Privacy Policy

Please read this privacy notice carefully as it sets out how ruya uses your personal information. 

If you have any questions about this privacy notice or do not agree with it, please contact us at hello@ruyabank.ae or write to us at PO Box 1474, Building No. 4, Marsa Ajman, Liwara 1, Ajman, United Arab Emirates, before using this website or our mobile application or providing us with your personal information in person, as applicable. Our website terms of use explain the terms on which you are allowed to use our website www.ruyabank.ae and social media web pages, all of which provide a gateway to our products and services, as well as lots of other useful information about ruya www.ruyabank.ae/terms-and-conditions. 

We may change this privacy notice from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes. You can also ask us for a physical copy of this notice by contacting us using the details set out above.  

What information do we collect? 

When you use our website or mobile application or provide us with your personal information, as applicable, please bear in mind that we may record: 

  • The areas of the website or mobile application that you visit 
  • Information about your computer or mobile device, such as which browser you are using, your network location, the type of connection you are using (e.g. broadband, ADSL, etc.), and your IP address. 
  • Your title, full name, signature, and contact details, including for instance your email address, home and mobile telephone numbers and fax number 
  • Your home address, correspondence address (where different from your home address) and address history 
  • Your date of birth and/or age, e.g., to make sure that you are eligible to apply for the product and/or that it is suitable for you 
  • your place of birth, nationality, residency details and any other citizenships if this is necessary for us to comply with our legal and regulatory requirements 
  • Your government identification number and identification documents including for instance document type, number, country of issue and expiry date 
  • Your Liveliness Videos and photos as part of the onboarding / registration (Sign Up) or for account recovery or for KYC or for personalised customer experience purposes. 
  • Records of how you have contacted us and, if you get in touch with us online, details such as your mobile phone location data, IP address and MAC address 
  • Details of your marital status, spouse’s name and account information, dependents, beneficiaries, beneficial owners, representatives, indemnifiers, tax status, sources of income and funds, assets and liabilities, and whether you are a politically exposed person 
  • Details of shareholdings, prominent functions, directorships, and/or employment including for instance your occupation, salary, employer, and length of service 
  • details of your products and services including for instance application information, customer ID number, account number, account balance and currency, account history, security or collateral held by us, your branch name, standing orders, direct debits, payment transactions, cards held, card numbers, details of additional signatories, online banking details, information relating to complaints and/or fraud reports, and details associated with account closure and/or card cancellation; 
  • security identifiers; and 
  • the type and location of your device/handset. 
  • We do this by using cookies. Please see our Cookies Policy for more information. 
  • Face Data (Selfie) to confirm ID and Liveness videos and photos through TrueDepth API which are also part of our regulatory requirements during onboarding/registration: 
  • As part of the onboarding process, we are taking a picture of the user’s face based on some gestures requested such as “Wink with your left/right eye” or “Smile”. 
  • This picture is requested as part of the registration process where the user is usually asked to scan his legal documents. Once the user takes a picture of his face, we are comparing this picture to the one found in the scanned legal documents to verify that this is the same user. 
  • This data is neither stored nor shared with any third parties. 
  • Once you submit information through our website or mobile application, which includes when you log in to your account, we will know who you are and your activities on this website and information about you and/or your company may be recorded on our systems. For example, we may ask for the following information when you log into your account, register for product updates or apply for a new product or service: 
  • [your name]; 
  • [company name]; 
  • [email address]; 
  • [postal address]; 
  • [telephone number]; 
  • [your comments/questions]; and 
  • [the products/services you are interested in]. 


We may also collect personal information from telephone calls and/or other correspondence with you, whether by email, our online chat function or otherwise, or in person from one of our kiosks.
 

What do we do with the information we collect? 

We use this information for all sorts of reasons. 

The main reason we use this information is to provide you with the website and information about our products and services (whether available via the website or offline). We also use the information for: 

  • Internal record keeping 
  • Product and service development 
  • Developing our website 
  • Answering your queries or complaints 
  • Market research 
  • Marketing our own products and services to you 
  • Complying with our legal obligations and performing our contract with you or for taking steps prior to entering into it.


On what basis do we use your personal information?
 

We use your personal information on the following basis: 

  • With your consent, where you have indicated that you would like to receive marketing messages from us 
  • For the legitimate interests of ruya, being the purposes set out in the “What do we do with the information we collect?” section above and to comply with certain legal and regulatory obligations of ruya. 

 
 Marketing 

We would like to provide you with information about ruya’s products and services and other information which we think you may find interesting. We may send you such information by post, e-mail, mobile application notifications, and/or telephone, unless you have asked us not to do so. 

If you are a customer of ours or you have previously asked us for information on our products and services, we may send you information by e-mail; however, in every marketing email message we send you, we will give you the opportunity to unsubscribe from our mailings altogether. 
We do not provide your personal information to external organisations (i.e. outside of ruya) for their own marketing purposes without your explicit consent. 

If at any time you do not want your information used for direct marketing purposes, please contact us at hello@ruyabank.ae and if you decide that you no longer wish to receive marketing emails from us, please either follow the unsubscribe link in one of our marketing e-mail messages or contact us at hello@ruyabank.ae.  

Whom do we share your information with? 

We share your personal information with third parties who perform functions on our behalf and who also provide services to us, such as professional advisors, data hosting providers, IT consultants carrying out testing and development work on our business technology systems, research and mailing houses and function co-ordinators. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality. 

We also share your personal information with our other group companies for internal reasons, primarily for business and operational purposes, which include the following: 

  • Joint account holders, trustees and beneficiaries and any person with power of attorney over your affairs (in each case only if relevant to you) 
  • Other payment services providers such as when you ask us to share information about your account with them 
  • Other account holders or individuals when we have to provide your information to them because some money paid to you by them should not be in your account 
  • Our legal and other professional advisers, auditors and actuaries 
  • Financial institutions and trade associations 
  • Governmental and regulatory bodies 
  • Tax authorities who are overseas for instance if you are subject to tax in another jurisdiction we may share your personal information directly with relevant tax authorities overseas 
  • Other organisations and businesses who provide services to us such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions 
  • Buyers and their professional representatives as part of any restructuring or sale of our business or assets 
  • Credit bureaus 
  • Market research organisations who help us to develop and improve our products and services. 
      

As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us, your personal information will be disclosed to such entity. Also, if any bankruptcy, insolvency or reorganisation proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible, they will be sold or transferred to third parties. 

Where required we share your personal information with third parties: to comply with a legal obligation; when we believe in good faith that an applicable law requires it; at the request of government authorities conducting an investigation; to verify or enforce our website terms of use www.ruyabank.ae/terms-and-conditions or other applicable policies; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise, to protect the rights, property, safety, or security of third parties, visitors to our website, our business or the public. 

How and when can you withdraw your consent? 

Much of what we do with your personal information is not based on your consent, instead it is based on other legal grounds. For processing that is based on your consent, you have the right to take back that consent for future processing at any time. 

You can do this by contacting us using the details above. To comply with payment services regulations, we have to share some of your personal information with other payment service providers in some circumstances such as when you ask us to share information about your account with them. Whilst those payment services regulations mention ‘consent’ for this, ‘consent’ in that context does not have the same meaning as ‘consent’ under data protection laws. 

The legal grounds which may be relevant to this are compliance with our legal obligations, performance of our contract with you, our legitimate interests, or a combination of these. Therefore, if you ask to withdraw consent from what we do with your personal information where we need to have it the payment services regulations, we may still have to hold and use your personal information. 

What should you do if your personal information changes? 

You should tell us without delay so that we can update our records. 

Do you have to provide your personal information to us? 

We are unable to provide you with products and services or to process your application without having personal information about you. Your personal information is required before you can enter into the relevant contract with us, or it is required during the life of that contract, or it is required by laws that apply to us. If we already hold some of the personal information that we need – for instance, if you are already a customer – we may not need to collect it again when you make your application. 

Do we do any monitoring involving processing of your personal information? 

In this section, monitoring means any listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, e-mail, text messages, social media messages, in-person face to face meetings and other communications. We may monitor where permitted by law and we will do this where the law requires it. 

Some of our monitoring may be to comply with regulatory rules, self-regulatory practices or procedures relevant to our business, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures, to have a record of what we have discussed with you and actions agreed with you, to protect you and to provide security for you (such as in relation to fraud risks on your account) and for quality control and staff training purposes. Some of our monitoring may check for obscene or profane content in communications. 

We may conduct short term carefully controlled monitoring of your activities on your account(s) where this is necessary for our legitimate interests or to comply with our legal obligations. For instance, where we suspect fraud, money laundering or other crimes. Telephone calls and/or in-person meetings between us and you in connection with your application and/or your account(s) may be recorded to make sure that we have a record of what has been discussed and what your instructions are. We may also record these types of calls for quality control and staff training purposes. 

Security 

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect, including locked cabinets and electronic password protection. 

If at any point you suspect or become aware of a security incident (e.g., you receive a suspicious communication from someone holding themselves out to be a ruya employee or from an unauthorised website claiming to be affiliated with ruya), please forward the communication to us or report the incident by email to hello@ruyabank.ae or in writing to ruya at P. O. Box 1474, Building No. 4, Marsa Ajman, Liwara 1, Ajman, United Arab Emirates addressed to Compliance, as soon as possible.  

How long will we keep your personal information? 

We will always keep your personal information for the period required by law. We will also keep your personal information where we need to do so in connection with legal action or an investigation involving ruya. Otherwise, we will only keep your personal information for the period necessary to fulfill the purposes outlined above and in any event for no more than five years thereafter. 

Linking to other websites 

Our website or marketing email messages sometimes include links to other websites which are not within our control. Once you have left our website/marketing email message, we cannot be held responsible for the content of other websites or the protection and privacy of any information which you provide to those websites. You should exercise caution and look at the privacy statement applicable to the website in question. 

Data Anonymization and Use of Aggregated Information 

Your personal information may be converted into statistical or aggregated data which cannot be used to identify you. It may then be used to produce statistical research and reports. This aggregated data may be shared and used in all the ways described in this privacy notice. 

Contact Us 

If you have any questions about the processing of your personal information or need additional information, please contact hello@ruyabank.ae.