The Jamaica Deposit Insurance Corporation (JDIC) respects your privacy and is committed to protecting your personal data (“you” or “your”). We ask that you read this Privacy Notice carefully as it contains important information about how the JDIC intends to collect and process, store and, where necessary, disclose your personal data that you provide through interaction with the Corporation. JDIC has implemented a Data Protection Policy (the Policy) to comply with its obligations under the Data Protection Act (“DPA”) of Jamaica and commits to regularly reviewing the JDIC Privacy Notice to ensure that it accurately reflects the way we collect and use information about you and to ensure compliance with the Policy and the DPA. Any changes to this Notice will be updated and communicated accordingly.

1. The personal data we collect and process about you 

Personal data is information about a living individual or an individual who has been deceased for less than thirty years, who can be identified from that information alone or from that information and other information JDIC may be in possession of, or likely to come into possession of.

We may collect, use, store and disclose different kinds of personal data about you, including: 

• Contact details or biographical data (e.g., name, address, email address, phone numbers, date of birth).
• Contract data of legal persons conducting business with JDIC.
• Biometric data (e.g., photograph or facial image, signature). 
• Financial data (e.g., bank account information, generally and specifically including but not limited to bank balances, loan and credit facilities,  credit card details, contact and biographical as well as financial data that relates to a deposit or loan account maintained at a deposit-taking institution/member institution of the DIS for the sole purpose of carrying out JDIC’s statutory mandate that includes participating in the resolution of a non-viable/failing or failed deposit-taking institution and making insured deposit reimbursements, and liquidation management.)
• Online identifiers (e.g., geolocation data).
• Social media, marketing or account data (account name, survey responses).
• Employment-related data (e.g., Employment history, workplace, type of employment, job status).
• Education-related data (e.g., education history, professional certification details, resume/CVs). 

There are different ways in which we may collect data from and about you. These include: 

• Information you provide us e.g., by filling in forms or corresponding with us by email and when you fill out personal data on this site, enter a competition, promotion, survey, give us feedback, or contact us.
• Information you provide us e.g., by participating in the recruitment process or applying for a position.
• Information that your devices or web browser provide us or that is obtained using web technologies e.g., device details, browsing actions and patterns through the use of cookies.
• Information from various third-party sources such as deposit-taking institutions that are members of the Deposit Insurance Scheme, business customers, government agencies, and additional suppliers of public information.

1. Cookies and Internet Technology

Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. We use Internet technology like cookies and Web Beacons for a variety of purposes, including to: assist us in providing services to you; track visitor use of this site; deliver information specific to your interests on additional Websites; and compile statistical reports on site activity. You can set your browser not to accept cookies. If you disable or refuse cookies, please note that some parts of this site may become inaccessible or not function properly. 

1. How will we use your personal data?

JDIC may gather this personal data and use it or disclose it to any authorized person or organization, including any service provider and other third parties for legitimate purposes including:

• Processing and delivering your requests.
• Managing our relationship with you.
• Enabling you to participate in a competition, promotion or survey.
• Administering and ensuring the security of the Corporation’s website.
• Delivering website content and information to you and understanding the effectiveness of such information.
• Meeting our legal, statutory mandate and regulatory requirements.
• Verifying information previously given by you with any other organization when necessary.
• Finding out how many persons use our electronic channels, and which aspects of our channels are used most frequently.

The DPA requires that JDIC provide each data subject with information pertaining to the lawful basis for which their personal data is to be used, shared, or disclosed. To the extent the law applies, we may rely on the following lawful basis which the data may be necessary for:

• The performance of a contract related to employment, distribution purposes, suppliers etc.
• Compliance with any legal obligation.
• To protect the vital interest of the data subject.
• For the administration of justice, exercise of any function conferred by or under any enactment, or exercise of any other functions of a public nature exercised in the public interest.
• Purposes of legitimate interest.
• With consent by the data subject.

The relevant information and/or data is used by JDIC, our agents, representatives, and sub-contractors to process your application, act upon your request and communicate with you in general where applicable. If you have requested information from us and have not chosen to opt-out, you may receive public education information from us. We may also use your personal data to determine what type of information is most useful in order to improve our electronic channels as well as for the general operation of JDIC.

1. How long will we retain your personal data?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including the purposes outlined in the DPA.

1. How we protect your personal data

We will use all reasonable efforts to safeguard your personal data against loss, theft, unauthorized access and disclosure, copying, use or modification, including maintaining organizational, technical, and physical safeguards. To help protect the information we collect and use, we employ safeguards such as data access controls (including multifactor authentication), password protection and system configuration and patch management. These safeguards vary depending upon a variety of factors including the sensitivity of the information we collect and use. Despite all reasonable practices, no security method is infallible. 

In the event of a data breach, the DPA sets out various reporting requirements to be made by JDIC. We commit to responding in alignment with the requirements in the DPA and the respective JDIC policies and procedures. 

1. Your rights  

Subject to certain legal and contractual exceptions, the JDIC will ensure that your request, based on prescribed data privacy rights under the DPA, is honoured.  These rights include:  

• Right of access: You may have the right to access the personal data we have on you by obtaining a copy of this personal data.
• Right to rectification: You may have the right to request the correction or amendment of any errors in the personal data we have about you. 
• Right to prevent processing: You may have the right to request that the data controller cease; or not begin, processing, of your personal data. 
• Rights in relation to automated decision-making: You may have the right to ensure that no decision to which this section applies is based solely on the processing, by automatic means, of personal data in respect of the data subject for the purpose of evaluating matters relating to the data subject. 

If you would like to exercise any of your data subject rights or obtain further information about them, you may download the JDIC Data Subject Access Request Form using the hyperlink https://www.jdic.org/wp-content/uploads/2024/11/JDIC-Data-Subject-Access-Request-Form.pdf,  complete it and email your request to the Head of Privacy at headofprivacy@jdic.org.  Please note that if you contact us to exercise any of your rights, we may require you to provide sufficient personal data to verify your identity. Any personal information provided will be used solely for this purpose. Once we receive your request, we will respond to you within thirty (30) days.  

1. Your consent 

By submitting your personal data to JDIC in person or through any of our electronic channels you consent to JDIC’s collection, use and disclosure of your personal data as set out in this notice. If you have any questions about our privacy notice or your personal data, please reach out by e-mailing your privacy concerns to dataprotection@jdic.org. 

1. Sharing of personal data

Subject to your consent, we may disclose some or all of the information we collect about you to third parties (e.g., cloud hosting providers, Government agencies, external auditors, law enforcement bodies, regulators, and credit agencies). Such information will only be shared with companies that perform services for us or on our behalf for legitimate business purposes. Whenever we permit a third party to access your personal data, we will ensure the personal data is used in a manner consistent with this privacy notice. 

The contractual arrangements between us and these third parties require them to keep the information we provide them confidential and to use the information only for the purposes authorized by us.

JDIC may transfer your information to service providers, and other third parties located outside of Jamaica. This is necessary for the purposes outlined in this Privacy Notice. JDIC is responsible for providing data subjects the level of protection defined by the DPA. Third parties outside of Jamaica will need to confirm to the JDIC that they have controls similar to those in place in Jamaica and as prescribed in the DPA. Safeguards include data transfer agreements. By providing us with your information, you acknowledge and consent to any such transfer, storage, or use of your personal data to third parties located outside of Jamaica. 

1. Links to other websites

Our website may contain links to other websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for or liable in relation to their privacy statements.