Barus Privacy Notice
A privacy notice (Notice) is a public statement of how our organization applies data protection
principles to processing data.
> Who is collecting the data? This Notice applies to personal information collected by
members of BARUS.
> What data is being collected? We’ll only collect your information in line with relevant
regulations and law. We may collect it from a range of sources and it may relate to any of our
products or services you apply for, currently hold or have held in the past. We may also
collect information about you when you interact with us, e.g. visit our websites, call us or
visit one of our subsidiaries, or even ask about any of our products and services. Most of it
will come directly from you. We might also get some of it from publicly available sources.
The information we collect may include:
1. personal details, e.g. name, previous names, gender, date and place of birth
2. contact details, e.g. address, email address, landline and mobile numbers; information
concerning your identity e.g. photo ID, passport information, National ID card and
nationality (e.g. Authentication authorized signatory in document etc).
3. other information about you that you give us by filling in forms or by communicating with
us, whether face-to-face, by phone, email, online, or otherwise.
4. Investigations data, e.g. due diligence checks, sanctions and anti-money laundering checks,
external intelligence reports, content and metadata related to relevant exchanges of
information between and among individuals and/or organizations, including emails,
voicemail, live chat, etc.
5. Records of correspondence and other communications between us, including email, live
chat, instant messages and social media communications.
> Will the data be shared with any third parties? We may share your information with
others where lawful to do so including where we or they:
1. Need to in order to provide you with products or services you’ve requested.
2. Have a public or legal duty to do so
3. Need to be in connection and regularly report, litigate or assert or defend legal rights and
4. Have a legitimate business reason for doing so.
5. Have asked you for your permission to share it, and you’ve agreed.
> We may share your information for these purposes with others including:
1. Other BARUS companies and any sub-contractors, agents or service providers who work for
us or provide service to us
2. Financial institution
3. People or companies required to be in connection with potential or actual corporate
restructuring, merger, acquisition or takeover,including any transfer or potential transfer of
any of our rights or duties under our agreement with you
4. Law enforcement, government, courts, dispute resolution bodies, our regulators, auditors
and any party appointed or requested by our regulators to carry out investigations or
audits of our activities.
5. Other parties involved in any disputes, including disputed transactions.
6. Fraud prevention agencies.
> How will the information be used?
We’ll only use your information where we have your consent or we have another lawful reason for
using it. These reasons include where we:
1. need to pursue our legitimate interests.
2. need to process the information to carry out an agreement we have with you.
3. need to process the information to comply with a legal obligation.
4. believe the use of your information as described is in public interest.
5. need to establish, exercise or defend our legal rights.
6. need to use your information for insurance purposes.
The reasons we use your information include to:
1. deliver our products and services
2. carry out your instructions.
3. manage our relationship with you, including (unless you tell us otherwise) telling you
about products and services we think may be relevant for you.
4. understand how you use your accounts and services; prevent or detect crime including
fraud and bribery.
5. improve our products and services.
6. protect our legal rights and comply with our legal obligations.
7. recover money which you owe.
> How long will the data be stored for?
We keep your information in line with local law. We may need to retain your information for a
longer period where we need the information to comply with regulatory or legal requirements or
where we may need it for our legitimate purposes, e.g. to help us respond to queries or complaints,
fighting fraud and bribery, crime, responding to requests from regulators, etc
> What rights does the data subject have?
Youhave a number of rights in relation to the information that we hold about you. These rights
– The right to access information we hold about you and to obtain information about how we
– In some circumstances, the right to withdraw your consent to our processing of your
information, which you can do at any time. We may continue to process your information if
we have another legitimate reason for doing so
– In some circumstances, the right to receive certain information you have provided to us in
an electronic format and/or request that we transmit it to a third party
– The right to request that we rectify your information if it’s inaccurate or incomplete
In some circumstances, the right to request that we erase your information. We may
continue to retain your information if we’re entitled to or required to retain it
– The right to object to, and to request that we restrict, our processing of your information in
Again, there may be situations where you object to, or ask us to restrict, our processing of your
information but we’re entitled to continue processing your information and/or to refuse that
request. Youcan exercise your rights by contacting us using firstname.lastname@example.org
– How can the data subject raise a complaint?
Should you want to raise a complaint, do not hesitate to send it to email@example.com