Data Protection Notice
Your information
- what we collect
- why we collect it
- what we do with it
This is our Data Protection Notice. Here we explain how we use, share and keep the information we collect about you. We must explain this to you under the General Data Protection Regulation (GDPR), which is a law that:
- protects your information and
- tells us how we can use your information.
You can ask for more details about how we use your information at your local branch, or by:
- calling us on 0818 303 032
- emailing us at DPO@aib.ie (DPO stands for Data Protection Officer); or
- writing to us at Data Protection Officer, 10 Molesworth Street, Dublin 2, D02 R126.
Last updated: October 2023 - What's new with data protection
Who we are
When we talk about ‘us’ or ‘we’, we are talking about Allied Irish Banks, PLC (Public Limited Company) and the AIB Group. This includes:
Our Data Protection Officer manages how we collect, use, share and protect your information to ensure your rights are fulfilled. You can write to our Data Protection Officer by:
- email: DPO@aib.ie, or
- post: Data Protection Officer, 10 Molesworth Street, Dublin 2, D02 R126.
We may ask you for your consent to use your information
Sometimes we will ask you for your consent (permission) to use your general information. You can change your mind about this any time. You’ll find more about this in the ‘Your rights’ section of this Data Protection Notice.
Some information is called ‘special category personal data’. This includes sensitive data like medical details, or biometric information such as fingerprints. We explain more about these types of information in Special category personal data.
If we ever contact you to ask about ways to improve our services, it is up to you to decide if you want to answer or not.
What is information?
The General Data Protection Regulation (GDPR) uses the words ‘personal data’ which means ‘information’. Here we use the word ‘information’.
We collect and keep information about you, such as:
- your name
- proof of your identity and your address
- your age
- your Personal Public Servic (PPS) number
- your contact details
- the type work you do (if you work) and where you work
We also collect information from you like:
- the money that you have with us
- the money you borrow from us
- what you need the money for
- how you pay it back
We need this information so that we can offer you the services you asked for. Our services include bank accounts, loans, overdrafts, savings, home loans and cards.
These are some of the terms we use to describe your information:
What we call your information |
What that means |
|---|---|
| Personal information | Information like your:
|
| Information about your banking transactions | Information like:
|
| Information about your loans with us | Information which tells us:
You can read more about your credit report in the section ‘How we collect information about you from others’.
|
| Information about your security for a loan | Information on security you may have given us to use for a loan, for example a property or another asset. |
| Information about your life stage | Information which tells us:
|
| Information about your location | Information which tells us where:
|
| Information from your mobile device or computer | Information which tells us:
|
Your rights
Your right to information
Under law, you have rights about your information. You have the right to:
- see it
- ask us to change it
- ask us to transfer it to another company
- ask us to delete it.
Contact us
You can take up your rights by:
- calling us at 0818 303 032
- emailing us at DPO@aib.ie
- using our social media channels
- calling into a branch
- visiting our website's data protection page
Your right to ask us to send you information
You can ask us:
- to send you the information we have collected about you; and
- to update or correct the information we have collected about you.
Your right to tell us how we can use your information
You can ask us to:
- remove the consent you have given us to use your information (for example, you can tell us not to send you marketing emails);
- restrict, in certain circumstances, our use of your information;
- stop using your information if you don’t want us to; and
- delete your information and not to contact you again.
In certain circumstances, you can ask us to stop using your information to make automatic decisions about you, such as deciding about a loan.
Consent
We sometimes need your consent to do certain things, such as sending you marketing emails. When you consent we will:
- be clear when we are asking for your consent;
- only use your information if you have freely given us your consent to use it;
- not have any pre-ticked boxes on our forms (for example, we will not send you marketing emails unless you consent by ticking the marketing box when you apply for a service); and
- keep a record of your consent and how we got it.
You can remove your consent
- at any time by contacting by contacting the person you have been dealing with;
- by emailing the Data Protection Officer at DPO@aib.ie; or
- by writing to us at Data Protection Officer, 10 Molesworth Street, Dublin 2, D02 R126.
You can remove your consent for marketing by
- clicking the opt-out option in the AIB app; or by
- following the instructions in any marketing message you receive.
Special category personal data
We will ask for your consent before we collect certain special information about you called ‘special category personal data’ under the General Data Protection Regulation. Sometimes this information may come from someone else who you have consented to act for you.
These special categories are your:
- race
- ethnic origins
- political opinions
- religious or philosophical beliefs
- trade union membership
- physical or mental health
- sexual orientation
- genetic information
Biometric information
These special categories also include biometric information, such as your:
- fingerprint on your phone
- face on your phone’s camera
- voice
We add our own information to yours, for example, to give you an account number. We also store the information you gave us when you agreed to our terms and conditions.
How we collect your information
Account information
We collect information you give us when you apply for an account or a service with us, for example:
- a current account;
- a deposit account; or
- a home loan.
We also collect information about how you use our services, for example when you:
- use your banking card;
- ask us for advice; or
- pay back a loan.
Phone conversations
Sometimes we record phone conversations we have with you to train our people, manage our records, improve services and offerings, and follow laws and regulations. We will let you know if we are recording the conversation.
Websites, Cookies and CCTV
We collect information through our website and apps and through CCTV cameras at our branches and offices. We use CCTV for the safety and security of our people, customers and buildings.
We also collect information through ‘cookies’ each time you visit our website. A ‘cookie’ is a piece of digital information that remembers what you do on our website. If you visit our websites, we place a cookie on your phone or computer. This means our website will work better for you the next time you visit. You can read more about our cookies on our cookies policy.
Information about how you use your card
When you use your card to shop online, the person you pay shares with us:
- your email address
- your billing address
- your browser address
- whether you used the site before
We use this information to make sure it is you using your card. This can help us to identify and avoid fraud and scams. We use a security system called 3D Security that helps us to reduce fraud and scams. This security system also makes it safer for you to shop online.
How we collect information about you from others
We collect and keep information about you that we get from others, for example government bodies like the Central Credit Register. This register provides credit reports based on information it stores about borrowers and loans over €500. These reports tell us what your credit report is. The Central Credit Register is operated by the Central Bank of Ireland.
We check your identity and your address with others, like the Central Credit Register, when you apply for an account or a service and while you are using it. We also ask the Central Credit Register for any information they have on loans you have or have applied for, if any. Likewise, we share the same information about you with the Central Credit Register.
You can find more information on the Central Credit Register:
- on their website: Central Credit Register site
- by phoning (local call) 1890 100 050 or 01 224 5500
- by emailing consumerinfo@centralcreditregister.ie
We may collect information about your assets or loans from third parties. For example, when you apply for a loan against a property, we will collect the energy rating information about the property from an online register, such as the Sustainable Energy Authority of Ireland (SEAI).
Social media sites
While we collect information through social media sites, discussion forums, and market research, we do not track or follow you on social media. The information we collect means we can give you a better service. We do not use the information we see about you on social media to find out if you are a customer, or to decide to give you a loan.
When you contact us through social media sites, we sometimes ask you for your phone number so we can contact you back if you have a problem or want to complain.
Sometimes, we record the conversations we have with you in case we need to know what we talked about after the conversation is finished. We will let you know if we are recording the conversation.
We also search the internet to find out and understand what people are saying about us and other banks. We do not use what we find to see if you are a customer. If your social media profile is private, we cannot see it.
When you choose to share your information with third parties
You may have a joint or multi-party online account with us. If you do, you can let what’s called a ‘third-party provider’(TPP) see your account. For example, you might allow a budgeting service to see your account online if you are in financial difficulty. If you allow a TPP to see your account:
- You must tell us about this first and we must agree to it;and
- You will also need to tell the people you share the account with.
Examples of third-party providers include insolvency service providers.
How we collect information about you if you are not a customer
Sometimes we collect and use your information even though you are not a customer of ours. Examples of this include when you apply for an account before you become a customer, or when an account of yours moves from another bank to us.
We also collect and use your information if you are connected to a customer, for example if you are:
- a director of their company
- guaranteeing their loan
- their business partner
- receiving payments from their account with us
- part of a joint account and your account statements, with your personal information, are sent to us by our customer as part of a loan application.
If you are worried that someone has access to your account who should not, please phone our customer service team on:
Why we use your information
Here we tell you about why we use your personal information and the type of information we use in each case. The General Data Protection Regulation (GDPR) says we must tell you this. We can use your information:
- because we have a contract with you and need to use your personal information to carry out that contract;
- to follow laws;
- for legitimate interests, so that we can carry out our business;
- because you have given us your consent to do so; or
- to protect your interests and the interests of others.
You can read about the terms we use to describe your information here.
What we do with your information |
Why we use your information |
What information we use |
|---|---|---|
| To follow laws and regulations |
|
|
| To check your identity, address, and where your money comes from |
|
|
| To provide accounts and services that are suitable for you |
|
|
| To improve our accounts and services to better understand what you like and want from us |
|
|
| To maintain and monitor your accounts and services |
|
|
| To protect you, your money and our interests from financial crime and fraud and scams |
|
|
| To decide which of our accounts and services are best suited to you |
|
|
| To understand trends and share them with others |
|
|
To manage risk, so we can protect:
|
|
|
| To understand how you use our services, how well we meet your expectations and to market accounts and services to you |
|
|
| To decide if we have been given false or misleading information and if we suspect criminal activity |
|
|
| To confirm your identity |
|
|
To share your information with companies with whom we have a joint venture or working agreement, or companies we sell loans to. |
|
|
Our Data Protection Notices for Specific Accounts and Services
Some of our services and accounts have their own Data Protection Notices. You can see the notices by clicking on the services below.
How we keep your information
We keep your personal information while you are a customer with us and for some time after that.
The length of time we keep your information for depends on things like regulations, the type of service or accounts we have provided to you and what we have discussed with each other.
Examples of where we keep your information for a longer time include:
- legal reasons, for example to comply with anti-money laundering laws; or
- if there is a disagreement between us, or with third parties.
We also have obligations about how long we keep your information to government agencies like the Financial Service and Pensions Ombudsman. The Financial Services and Pensions Ombudsman is an independent body that helps with complaints from consumers, against banks and pension providers. This can mean we need to keep your information for a longer time. We do this to protect your and our interests.
We also keep your information for as long as we need it to:
- resolve complaints;
- prevent fraud and scams; and
- protect our business.
How we use technology to process your information
We sometimes use technology to help us decide about giving you a loan or to see if your account is at risk from criminals. Technology sometimes helps us to make decisions more quickly, more accurately and more fairly than if a person were involved.
When we use technology to make a decision, we use information:
- you have given us;
- we hold about you; and
- from third parties (for example, your credit report from the Central Credit Register)
If you prefer a person to make a decision that affects you, you have the right to ask us to do this.
How we make automatic decisions
We make automatic decisions by using information such as:
- your income
- your loans
- the money coming in and out of your bank account
- your work
- what you spend your money on, and
- your credit report from the Central Credit Register
If we make an automatic decision not to lend you money, you can appeal our decision. One of our people will then look at your application again. When we make an automatic decision not to lend to you, we also tell you how to appeal the decision.
We also use technology to make help us make automatic decisions and to protect your money.
Applying for a loan
When you apply for a loan or credit card, as well as the information we use to make automatic decisions, we also automatically use:
- the information you give us; and
- your credit report.
We use this information to decide whether or not it is responsible for us to lend to you, and how much it is responsible. for us to lend you.
Protecting you from crime
When you use your account, especially online, we use technology to decide if your account is at risk from crime. We do this to:
- protect you and your money;
- protect our interests; and
- follow laws and regulations.
The technology can tell us quickly if there are risks with your location, your device or how your account is being used.
What to do if you get a ‘fraud text alert’
If we suspect a high risk, or we see any unusual activity on your cards, we look into it and we may freeze your account automatically to protect it. This means you cannot take money out of the account or put money into it. However, we will text you with a ‘Fraud Text Alert’ . You will be asked to respond with a '1' or '9' to confirm or not that it is you using the card.
The text will come from the following numbers:
- Debit Cards +353 86 180 3367
- Personal Credit Cards +353 86 180 3392
- Business Credit Cards +353 86 180 0846
These numbers are for texting only, so if you call these numbers they won't be answered. We will never ask you to send personal information by text.
You can ring AIB Phone Banking on 0818 724 724 (Dial +353 17 712 424 from outside the country) anytime to use the automated facility for routine transactions. A customer service member is available Monday to Sunday 9:00 to 17:00 for non-routine transactions, or if you need help.
How we share your information inside the AIB Group
We share your information within the AIB Group (AIB in the Republic of Ireland and in the UK, EBS and Haven) to help us:
- provide our services;
- improve our services; and
- follow laws and regulations.
For example, we follow guidelines from the European Banking Authority (EBA). The EBA sets rules for banks in the European Union including how they share information within their group. Under these rules, we must keep a record of the money you have in your account with us. They also keep a record of any money we lend you. We do this to help us decide:
- how much money we can hold in your account; and
- how much money we can lend you.
We can also see in one place accounts you might have across the AIB Group, including AIB in Ireland and the UK, EBS and Haven. Whichever company in the AIB Group that gives you the service or account looks after your personal information.
How we share your information outside the AIB Group
We share your information with third parties so we can give you the best service. You can read more about the information we share with third parties in the table on the following section.
How we share information with third parties
- Click here to read about how we describe your information.
Who we share your information with |
Why we share it |
What we share |
|---|---|---|
| Asset management firms that manage funds for people and companies |
|
|
| Card payment providers, like Visa or Mastercard |
|
|
| Claim management companies and debt collection agencies |
|
|
| Corporate services |
|
|
| Third-Party Providers that you allow to access your accounts, such as a budgeting service |
|
|
| Market research |
|
|
| Research and analytic companies that study trends and patterns. These companies may combine this information with other information they hold from other companies. |
|
|
| Financial service providers, such as other banks |
|
|
| Insolvency service providers that help people with debt |
|
|
| Insurance companies |
|
|
| Law enforcement agencies, government bodies |
|
|
| Payment software providers such as card reader companies or online payment providers |
|
|
Professional advisors:
|
|
|
| Property management services such as estate agents that value a property |
|
|
| Regulators such as the Data Protection Commission, Central Bank of Ireland and the European Banking Authority |
|
|
| Credit bodies such as the Central Credit Register |
|
|
| Security operations |
|
|
| Security trustees, for example a person or company that manages property or assets for a third party |
|
|
| Social media platforms such as Facebook, Twitter, Instagram and LinkedIn |
|
|
| Joint venture companies, that we work with. These companies may combine this information with other information they hold from other companies. |
|
|
| Consumer representatives or trade unions that we provide group schemes to . These organisations may combine this information with other information they hold from other companies. |
|
|
| State body funding such as Strategic Banking Corporation of Ireland (SBCI) and the First Home Shared Equity Scheme |
|
|
Sending your information outside the European Economic Area (EEA)
Sometimes, to give you the service you ask for, we will send your personal information outside the European Economic Area (EEA). This includes countries in the European Union, Norway, Iceland and Liechtenstein. We only send information to countries that have the same standard of protection for your information that we have in Ireland.
The level of protection of information we send to organisations outside the EEA, for example organisations in the United Kingdom, United States or India, is decided by the European Union. The details of these protections are available by contacting DPO@aib.ie
If you want to make a complaint
If you are unhappy with the way we collect, use, keep and share your information, please tell us. You can go to our website to make a complaint. Under the heading ‘Help and support’, scroll down to ‘Making a Complaint’. You will find instructions on that page.
If you are unhappy with our response, you can take your complaint to the Data Protection Commission in Ireland. You can do this by:
- visiting their website at Data Protection website.
- writing to Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland.
Updates to this notice
We will make changes to this notice from time to time, particularly when we change how we use your information, and change our technology and services. You can always find an up-to-date version of this notice:
- on this website at AIB's date protection page.
- at your local branch, or
- by asking us for a copy.
Before proceeding please read our Site Use Terms and Conditions, Privacy & Cookie statements which apply to your use of this website. AIB and AIB Group are registered business names of Allied Irish Banks, p.l.c. Registered Office: 10 Molesworth Street, Dublin 2.
Tel: +353 (0)1 6600311 Registered in Ireland: Registered No. 24173 Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland. Copyright Allied Irish Banks, p.l.c. 1995