risk management checks.
d) To process and complete customer transactions and send related information, including transaction confirmations and invoices.
e) To trace debtors and recover debts.
f) To administer our website, our events and for internal operations, including troubleshooting, data analysis, testing and for statistical and survey purposes.
g) To improve our website to ensure that content is presented in the most effective manner for you and for your computer and to keep our website secure.
h) To administer, investigate and settle claims or complaints in relation to the services that we provide.
i) To facilitate the prevention, detection, investigation and reporting of crime and the apprehension or prosecution of offenders.
j) To ensure adherence to internal controls and external regulatory requirements.
k) To enforce our contracts and recover any outstanding debt in connection with the services we provide.
l) To fulfil our legal and regulatory obligations.
m) To carry out “Know Your Employee” due diligence checks including to process applications for employment and inform recruitment decisions about appointments and new hires.
n) To provide employment and post-employment benefits and carry out our obligations in respect of same.
o) For purposes made clear to you at the time you submit your information.
p) To respond to your requests, inquiries, comments, and concerns and provide customer service and support.
q) To send customers technical alerts, updates, security notifications, and administrative communications.
r) To manage how we work with other companies that provide services to us and our customers.
s) To analyze trends, perform benchmarking, modelling, market research and data analysis associated with the development of new and existing processes, products, and services and to determine the effectiveness of our promotional campaigns.
t) For research, audit, reporting and other business operations purposes, including evaluating business performance.
u) To tell you about products and services that may be of interest to you including sending newsletters, promotional material, and other communications.
v) To transfer books of business in the event of a sale or reorganization, including the planning and due diligence processes both prior to and after closure of the transaction.

 

  1. WHEN WE SHARE YOUR PERSONAL INFORMATION

We do not rent or sell your information to anyone and will only share your information in circumstances where we are legally permitted to do so. We may share your personal information with the following categories of recipients where necessary to offer, administer and manage the services provided to you:

  1. Within the JN Group

We may share your personal information with other entities or departments within the JN Group for the processing purposes outlined in this Notice.

  1. Third Party Suppliers

We may share your information where we outsource our processing operations to third party suppliers that process personal information on our behalf and to third party vendors, agents, consultants, sub-contractors and other service providers who we employ to perform tasks on our behalf. These processing operations will be guided by contract which includes requiring that your personal information be kept confidential and processed in accordance with data protection standards.

  1. Other Banks and Third Parties

We may share information with other banks and third parties where required by law to help recover funds that have entered your account as a result of a misdirected payment by such a third party. We may share information with other banks to help trace funds where you are a victim of suspected financial crime and you have agreed for us to do so, or where we suspect funds have entered your account because of a financial crime. We may share information with third parties who provide us with correspondent banking services.

  1. Third Parties, Upon Your Request

If you ask us to, we will share information with any third party that provides you with account information or payment services. If you ask a third-party provider to provide you with account information or payment services, you are allowing that third party to access information relating to your account.  We are not responsible for any such third party’s use of your account information, which will be governed by their agreement with you and any privacy statement they provide to you.

  1. Joint Account Holders

In the event that any additional authorised users are added to your account, we may share information about the use of the account by any authorised user with all other authorised users.

  1. Law Enforcement Bodies

We may share your information where necessary to facilitate the prevention or detection of a crime or the apprehension or prosecution of offenders. If false or inaccurate information is provided and/or fraud is identified or suspected, details will be passed to fraud prevention agencies.  Law enforcement agencies and other organisations may access and use this information.

  1. Public Authorities and Regulators

We may share your information where necessary for us to comply with our legal and regulatory obligations, both local and overseas.

  1. External Auditors

We may share your information with external auditors where necessary for the conduct of company audits.

  1. Credit and Other Risk Management Agencies

We may share your personal information with credit reference, background check, fraud prevention, data validation and other professional advisory agencies where necessary to prevent and detect fraud, during our recruitment process and to assess the risk in relation to the products and services that we offer.

One such third-party service provider who may process your personal information for JN Bank is the Credit Reference Agency, Idology Inc. They, in turn, use the services of Equifax to assist with Credit Checking.  You may review the Credit Reference Privacy Notice for Equifax at https://www.equifax.co.uk/crain/ for more information on how your personal information is treated by Idology Inc.

  1. Legal Advisers and Investigators

We may share your information where necessary to investigate, exercise or defend legal claims, or other claims of a similar nature.

  1. Successors of the Business etc.

We may choose to buy or sell assets and may share or transfer customer information in connection with the evaluation of these transactions.  We may share your personal information with any person to whom we transfer or may transfer all or any part of our business or assets, from whom we acquire any business or assets or who acquires substantially all the assets of JN Bank.

If JN Bank receives your personal information and subsequently shares that information with a third party for processing, JN Bank remains committed to ensuring that such third party processes your personal information to the standards required to comply with the Data Protection Act and/or any other applicable privacy laws.

  1. OUR LAWFUL BASIS FOR PROCESSING YOUR INFORMATION

We rely on the following lawful basis for processing your information:

Performance of a contract to which you are a party

Our lawful basis for processing in relation to opening a bank account, maintaining your account details and services connected with a bank account is the Performance of a Contract. Our Lawful basis for our notary service for the arrangement of Mortgages and Loans is Performance of a Contract. Our lawful basis for the administration of your pension affairs is Performance of a Contract.

Compliance with a legal obligation or duty

When you apply for a product or service, we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account or provide services to you. This includes processing to confirm your identity, to perform checks and monitor transactions and location data to prevent and detect crime, to investigate and gather intelligence on suspected financial crimes and to share data with law enforcement and regulatory bodies and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions.

We are legally obliged to assess affordability and suitability of credit for initial credit applications and throughout the duration of the relationship, including analysing customer credit data for regulatory reporting.  We have a legal obligation to report suspicious activity and comply with court orders.

For the purposes of our legitimate interests or that of a third party

The collection and use of some aspects of your personal information is necessary to enable us to pursue our legitimate commercial interests. For example, we have legitimate interests in:

  • preventing fraud.
  • ensuring network and information security of our systems such as JN Live.
  • operating our business and managing and developing our relationships with you.
  • intra-group administrative transfers.
  • understanding how you use our products, services and websites and effecting improvements.
  • providing you with the most appropriate products and services.
  • Conducting credit checks, risk reporting, general financial and accounting reporting to internal management and supervisory bodies.

Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure that the processing does not infringe on the rights and freedoms granted to you under the applicable data privacy laws.

Consent

Your personal information may be processed based on your request or agreement. Consent is received at that point to provide these services, and therefore, process your information.

Where we rely on your consent to collect and use your information, you are not obliged to provide your consent and you may choose to subsequently withdraw your consent at any stage once provided. However, where you refuse to provide information that we reasonably require to provide a service, we may be unable to offer you that service and/or we may terminate the service provided. Where you choose to receive the services from us, you agree to the collection and use of your personal information in the way we describe in this Notice.

  1. INTERNATIONAL TRANSFER OF YOUR INFORMATION

We will only send your data outside of Jamaica for the purposes outlined in this Notice. In particular, we may make such transfers to offer, administer and manage the services provided to you, to improve the efficiency of our business operations, in keeping with your directives and to comply with a legal duty to do so.

We may transfer data when we process an international transaction as part of our contract of service with you. If you send payment information or engage in a money transfer, you allow the end destination bank access to your data. Personal Information you submit on the websites or through our JN Live system is processed on our servers located in Jamaica and Canada. We also have representative offices in USA and Canada. Information sent from the client to the server is encrypted and our servers are securely protected.

The countries where we transfer data may not have similar data protection laws to those in your country of residence, however, we will always protect your information on the basis that anyone to whom we pass the information protects it in the same way we would and in accordance with this Notice and applicable laws. Where necessary, we may implement additional technical, organizational, or contractual measures to ensure an adequate level of protection for your personal information.

  1. ACCURACY OF YOUR INFORMATION

We rely on the availability of accurate personal information to provide the services to you and operate our business. You should therefore notify us of any changes to your personal information, such as changes concerning your contact details or any other information that may affect the proper management and administration of the services we provide to you.

    1. RETENTION OF YOUR INFORMATION

    We retain appropriate records of your personal information to operate our business and comply with our legal and regulatory obligations. These records are retained for predefined retention periods that may extend beyond the period for which we provide the services to you. Retention periods are determined based on the type of record, the nature of the activity, product or service, the country in which the relevant company is located and the applicable local legal or regulatory requirements. In most cases we will retain your personal information for no longer than is required under the applicable laws.

    We are legally required to keep customer account records for a period of not less than fifteen years from the date of closure of the account, termination of the relationship, or from the date a transaction with a non-account holder is conducted, then the information is securely destroyed. We may also keep your data for longer than fifteen years if we cannot delete it for legal, regulatory, or technical reasons, or as necessary to resolve disputes, and enforce our agreements.

  1. INFORMATION SECURITY

The security of your personal information is important to us, and we have implemented appropriate security measures to protect the confidentiality, integrity, and availability of the personal information we collect about you and ensure that such information is processed in accordance with applicable data privacy laws.

Some technical and organisational measures used to protect your personal information includes firewalls, anti-virus protections, patches, encryption, software updates, written policies and procedures which are regularly audited, and the audits reviewed at senior level, limiting access to your personal information to those who need it to do their jobs and using CCTV as a deterrent to protect our staff, customers, equipment and your personal data.

  1. YOUR RIGHTS IN RELATION TO PERSONAL DATA

You have the following rights under the Data Protection Act in respect of any personal information we collect and use about you:

Your Rights What They Mean
The right to access your personal data You have the right to be informed whether, and to what extent, we process your data. Subject to certain exceptions, you have the right to obtain a confirmation as to whether we process your personal data, and if we do, request access to your data.
The right to consent to processing You have the right to consent to the processing of your personal data. If your personal data is processed based on your consent, you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
The right to prevent processing You have the right to object to the processing of your personal data in certain situations.
Rights in relation to automated decision making You have the right to object to decisions based exclusively on the automated processing of your personal data.
The right to rectification If the personal data that we process is incomplete or incorrect, you have the right to request their completion or correction at any time.

 

It is important to note, however, that some of the rights described above can only be exercised in certain circumstances. If we are unable to fulfil a request from you to exercise one of your rights, we will write to you to explain the reason for refusal.

  1. HOW TO EXERCISE YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA

You may exercise any of the rights available to you by contacting us using the information found in the “How to Contact Us” section of this Notice. We will examine your request and respond to you as quickly as possible and in accordance with the Data Protection Act.

  1. USE OF AUTOMATED DECISION-MAKING

Where you apply to receive a service from us, we may carry out an automated assessment to determine whether you are eligible to receive the service. This helps us to make sure our decisions are quick, fair, efficient, and correct based on what we know. An automated assessment is an assessment carried out automatically using technological means (e.g. computer systems) and excludes any human influence on the outcome. This assessment will analyze your personal information and may include activities such as pricing, fraud detection, account opening and credit provision, such as loans and mortgages.

To help us make decisions on whether to grant you credit, we credit score to assess your application. To work out your credit score, we look at information you give us when you apply; information from credit reference agencies that will show us whether you have kept up-to-date with payments on any credit accounts (that could be any mortgages, loans, credit cards or overdrafts), or if you have had any court action such as judgments or bankruptcy; your history with us such as maximum level of borrowing; and affordability, by looking at your available net income and existing debts.

We may place you in groups with similar customers. These are called customer segments. We use these to study and learn about our customers’ needs and behaviours, and to make decisions based on what we learn. This helps us to design products, services and offers for different customer segments, and to manage our relationships with them. It also helps us tailor the information that individuals receive or see on our own and other websites and mobile apps, including social media.

Automated decisions can affect the products, services or features we may offer you now or in the future. Where a decision is taken solely by automated means involving the use of your personal information, you have the right to challenge the decision and ask us to reconsider the matter, with human intervention. If you wish to exercise this right, you should contact us.

  1. MARKETING

Unless you have told us that you do not want to hear from us, we will send you relevant marketing information by mail, phone, email, text and other forms of electronic communication. If you change your mind about how you would like us to contact you, or you no longer wish to receive this information, you can have your information removed by clicking the unsubscribe link at the bottom of each email communication or by contacting us. For the contact information, please look at the “Contact Us” section of this notice.

We may still send you non-promotional communications, for instance, administration related emails concerning your account.

 

  1. USE OF COOKIES AND OTHER TECHNOLOGY

We use cookies and other internet tracking software to collect data while you are using our websites or mobile apps. Cookies allow us to store information about the computer device you use to access our website so that you can conduct business with us easily. They allow us to recognize when you revisit our websites and to evaluate our websites’ advertising and promotional effectiveness. We use both our own (first party) and partner companies’ (third party) cookies to support this activity.

We do not use Cookies to:

  • track your internet usage after leaving the website or
  • store personal information others may read and understand.

Processing of personal data associated with the use of these cookies occurs based on our legitimate interests to administer the website. Our cookies are listed below:

Cookie Name Default Expiration Time Description
_ga 2 years This is a Google Analytics cookie used to distinguish users.
_gid 24 hours This is a Google Analytics cookie used to distinguish users and its main purpose is for performance of the site.
_gat 1 minute This is a Google Analytics cookie used to throttle the request rate limiting the collection of data on high traffic sites.
PHPSESSID Expire when browser is closed In-house cookie generated by applications based on the PHP language. This is a general-purpose identifier used to maintain user session variables. It is normally a random-generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages. This is technically required for the functioning of the website.

When you first visit our website, you will be given an opportunity to opt-in or opt-out of cookies. You can deactivate the non-technical cookies by not consenting to non-essential cookies.

You may also set your browser’s setting to deactivate cookies. If you use that option, some functions of this website (e.g. login, memory of preferences etc.) may not be available. Detailed guidance on how to control cookie preferences for the most common browsers can be found at:

You also have the option to install the Google Analytics opt-out browser add-on and thereby deactivate the use of Google analytics cookies and the associated data processing. You can find the opt-out browser add-on here https://tools.google.com/dlpage/gaoptout.

You can find the Google privacy notice here Google Analytics privacy notice.

  1. LINKS TO OTHER WEBSITES / THIRD PARTY CONTENT

For your convenience, hyperlinks may be posted on our website that link to other websites. We are not responsible for these sites, and this Notice does not apply to the privacy practices of any linked sites or of any companies that we do not own or control. Linked sites may collect information in addition to that which we collect on our website. We encourage you to seek out and read the privacy notice of each linked site that you visit to understand how the information that is collected about you is used and protected.

  1. INFORMATION PERTAINING TO CHILDREN

Under certain circumstances, JN Bank may open a bank account for persons under the age of eighteen (18) years. For children under the age of twelve (12), all data held is with the consent of their parents and the account is held jointly in the name of the child and the adult parent/guardian. Where bank accounts are held solely for children between the ages of twelve (12) and seventeen (17) years, identification details are held for both the child and the parent/guardian.

  1. HOW TO CONTACT US

We are committed to the protection of your privacy rights and of your personal information. If you have any questions or require more details about how we use your personal information, you should contact us using the information below:

  1. Data Protection Office

Shelly-Ann Walker
JN Group Data Protection Officer
c/o JN Group
6A Oxford Road
Kingston 5
Jamaica

Telephone: (876) 926-1344-9; Ext. 7347
E-mail address: jngroupdpo@jngroup.com

  1. Contact Centre

Telephone: 876-926-1344-9

  1. Other

WhatsApp us at 876-499-1605;

Write to us at 2-4 Constant Spring Road, Kingston 10, Jamaica or

Email us at helpdesk@jngroup.com

For further information you can find us at www.jnbank.com

  1. HOW TO COMPLAIN

Please let us know if you are unhappy with how we have used your personal information.  You can contact us by visiting any of our locations where you will be assisted to lodge a formal complaint, or you can use our online complaint form on our website at https://www.jngroup.com/complaint-form.

If you are not satisfied with the way that we have handled your complaint, you have the right to raise the matter with the Information Commission using the contact details below:

Information Commissioner’s Office

The Masonic Building (2nd Floor)

45-47 Barbados Avenue

Kingston 5

Jamaica

Telephone (876) 920-4390

Email address: info@oic.gov.jm

  1. CHANGES TO THIS PRIVACY NOTICE

JN Bank reserves the right to reasonably amend this Notice from time to time to ensure that it accurately reflects the way that we collect and use personal information about you. You are encouraged to regularly review this Notice to ensure that you understand how we collect and use your personal information and to see any changes that may have occurred.

This Privacy Notice was last updated on December 1, 2023.