Privacy Policy
At Blink by Capital Bank we are committed to protecting the privacy and security of your personal data. This Privacy Policy describes how Blink by Capital bank (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal data when you visit our website, use our online services, or interact with us digitally.
By using our website or services, you agree to the terms of this Privacy Policy.
1. Information We Collect
We collect various types of information to provide and improve our services, manage our relationship with you, and comply with legal obligations. This information may include:
1.1. Personal Data You Provide Directly: Information you give us when you apply for a product or service, register for mobile banking, contact customer support, or interact with us through forms on our website. This may include:
Identification Data: Name, date of birth, national ID number, passport number, nationality, gender.
Contact Information: Address, email address, phone number.
Financial Information: Account numbers, transaction history, income, credit history, payment card details (though we generally do not store full card numbers on the website).
Login Credentials: Usernames, passwords, security questions (encrypted).
Other Data: Information you provide in surveys, feedback, or customer service interactions.
1.2. Data Collected Indirectly: we may obtain Personal Data about you indirectly from a variety of sources Automatically When you visit our website, we may automatically collect certain information bout your device and Browse activity using cookies and similar technologies. This may include:
Device Information: IP address, device type, operating system, browser type.
Usage Dat: Pages visited, time spent on pages, links clicked, referral URLs, interaction patterns.
Location Data: General geographical location based on IP address.
1.3. Informtion from Third Parties: We may receive information about you from third parties, such as credit bureaus, identity verification services, fraud prevention agencies.
1.4. From Publicly Available Sources: Such as public databases, in accordance with applicable laws.
2. We use your personal data for various purposes:
To provide baking services and process transactions (Contractual Necessity).To verify your identity and ensure account security (Contractual Necessity).
To improve our products and services and enhance your experience (Legitimate Interest).
To comply with legal and regulatory requirements (Legal bases).
To detect and prevent financial crimes, fraud, and money laundering (Legal bases).
To conduct data analysis, research, and for internal administrative (Legitimate Interest).
3. Mobile Banking
Our mobile banking services are designed for secure and convenient access to your accounts. When you use our mobile app, we collect specific data to enhance security and user experience, which may include:
Device Information: We collect information about your mobile device, such as the model, operating system, and unique device identifiers to authenticate your device and protect your account.
Geolocation: We may use your device’s location to provide location-based services and for fraud prevention.
Biometric Data: With your explicit consent which will be obtained separately through mobile app interface , we may use biometric authentication (e.g., fingerprint or facial recognition) for secure log-in and transactions.
4. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your Browse experience, analyze website traffic, and personalize content and advertisements. You can manage your cookie preferences through your browser settings or our website’s cookie consent tool.
- SRF
- Purpose: Cross-site request forgery
- Description: To prevent attacks
- Mandatory/Optional: Mandatory
- _gat_gtag, _ga, and _gid
- Purpose: Analytical purposes
- Description: Used by Google Analytics to distinguish users
- Mandatory/Optional: Optional
- cbojlocal#lang
- Purpose: generated by Sitecore
- Description: Stores context language of the current site.
- Mandatory/Optional: Mandatory
- cbojlocal#lang
- Purpose: generated by Sitecore
- Description: Stores context language of the current site.
- Mandatory/Optional: Mandatory
5. How We Share Your Information
We may share your personal data with third parties only when necessary, for the purposes outlined in this policy, and in compliance with legal requirements and strict safeguards. These parties may include:
Service Providers: Third-party vendors who perform services on our behalf (e.g., IT infrastructure, cloud hosting, payment processing, marketing, data analytics, fraud prevention), subject to strict contractual obligations to protect your data.
Affiliates and Group Companies: Other entities within Capital bank group, for operational purposes, risk management, and service provision.
Regulatory and Legal Authorities: Government bodies, regulators (e.g., CBJ, FIU), law enforcement agencies, or courts, when required by law or a legitimate request.
Credit Bureaus and Reporting Agencies: For credit assessment and reporting purposes, as permitted by law.
Professional Advisors: Auditors, lawyers, and consultants.
6. International Data Transfers
Your personal data may be transferred to, stored, and processed in countries outside Jordan where our service providers or group companies operate. When we transfer your personal data to other countries, we ensure that appropriate safeguards are in place, in accordance with Article 15 of the Jordanian Personal Data Protection Law (PDPL) to protect your privacy rights and to comply with Jordanian Data Protection Laws.
7. Data Security
We employ strict security measures, including technological controls and physical security, to protect your personal information from unauthorized access, loss, misuse, or alteration. We regularly review and update our security protocols to meet or exceed industry standards.
8. Data Retention
We will retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, as well as to comply with our legal, regulatory, and statutory obligations. We adhere to the Central Bank of Jordan (CBJ) regulations and other applicable laws, which may require us to retain certain customer information for a minimum period. Generally, we will keep your data for a period of ten (10) years as per CBJ requirements after the end of the banking relationship, unless a longer period is required by law.
We will dispose of your Personal Data in a secure manner when we no longer need it. for further details on our records retention practices please contact us at [email protected].
9. Your Rights (Data Subject Rights)
Under the Jordanian Personal Data Protection Law (PDPL) and other applicable data protection laws, you have certain rights regarding your personal data. These may include:
Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete personal data.
Right to Erasure (Right to be Forgotten): Request the deletion of your personal data under certain conditions and following CBJ regulations and applicable legal laws.
Right to Restriction of Processing: Request that we limit the way we use your personal data.
Right to Object to Processing: Object to the processing of your personal data under certain conditions (e.g., for direct marketing).
Right to Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format.
Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
10. Mechanisms for Requests and Complaints
Blink by Capital Bank provides multiple secure channels to enable data subjects to exercise their rights or submit inquiries related to personal data processing. Requests may be submitted exclusively through one of the following channels:
Voiceover IP: By contacting the Blink Call Center without connecting to local telecom.
Video call/Chat/Call : By contacting Blink call center from inside the application choosing from Video call, Chat or normal call.
Blink Call Center Landline : By contacting the Capital Bank Call Center Landline 06-5200100, where the request will be recorded and processed.
Blink Call Center Email: By sending an email to [email protected], which serves as an official intake channel for data subject requests.
Upon receipt of a valid request, Blink by Capital Bank will:
Verify the identity of the requester to ensure data security and confidentiality.
Register and track the request internally.
Provide a response within a maximum of fifteen (15) calendar days from the date of receipt, in accordance with applicable data protection laws.
In certain cases, we may be unable to fully comply with a request where doing so would conflict with legal obligations, regulatory requirements, or banking secrecy laws. In such cases, the data subject will be informed of the reason for refusal or limitation, as permitted by law.
11. Customer Notification in Case of Data Breach
In the event of a personal data breach, you will be notified immediately if the breach is likely to pose a significant risk to your rights and freedoms. The breach notification will be prepared in coordination with relevant departments, including IT, Cybersecurity, and Legal, to ensure the accuracy and legality of the information provided.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the updated policy on our website with a new “Effective Date.” We encourage you to review this policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy, our data practices, or if you wish to exercise your rights, please contact our Data Protection Officer (DPO) at: [email protected]