P a g e 1 | 4
UBA’S PRIVACY POLICY regarding the use of the official web page
This privacy statement sets out the data processing practices carried out through the use of United Bank of Albania (UBA)
website. The statement should read in conjunction with our Terms and Conditions of Use, of which this statement forms part
UBA is committed to keeping information given by the users of our website confidential. It is necessary that users fully
understand the terms and conditions surrounding the capture and use of information we gather, how we use it, and how to
correct or change it.
UBA is the sole owner of information collected on www.uba.com.al. UBA will not sell, share, or rent this information to
others, and it will be used only by UBA for technical administration of the website, customer administration, and research and
UBA website may contain links to, and may be accessed from, other websites. UBA is not responsible for the privacy practices
or the content of other websites. This privacy statement applies solely to information collected by the UBA website. We
encourage our users to be aware that, when they leave www.uba.com.al, to read the privacy statements of each and every
website that collects personally identifiable information.
The banks collect only those personal data of the clients and/or third parties with which, the bank enters into contractual
relationship in the course of its business activities and that are necessary for the realization of the activities for which it is
licensed by the Bank of Albania or for the fulfilment of its necessities as a commercial legal entity.
Our website does not offer the option of registration. You can only review our information published on it. By visiting our
website, you volunteer the following information:
1. Personally identifiable information:
Users provide the following types of personal information:
Information about the searches you carry out; and
Information about your visits to the UBA website.
Therefore no personally identifiable information is collected from visitors to our website.
2. Non-personal identifiable information:
Technical information is also collected when you use the website. Some of the technical information that may be
collected include: the type of browser you are using, your manner of connecting to the internet, your internet protocol
address (which is the internet address of your computer, that all computers automatically provide whenever accessing the
internet or other computers), etc. Although this tracks user traffic patterns and gathers information, it does not track
individual users.
P a g e 2 | 4
Information about you may be stored in the following way:
These are very small text files placed on your hard drive by a web page server. Cookies work like identification cards
informing the server that you are a returning visitor to the web page. They can only be read by the server that gave them to
you and are unique to your computer. If you would prefer, you can set your browsers to refuse cookies. However, you may
not be able to take full advantage of a website if you do so. You can also set your browser to notify you when you receive
cookies, giving you the chance to decide whether to accept them. Alternatively, you may switch off cookies by changing
your browser settings.
Use of Information
Information gathered is mainly used for the following:
To operate the website;
To conduct research about the use of the website; and
To learn about the geographical distribution of our websites visitors.
UBA may use agents and contractors in order to help operate the network. If such agents and contractors have access to
personally identifiable information, they are required to protect this information in a manner that is consistent with this
Privacy Policy, such as not using the information for any purpose other than to carry out the services they are performing
on the network.
Legal matters: The UBA website will not disclose your personal data to third parties unless we are required by law or legal
process to provide information regarding a user, non-compliance with which might expose UBA to legal sanctions.
Personal data collected by banks are retained as below:
a) Upon conclusion of financial relation, client’s data are blocked in the database.
This blocking entails the impossibility that these data are seen or processed by bank operators. These data can be
accessible only by persons that have a special status and only upon approval of the bank’s highest authority or of the
structure authorized for such purpose.
b) Client’s personal data are kept for five years after the conclusion of the financial relation between the bank and the
client. After this five year period, the bank erases these data from the physical and online files and system.
c) If, based on Albanian legislation into force, a lawful authority or institution orders keeping those data beyond the five
year period, the data are copied in a special data base, the security measures and the retention period of which will be
decided in accordance with the law upon which the authority requires the non-erasure of the data.
It is your CHOICE
The use of the website is optional.
1. Right to access
Every data subject is entitled to obtain free of charge from the controller upon his written request:
P a g e 3 | 4
a) confirmation whether or not his personal data are being processed, information on the purposes of processing, the
categories of processed data and the recipients or categories of recipients to whom personal data are disclosed;
b) communication to him in a comprehensible form of the data undergoing processing and of any available
information as to their source;
The information about the data shall be communicated in the form they were at the time when the request was made. Within
30 days upon receipt of the request, the controller informs the data subject or explains the reasons why the information cannot
be provided.
The right to access shall be exercised in respect of the constitutional principles of freedom of speech and information, freedom
of press and professional confidentiality and it may be restricted if it violates national security interests, the foreign policy, the
economic and financial interests of the state, prevention and prosecution of criminal offences.
If access is denied on arguments of violation of national security interests,foreign policy, economic and financial interests of
the state, prevention and prosecution of criminal offences or of the freedom of speech and information or press freedom, the
data subject may require from the Commissioner to check on the exemption for the concrete case. The Commissioner shall
inform the data subject about the undertaken measures.
2. The right to request blocking, rectification and erasure
Every data subject has the right to request blocking, rectification or erasure of his data, free of charge whenever he is informed
that data relating to him are irregular, untrue, and incomplete or have been processed and collected in contradiction with the
provisions of this law.
Within 30 days from receipt of the data subject request, the controller shall notify the data subject on the lawful processing of
the data, whether the blocking, rectification or erasure has been carried out or not.
3. The right of the data subject to refuse
The data subject, pursuant to the law, has the right to object, at any time, free of charge the processing of data related to him
carried out under letter a” and “b” , unless otherwise stipulated by the law.
a)for the performance of a legal task of public interest or in exercise of powers of the controller or of a third party to whom the
data are disclosed;
b) processing is necessary for the protection of the legitimate rights and interests of the controller, the recipient or any other
interested party. However, in any case, processing of personal data cannot be in clear contradiction with the data subject right
to protection of personal life and privacy.
The data subject has the right to demand the controller not to start processing, or if processing has started, to stop processing of
personal data related to him for the purposes of direct marketing and to be informed in advance before personal data are
disclosed for first time for such purpose.
In any case, when a citizen claims that his rights and personal interests have been infringed, he is entitled to ask the
Commissioner to intervene, according to the provisions of the Law on Protection of Personal Data. In case of conflict with
provisions of other legal acts, the rules of this Instruction, of the Law on protection of personal data and of the specific
legislation on banks in the Republic of Albania shall prevail.
This privacy statement states our current practices and policies. If our practices change in the future, this statement will be
updated and posted here so that you have the latest information on our data collection and use policies.
P a g e 4 | 4
If you have any questions or concerns about our Privacy Policy, you are kindly advised to contact:
The IT Supervisor
P.O. Box 128, Tirana, Albania
Tel: +355 4 2404575/ ext. 111; Fax: +355 4 240 45 58; E-mail: adrian_guza@ubaal.com