Privacy and Security Statement

WELLS FARGO LIMITED

Privacy Statement (Statement)

Wells Fargo is a leading security services provider in Kenya with over 40 years of experience. We are a dedicated, specialist professional security services provider that offers its services to the banking sector, other financial institutions, local and international organisations and various domestic clientele in East Africa.

In this statement any reference to Wells Fargo Limited using the pronouns “we”, “us” or “our” includes all legal entities within the Wells Fargo Limited’s structure and clients; the pronouns “you” or “your” refers to clients of a legal entity of Wells Fargo Limited.

1.1 Regulation of data privacy and protection 

As we operate in various countries and through various legal entities, we comply with the applicable Data Protection and Privacy Laws in each of these countries. Therefore, the appropriate jurisdiction will be applied in the country our services are provided in.

1.2    What is the purpose and scope of this statement?

The purpose of this statement is to inform you about how we collect, use, store, make available, disclose, update, safeguard, destroy or otherwise deal with (process) your personal information (also referred to as personal data in some countries) and also to explain your rights relating to the privacy of your personal information and how the law protects you.

We may combine your personal information, available across the Group, and use the combined information for any of the purposes set out in this statement where we have lawful grounds for doing so.

Protecting the privacy, confidentiality and security of your personal information is very important to us as it is critical for us to maintain your trust and act in the right way to meet your needs as it is “Our Business is Protecting Yours”™. We have therefore implemented Group-wide policies and procedures to ensure that your personal information is protected.

1.3    What is personal information and what types of personal information do we collect?

Personal information is any information from which you can be identified. The personal information we may collect about you includes:

  • name, age, gender, sex, and identifying numbers;
  • physical and email addresses and contact numbers;
  • online identifiers and your online behaviour such as cookies and IP addresses;
  • engagements with us including use of products or services, transactions, requests, queries, applications and complaints;
  • financial information including with regard to financial behaviour, goals and needs;

1.4    How do we collect your personal information?

We will collect personal information directly from you or by telephone or through online channels such as our website or electronic messaging platforms.

We also collect personal information about you from other sources where lawful and reasonable, such as reputable third parties that you deal with or that Fargo Group interacts with for the purposes of conducting its business. These third parties include:

  • Business partners (including partners and participating partners involved in reward programmes, campaigns or other business activity, joint-venture partners, social media and platform partners) or companies that we may acquire or that merge with us.
  • Service providers (debt collection and tracing agencies, credit agencies, electronic communication service providers, public and private data and data verification providers including data registries, aggregators, search engines, social media and marketing list providers).
  • Employers, advisers, agents, associates, assignees, cessionaries, successors in title, trustees, executors, curators and appointed third parties (including lawyers and contractors).
  • Government departments, regulatory authorities, courts of law and law enforcement agencies, ombudsmen and tax authorities.

If you are a third-party service provider, we may collect personal information about you as a data subject in order to ensure that the business relationship and matters relating to the agreement between you and us can be fulfilled. You warrant that, if you provide us with any personal information about other persons, such as employees, shareholders or your directors, you are authorised to share their personal information with us for purposes set out in this statement.

Providing your personal information to us is usually voluntary. However, it may be mandatory under certain circumstances, for example when you apply for products and/or services or to comply with anti-money laundering legislation. If you fail to provide us with your personal information when requested, we may not be able to provide the products or services to you or comply with our legal obligations.

Whenever you provide us with the personal information of third parties, you must inform them that you need to disclose their personal information to us. We will process the information in accordance with this statement.

1.5    Why do we process your personal information?

Our responsibilities to you are very important to us and we aim to provide you with personalised services to meet your needs. We may process your personal information for any of the reasons outlined in the rest of this section 1.5.

1.    Contract requirements

We may need to process your personal information if we require it to conclude or perform under a contract or agreement with you for a product or service that you have applied for either with us or through our business partners with whom we have entered into a partnership, collaboration or alliance arrangement or for purposes of:

  • Providing products and services to you that involve opening and maintaining your account, executing transactions, administering claims where applicable, collecting payments due to us by you, managing our risks and maintaining our overall relationship with you;
  • Communicating with you regarding the products or services you have with us; or
  • Providing you with further information that you request from us regarding the products or services you have with us.

2.    Lawful obligations

We may need to process your personal information for the following purposes:

  • To complete integrity and business conduct checks required for compliance purposes including due diligence and onboarding processes, monitoring and assurance reviews and conduct sanctions screening against any sanctions lists.
  • To comply with other risk management, regulatory and legislative requirements.
  • To comply with voluntary and mandatory codes of conduct.
  • To detect, prevent and report theft, money laundering, terrorist financing, corruption or other potentially illegal activity, or activity that could lead to loss.
  • To process and settle transactions and payments.
  • To conduct research and analysis (which may include assessing product suitability, credit quality, insurance risks, market risks and affordability, developing credit models and tools and obtaining related information).

3.    Consent 

In addition to the reasons given above, we may process your personal information where we have your specific consent for a defined purpose. We will also seek your consent where applicable laws require it.

We will store your personal information according to our defined retention schedules and thereafter delete it.

1.6    How will we communicate with you? 

Besides in-person communication, we use a wide array of channels to engage with you regarding your existing products and services and to keep you updated. These include SMSs, email, phone calls, automated calls, notifications sent to your mobile device and in-app notifications. We need to keep you up to date on an ongoing operational basis about your existing products and services and their new features especially where we are making them more secure and as we make banking more convenient for you. We may contact you through these means for research purposes or to communicate with you for marketing of new products or services as explained in greater detail below.

1.8    How do we use your personal information for marketing?

Whether you are an existing client or a prospective client with whom we have had previous interactions in respect of your financial well-being or needs, you are important to us and therefore we would like to share information about our products, services and special offers with you (subject to applicable local laws).

If you are a prospective client, and we have had no previous interaction or have no relationship with you, we will seek your express consent in compliance with local laws to market to you electronically.

If you no longer wish to be contacted for marketing purposes, you may opt out at any time when you receive a marketing communication or by contacting us using any of our channels available.

1.9    When, how and with whom will we share your personal information?

We share information with vendors, auditors, service providers and advisers supporting our services to you, with our trusted partners to introduce products and services to you.

We take extra care when we transfer or share information and will enter into suitable contracts with the trusted parties with whom we share your information, thus ensuring your rights under relevant data protection legislation are upheld.

1.10    How is your personal information protected?

The security of your personal information is important to us and we take reasonable steps to keep your personal information safe and to prevent loss, destruction of and damage or unlawful access to your personal information by unauthorised parties. We require the same level of security to be implemented by our service providers and other third parties. However, you must not share or send us any personal information through unauthorised channels, as these are not a secure way of communication and carry a risk of interception and unauthorised access. You should only share personal information through our authorised channels.

1.11    What are your rights?

We value your trust and want you to be familiar with your rights under the legislation and to know how you can exercise them in your interactions with Wells Fargo Limited. You have the right to:

  • access the personal information we hold about you and to correct and update your information;
  • object to our processing your personal information, where applicable
  • request that we delete your personal information where appropriate
  • be notified that your personal information is being collected by us or has been accessed or acquired by an unauthorised person;
  • object to the processing of personal information for the purposes of direct marketing;
  • not be subject to automated decision-making processes in respect of an application for products and/or services, except under certain circumstances
  • to request reasons or make a representation to us if your application for products and/or services is refused.

1.12    Use of cookies on our website

A “cookie” is a small text file that is stored on your computer, smartphone, tablet or other device when you visit a website or use an application. It helps to distinguish you from other users and contains specific information related to your use of our website or application, such as your login details and your preference settings, and helps the website or the application to recognise your device.

Cookies help to make a website or app function better and make it easier for us to give you a better user experience on our online channels. To use or store cookie types that are not required for the functioning of the website or app and are optional, we will obtain your consent first.

For this reason, we limit our use of cookies to:

  • providing products and services that you request;
  • delivering advertising through marketing communications;
  • providing you with a better online experience and tracking website performance; and
  • helping us make our website more relevant to you.

To learn more about our site’s cookies and how you can manage them, visit our website (add link)

We use the following types of cookies on our online channels, such as our website.

  • Strictly necessary cookies

These cookies are mandatory and are required for the effective operation and functioning of our website on your device. They enable you to use the website and the features on the website and cannot be switched off.

1.13    Social Media

When you engage with us through our social media accounts, your personal information may be processed by the social media platform owner. This process is outside our control and the processing activities may be in a country outside Kenya that may have different data protection laws.

Our social media accounts are not appropriate forums to discuss our clients’ products or financial arrangements. We will never ask you to share personal, account or security information on social media platforms. We may, however, ask you to message us in private through one of our official social media accounts.

1.14    General

We may change this statement from time to time in accordance with changes in our products or services or regulatory requirements. We will make reasonable efforts to notify you through suitable communication channels.

Should you have any queries relating to the processing of your personal information by Wells Fargo Limited in Kenya, please contact xxx@fargo.co.ke

List of applicable pieces of Group legislation

Country

Data Protection Legislation

Kenya

Data Protection Act No. 24 of 2019

Uganda

Data Protection and Privacy Act – 2019
Copyright © 2024 Wells Fargo