Privacy Policy

Home » Privacy Policy

Introduction

Bunyoro Finance Bank (“we,” “us,” “our,” or “the Bank”) values your privacy and is committed to safeguarding the personal information you share with us. This Privacy Policy explains:

  • What information we collect from you
  • How we use, store, and protect it
  • The circumstances under which we may share it
  • Your rights regarding your personal data

By using our services — whether through our website, mobile applications, branches, or other channels — you agree to the practices described in this Privacy Policy.

Who we are

Bunyoro Finance Bank is a licensed financial institution in Uganda, providing personal, business, and digital banking services. Our headquarters are located in Hoima, with branches in Kampala, Masindi, and Fort Portal. We operate in compliance with the Bank of Uganda regulations, the Uganda Data Protection and Privacy Act (2019), and other relevant laws.

other channels — you agree to the practices described in this Privacy Policy..

Information We Collect

We collect personal data in several ways — directly from you, through your use of our services, and from authorised third parties.

1 Information You Provide Directly

  • Personal identification – full name, date of birth, gender, ID number, passport, or driving permit details
  • Contact information – phone number, email address, postal address, physical address
  • Financial details – account numbers, transaction history, income details, loan applications
  • Employment information – employer name, occupation, salary details
  • Security credentials – passwords, PINs, security questions, biometric identifiers (e.g., fingerprint for mobile app login)

3.2 Information Collected Automatically

When you use our website, e-banking, or mobile banking:

  • IP address and device information
  • Browser type and version
  • Geolocation data (where applicable)
  • Usage patterns (pages visited, time spent, clicks)

3.3 Information from Third Parties

We may receive data from:

  • Credit reference bureaus
  • Law enforcement agencies
  • Public records
  • Other financial institutions (e.g., for interbank transfers)

4. How We Use Your Information

We use your personal data to:

  1. Provide banking services – process transactions, manage accounts, approve loans, issue credit cards
  2. Verify your identity – comply with “Know Your Customer” (KYC) and anti-money laundering (AML) regulations
  3. Enhance your experience – personalise offers, improve services, and deliver targeted communication
  4. Ensure security – detect and prevent fraud, unauthorised access, and other harmful activities
  5. Comply with legal obligations – meet requirements set by regulators and government authorities
  6. Conduct analytics and research – improve banking products and customer service

5. Sharing Your Information

We will never sell your personal data. However, we may share it under the following circumstances:

  • With your consent – e.g., when you apply for a third-party loan product through our platform
  • With service providers – IT providers, payment processors, customer service contractors (bound by confidentiality agreements)
  • With regulators and law enforcement – where legally required
  • For business transfers – in the event of a merger, acquisition, or restructuring of the Bank
  • For fraud prevention – sharing with other banks or security agencies to protect your accounts

6. Data Storage and Retention

We store your personal data securely within Uganda and, where applicable, in data centres located in jurisdictions with adequate privacy safeguards.

We retain your data:

  • For as long as your account is active
  • As required by law (typically up to 10 years after account closure, per Bank of Uganda guidelines)
  • As necessary to resolve disputes or enforce agreements

7. Security Measures

We take robust security measures to protect your information, including:

  • Data encryption (in transit and at rest)
  • Secure servers with restricted access
  • Multi-factor authentication for e-banking
  • Regular security audits and penetration testing
  • Staff training on data protection policies

8. Your Rights

Under the Uganda Data Protection and Privacy Act, you have the right to:

  • Access your personal data
  • Request correction of inaccurate or incomplete information
  • Request deletion of your data (where permissible)
  • Withdraw consent for certain processing activities
  • Restrict or object to certain uses of your data
  • Request a copy of your data in a portable format

To exercise your rights, contact us using the details in Section 11.

9. Cookies and Tracking Technologies

We use cookies on our website to:

  • Enhance site performance
  • Improve user experience
  • Analyse visitor trends

You can control or disable cookies via your browser settings. For more details, see our Cookies Policy.

10. Third-Party Websites

Our website or mobile app may contain links to third-party sites. We are not responsible for their privacy practices, and we encourage you to read their policies before sharing any personal data.

11. How to Contact Us

Bunyoro Finance Bank – Data Protection Officer
📍 Headquarters: Hoima, Uganda
📧 Email: privacy@bunyorofinancebank.com

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technology, or legal requirements. Any updates will be posted on our website with a revised “Last Updated” date.