SBAC Bank Investment Limited (“SBIL”, “we”, “us”, “our”) is committed to protecting your privacy and ensuring the secure handling of your personal information. This Privacy Policy explains how we collect, use, process, store, disclose, and safeguard your data when you use the SBAC TradeEX mobile application (“App”).

By using the App, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described herein.

1. Scope of the Policy

This Privacy Policy applies to:

• Users of the SBAC TradeEX App
• Applicants for BO/brokerage accounts
• Visitors accessing features or information linked to the App

This policy covers all personal and financial data collected through the App, website, or communications with SBIL.

2. Information We Collect

We collect the following categories of information to provide you with secure and compliant trading services:

2.1 Personal Information

• Full name
• Date of birth
• National ID/Passport/Driving License details
• Photograph and signature
• Contact details (address, phone number, email)
• Bank account details
• Nominee and guardian information

2.2 Account & Regulatory Information

• BO account number
• SBIL brokerage account number
• KYC records as per BSEC and CDBL guidelines
• Income details and occupation
• Risk profile assessment
• Transaction and trading history

2.3 Device & App Usage Information

Automatically collected to enhance security and performance:

• Device ID (IMEI, Android/Apple ID)
• Mobile operating system details
• IP address
• Geo-location (only if required for fraud prevention)
• App crash logs and performance metrics

2.4 Authentication Information

• Password
• PIN
• Biometric identifiers (fingerprint/Face ID) — stored only on your device, not on SBIL servers
• Login timestamps and access logs

2.5 Market Interaction & Communication

• Order placement logs
• Market data access logs
• Chat/support interactions
• Notifications opened and user preferences

3. How We Use Your Information

Your data is used for the following lawful and essential purposes:

3.1 To Provide Trading Services

• Account opening and verification
• Facilitating buy/sell orders
• Portfolio and statement generation
• Processing payments and settlements

3.2 For Compliance and Regulatory Requirements

• Anti-Money Laundering (AML)
• Counter-Terrorism Financing (CTF) checks
• BSEC, CDBL, and exchange reporting
• Audit and inspection purposes

3.3 To Enhance App Functionality

• Improving user experience
• Fraud detection and prevention
• Implementing two-factor authentication
• Monitoring system performance

3.4 For Communication

• Sending trade confirmations
• Notifying users of corporate actions and settlements
• Sharing service updates, alerts, and announcements

3.5 For Internal Analysis

• Usage analytics
• Performance and risk monitoring
• Identifying service improvements

SBIL does not sell or rent your personal data to any third party.

4. Legal Basis for Processing

We process your data on the following grounds:

• Contractual necessity (to offer trading services)
• Legal and regulatory obligations (BSEC, DSE, CSE, NBR, CDBL)
• Legitimate interests (fraud prevention, service improvement)
• Consent (for optional features such as biometric login or promotional messages)

5. Data Sharing and Disclosure

We may share your data with:

5.1 Regulatory and Government Bodies

• Bangladesh Securities and Exchange Commission (BSEC)
• Dhaka Stock Exchange (DSE)
• Chittagong Stock Exchange (CSE)
• Central Depository Bangladesh Limited (CDBL)
• Bangladesh Bank
• Law enforcement agencies (upon legal request)

5.2 Service Providers

Strictly on a need-to-know and secured basis:

• Payment gateways and settlement banks
• SMS gateway providers (OTP delivery)
• Market data vendors
• IT service providers and cloud hosting partners

These parties are bound by confidentiality and data protection obligations.

5.3 Internal Authorized Personnel

Access is restricted and monitored to prevent unauthorized use.

6. Data Storage and Retention

• Data is stored securely within Bangladesh or regions permitted under the Data Protection Act 2023.
• Personal and financial data is retained for at least 7 years, or longer where required by BSEC and CDBL regulations.
• After the retention period, data is securely deleted or anonymized.

7. Data Security Measures

We apply industry-standard controls to protect your data, including:

• Encryption (in transit and at rest)
• Multi-Factor Authentication (MFA)
• Firewall and intrusion detection systems
• Secure coding practices
• Access control and monitoring
• Regular security audits and penetration testing

You are responsible for protecting your login credentials and device security.

8. Your Rights

Depending on applicable laws, you may:

• Access your personal data
• Request correction or updates
• Request a copy of your data
• Withdraw consent for non-essential processing
• Object to certain uses of your data
• Request deletion where permissible by regulation

9. Children’s Privacy

The App is intended for users aged 18 or older. We do not knowingly collect data from minors. If such data is discovered, it will be deleted promptly.

12. Changes to This Privacy Policy

SBIL may update this Privacy Policy periodically. Revisions will be published in the App and on the official website. Continued use of the App after updates constitutes your acceptance of the revised Policy.

13. Contact Information

For requests, complaints, or inquiries regarding this Privacy Policy:

SBAC Bank Investment Limited
 BSC Tower (6th Floor), 2 & 3 Rajuk Avenue, 

Dhaka-1000, Bangladesh

General Support: support@sbacbsl.com.bd