Privacy Policy (Revised – 25/11/2024)

(This is a direct translation of your text.)

1. General Information

1.1 Who are we?

Celvox Bank is an independent bank , authorised and supervised by the Central Bank of Ireland and a member of the European Union Deposit Insurance Corporation . Celvox is committed to providing safe, transparent and innovative banking services.

Data Controller contact details:

  • Name: Celvox Bank
  • Email: privacy@celvox.ie
  • Address: Dublin 2, D02 X285, Ireland
  • Tel: +353 1 234 5678

1.2 Celvox's Role as Data Controller

Celvox is the data controller for the processing of personal data relating to the opening and management of bank accounts, transactions and identity verification.
Celvox operates in accordance with:

  • EU General Data Protection Regulation (GDPR)
  • Irish Data Protection Act 2018
  • National and EU financial regulatory requirements

1.3 What data do we process?

Celvox may process personal data relating to:

  • Identification
  • Contact
  • Finance
  • Technical identifications
  • Compliance documents (KYC/AML)
  • Transactions and account activity
  • Communications with customer support

2. Purpose of the Privacy Policy

This document is designed to provide a clear explanation of:

  • why we collect personal data,
  • how we process and store them,
  • with whom are they shared,
  • how long do we keep them,
  • and what your rights are under GDPR and Irish law.

3. Personal Data We Collect

3.1 Identification Details

  • Name and surname
  • Date of birth
  • Nationality
  • Identity card/passport
  • PPS number if required by law

3.2 Contact Details

  • Email address
  • Residential address
  • Phone number

3.3 Financial Details

  • Account numbers
  • Transaction history
  • Calculated financial position (based on account usage)
  • Source of funds (as required for AML)

3.4 Compliance Details (KYC/AML)

  • Identification documents
  • Proof of delivery
  • Information about financial bonds
  • Checks against illegal funds
  • Information from authorized third party databases

3.5 Technical Data

  • IP address
  • Browsing data
  • Devices used to log in
  • Security logs

4. Purposes of Data Processing

Celvox processes your personal data to fulfill the following purposes:

4.1 Establishing and Managing a Banking Account

Data is collected and processed to:

  • open a banking account,
  • verify your identity,
  • provide access to our online platform,
  • and manage your personal settings.

4.2 Conducting Financial Transactions

Data is used to process transactions, such as:

  • transferred,
  • payments,
  • card payments,
  • accepting payments.

4.3 Identity Verification (KYC)

It is necessary to collect data in order to have legal proof of who you are in accordance with Irish and EU regulations.

4.4 Anti-Money Laundering (AML)

We process data to:

  • detect suspicious activities,
  • monitor transactions,
  • and ensuring regulatory compliance.

4.5 System Security and Protection

Technical data is collected to ensure:

  • that unauthorized access is not made,
  • your account is secure,
  • and that financial security standards are met.

4.6 Communication with Customers

We use data to contact you regarding:

  • account updates,
  • important announcements,
  • customer support,
  • and regulatory notices.

4.7 Marketing (with consent)

send marketing offers or updates if you have given your express consent .

4.8 Legal and Regulatory Compliance

Celvox must comply with:

  • Irish financial laws,
  • EU regulations,
  • and investigative requirements from legal authorities.

5. Legal Basis of Processing (Legal Basis under GDPR)

Celvox processes personal data on the following grounds:

5.1 Contract Performance (GDPR, Article 6(1)(b))

When necessary for:

  • account opening,
  • banking services management,
  • to complete transactions.

5.2 Legal Obligation (Article 6(1)(c))

This includes:

  • KYC (Know Your Customer)
  • AML (Anti-Money Laundering)
  • Regulatory reporting
  • Data retention in accordance with Irish law

5.3 Legitimate Interest (Article 6(1)(f))

Celvox's legitimate interests:

  • customer account protection,
  • protection against fraud,
  • operational efficiency.

5.4 Consent (Article 6(1)(a))

Consent is used only for:

  • electronic marketing,
  • voluntary commercial advertisements.

You can withdraw your consent at any time.

5.5 Protection of Human Interests (Article 6(1)(d))

In rare cases where data processing is necessary to protect an individual from serious harm.

6. Data Retention

Celvox retains your personal data only for as long as necessary to fulfill the purposes specified in the Legal and Business Requirements.

  • Account and transaction data: retained until the account relationship ends or services end.
  • Regulatory data (KYC/AML): retained in accordance with current regulations, often up to 5–10 years after the closure of an account or transaction.
  • Marketing data: retained until you withdraw your consent.

7. Data Security

Celvox takes strong technical and organizational measures to protect your data from:

  • unauthorized access,
  • loss, destruction or unauthorized alteration,
  • fraud or cyber attacks.

Technical measures:

  • SSL encryption for your connection to your account,
  • strong passwords and regular changes,
  • regular monitoring of servers and networks.

Organizational measures:

  • limited access to employees who need to know your data,
  • training on data protection principles and GDPR,
  • clear rules on data access and use.

8. Access and Control Rights (Data Subject Rights)

You have these rights under the GDPR:

  1. Access: ask Celvox for a copy of your personal data.
  2. Right to rectification: right to correct inaccurate data.
  3. Right to erasure: request the deletion of data that is no longer necessary or lawful (“right to be forgotten”).
  4. Right to restrict processing: keep data but do not use it for specific purposes.
  5. Right to object: offer to withdraw your marketing consent.
  6. Right to data portability: request to receive your data in a structured, portable format.
  7. Right to complain: make a complaint to Celvox or the Irish Data Protection Authority (DPA).

9. Online Security Statement

  • All connections between your browser and the Celvox site are encrypted via SSL .
  • The green padlock you are using a secure site.
  • Do not share your access code with anyone.
  • In the event of loss of access code, please contact Customer Service .

10. Audit & Logs Retention and Control

  • All transactions and activities on the site are digitally recorded.
  • These records are used as legal evidence and to manage services.
  • This protects both users and the Celvox Root Company.

11. Hyperlinks to Other Sites

  • Celvox does not accept responsibility for the content of other sites, even if they contain a hyperlink .
  • No one should create a link to Celvox without express permission .

12. Customer Services

13. Credit Verification Retention and Rules

  • Based on contractual arrangements, Celvox assumes that transaction and account records until the relationship ends or you fulfill your legal obligations.
  • In the event of payment difficulties, Celvox follows rigorous legal and regulatory processes to ensure compliance with regulations and customer protection.