Privacy Notice

    Privacy Notice

    This privacy notice is to let you know how we manage your personal information at The Jamaica National Group. This is information that we collect when you establish and maintain a relationship with us. This notice also tells you about your privacy rights and how the law protects you.



    As a customer, you agree to us collecting, using and appropriately disclosing your personal information in accordance with our contract with you. We may change our products and services at any time without notice, and consequently, our Privacy Notice may be updated at any time in the future. Continued use of our products and services implies ongoing acknowledgement and consent to same.



    We will:

    1. Secure and protect your personal information
    2. Not disclose your personal information outside the JN Group without your consent
    3. Enable you to express your preferences so that you can manage how we use your personal information.



    The Jamaica National Group Limited (“JN Group”) consists of member companies which are set up as separate legal entities. These companies provide services including banking, insurance, investment management, money remittance, bill payment, information technology and fleet management.

    Based on our global presence, we are subject to the varying requirements of data protection legislation in the jurisdictions where we operate. Our aim is to be as consistent as possible as we obey all applicable laws and apply the highest standard of privacy laws to our approach.



    We gather various types of information that may identify you as an individual (“personal information”). The information collected depends on the entity providing the service, as well as the service requested.

    We collect your information in the following circumstances:

    • When you request information about our products and services;
    • When you apply for our products and services;
    • When you talk to us on the phone or in branch, including recorded calls and notes we make;
    • When you use our websites, web chats and mobile device apps;
    • When you send emails and letters;
    • When you submit insurance claims or other documents;
    • When you participate in customer surveys;
    • When you take part in our competitions or promotions.
    • When you register or apply for benefits under our rewards programs.

    We may also collect data when you use our services. This data collection covers two areas:

    1. details about how and where you access our services and
    2. account activity that is shown on your statement as follows:
    • Payments and Transactions: This includes the amount, frequency, type, location, origin and recipients. If you borrow money, it also includes details of repayment and whether they are made on time and in full.
    • Profile and Usage of Information: This includes any security details you create and use to connect to our services. It also includes your settings and marketing choices. Additionally, we gather statistical data about your browsing actions and patterns, from the devices you use (such as computers and mobile phones) to connect to our internet, mobile and telephone banking services. We may collect information about your computer including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers.



    We may use the information we collect from our customers and their users in connection with the services we provide for a range of reasons, including to:

    • provide, operate and maintain the services;
    • process and complete transactions, and send related information, including transaction confirmations and invoices;
    • manage our customers’ use of the services, respond to enquiries and comments, and provide customer service and support;
    • send customers technical alerts, updates, security notifications, and administrative communications;
    • verify the identity of customers;
    • investigate and prevent fraudulent activities, unauthorized access to the services, and other illegal activities; and
    • perform any other functions about which we notify customers and users.

    Below we detail the main ways in which JN Group may use your personal information and the reasons for collecting your information.

    What we collect your data forHow we use your data that we collectOur reasons for collecting your data
    Establishing a relationshipTo provide our Products and/or Services1. Keeping our records up to date, working out which of our products and services may interest you and telling you about them

    2. Seeking your consent when we need it to contact you

    3. Defining types of customers for new products or services

    4. Developing products and services, and what we charge for them

    5. Being efficient about how we fulfill our legal and contractual duties

    Maintaining a relationshipUpdate customer personal data.
    Update contractual agreement terms and conditions.
    Offers related to our existing contract with you.
    Marketing and Product DevelopmentTo test new products.
    To manage how we work with other companies that provide services to us and our customers.
    To develop new ways to meet our customers’ needs.
    To communicate to you, information related to our products and services.
    Transaction Processing/ Business OperationsTo execute business in accordance with industry best practice.1. Being efficient about how we fulfill our legal and contractual duties

    2. Complying with rules and guidance from regulators

    To deliver our products and services.
    To facilitate and manage customer transactions.
    To manage fees, charges and interest due on customer accounts.
    To manage accounts receivables / payables.
    To manage and provide treasury and investment products and services.
    Regulatory Requirements and GovernanceTo adhere to laws and regulations that applies to us.1. To ensure adherence to internal controls and external regulatory requirements

    2. Developing and improving how we deal with financial crime, as well as doing our legal duties in this respect

    To detect, investigate, report, and seek to prevent financial crime.
    To manage risk for us and our customers.
    To respond to complaints and seek to resolve them
    Legal ProceedingsCustomer Complaints1. Manage and advise on customers’ legal queries or issues

    2. Execute legal actions or query on behalf of client

    3. Execute transfers on behalf of client (property, etc.)

    4. Use any special categories of data as needed to establish, exercise or defend legal claims

    Transaction Processes
    Other Legal Proceedings



    In accordance with the law, our internal procedures for processing (collecting, storing and securing) your personal information are governed by controls, which ensure the protection and security of your personal information. The law allows us to use personal information based on lawful bases for legitimate purposes. The following are the lawful bases upon which we process data:

    • Processing is necessary for fulfilment and performance of a contract to which you are a party. We process your personal information to open accounts, maintain account details, perform administrative tasks and provide services.
    • Processing is necessary for compliance with a legal obligation or duty. When you apply for a product or service, we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account or provide services to you.
    • Processing is necessary for the purposes of our legitimate interests or that of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Our use of your personal information may also be based on our legitimate interest to ensure network and information security if you use any of our systems; provide you with the most appropriate products and services (direct marketing); and make available reports (risk, financial, accounting, etc.) to internal management and supervisory bodies.
    • Consent is given. Your personal information may be processed for certain services, based on your request or agreement. Consent is received at that point to provide these services, and therefore, process your information. For example, putting a standing order in place on your account or adding a vehicle to your motor insurance policy.

    JN Group companies may process personal information based on any of the above, in order to provide their services to you.



    We do not rent or sell your personal information to anyone. We may share your information, including how we manage your account(s) or visits to our website, with other companies within the JN Group and/or with relevant third parties, and as permitted by law, including, but not limited to the following:

    1. People who provide a service to us or are acting as our agents, on the understanding that they will keep your information strictly confidential and, otherwise, process it in accordance with data protection rules.
    2. Anyone, to whom we transfer or may transfer all or any part of our business or assets; from whom we acquire any business or assets; or who acquires substantially all of the assets of the JN Group.
    3. Credit reference and fraud prevention agencies.

    We may also provide information about you if we have a duty to do so in order to comply with any legal obligation, or in order to enforce or apply our terms of use, or if the law allows us so to do.

    If JN Group companies receive your personal information and subsequently transfers that information to a third-party agent or service provider for processing, JN Group remains committed to ensuring that such third-party agent or service provider processes your personal information to the standard required to meet GDPR and other local privacy laws.



    We will only send your data outside of the European Economic Area (‘EEA’) or outside of Jamaica in the following circumstances:

    1. to follow your instructions,
    2. to comply with a legal duty or
    3. to work with our service providers who help us to manage your accounts and to provide you with services.

    These countries may not have similar data protection laws to those in your country of residence. However, we will always protect your information on the basis that anyone to whom we pass the information protects it in the same way we would and in accordance with this privacy notice and applicable laws. All international transfers outside the EU are protected by EU-based model contract clauses, where there are terms approved by the EU commission.



    Retention periods for records are determined based on the type of record, the nature of the activity, product or service, the country in which the relevant company is located and the applicable local legal or regulatory requirements. We normally keep customer account records for up to seven years after your relationship with the bank ends, then the information is securely destroyed.

    We have CCTV at the different entities in various locations. CCTV recordings are kept until the storage is full and then they are overwritten. We have some cameras that take constant images and some that are activated by motion, consequently causing our retention policy to vary by premises. Our retention policy for CCTV footage varies between 14-90 days depending on the location and nature of recording. We will supply footage if we have it, but do not commit to supplying any footage over 14 days.

    Job applicant’s data is kept only for the duration of the application process, and then it is destroyed if the applicant is unsuccessful.

    We may also keep your data for longer than seven years if we cannot delete it for legal, regulatory or technical reasons. For example, we have to hold pension transfer information indefinitely; and if you apply for insurance cover through us we may keep insurance claims data for up to 15 years after you stop being a customer.



    Your rightsMeaning
    The right to object to the processingYou have the right to object to the processing of your personal data in certain situations.
    The right to informationYou have the right to be informed whether and to what extent we process your data.
    The right of accessSubject to certain exceptions, you have the right to obtain a confirmation as to whether or not we process your personal data, and if we do, request access to your data.
    The right to rectificationIf the personal data that we process is incomplete or incorrect, you have the right to request their completion or correction at any time.
    The right to deletionSubject to certain exceptions, if you consider that we should stop processing some or all of your personal data, you have the right to request its deletion. However, there may well be reasons why an immediate deletion may not be possible (for example where retention is required to meet legal or regulatory obligations).
    The right to restrict the processingYou have the right to request that we restrict the processing of your personal data in certain situations:

    ·         If you contest the accuracy of your personal data, you may request that its processing is restricted while we verify its accuracy.

    ·         If the processing of your personal data is considered unlawful, but you do not require the deletion of your personal data.

    ·         If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defence of legal claims.

    ·         If you object to our processing of your data based on our legitimate interests

    The right to data portabilityWhere the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format.
    Rights in relation to automated decision making and profilingYou have the right to object to decisions based exclusively on the automated processing of your personal data.
    The right to withdraw your consentIf your personal data is processed on basis of your consent, you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.



    If you would like to access, review, update, rectify, and delete any personal information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation (GDPR), you can obtain contact information from the “How to Contact Us” section of this privacy notice. We will examine your request and respond to you as quickly as possible.

    Please note that we may still use any aggregated and de-identified personal information that does not identify any individual. We may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.



    We sometimes use systems to make automated decisions about you or your business. This helps us to make sure our decisions are quick, fair, efficient and correct based on what we know. Automated decisions can affect the products, services or features we may offer you now or in the future. They are based on personal information that we have or that we are allowed to collect from others. Here are the types of automated decision we make:


    We may decide what to charge for some products and services based on what we know. This will help us decide whether to offer you the product and what price to charge you.


    Tailoring Products, Services, Offers and Marketing

    We may place you in groups with similar customers. These are called customer segments. We use these to study and learn about our customers’ needs and behaviours, and to make decisions based on what we learn. This helps us to design products, services and offers for different customer segments, and to manage our relationships with them. It also helps us tailor the information that individuals receive or see on our own and other websites and mobile apps, including social media.


    Detecting Fraud

    We use your personal information to help decide if your personal or business accounts or customer relationships may be being used for fraud or money-laundering. We may detect that an account or customer relationship is being used in ways that fraudsters work. Additionally, we may notice that an account or customer relationship is being used in a way that is unusual for you or your business. If we think there is a risk of fraud, we may stop activity on the account or customer relationship, or refuse access to it.


    Opening Accounts or Establishing Customer Relationships

    When you open an account or establish a customer relationship with us, we check that the product or service is relevant to you, based on what we know. We also check that you or your business meets the conditions needed to open the account or customer relationship.


    Credit Provision

    If we provide credit to you, we will use your personal information to assess the outcome of the decision to grant you a credit.

    To help us make decisions on when to give you credit, we need a credit score to assess your application. To work out your credit score, we look at information you give us when you apply; information from credit reference agencies that will show us whether you’ve kept up to date with payments on any credit accounts (that could be any mortgages, loans, credit cards or overdrafts), or if you’ve had any court action such as judgments or bankruptcy; your history with us such as maximum level of borrowing; and affordability, by looking at your available net income and existing debts.

    You have right in relation to automated decision making, including a right to appeal if your application is refused.



    We are committed to the protection of your privacy rights and of your personal information. If you have any questions or require more details about how we use your personal information please see below:

    • Contact our Member Ombudsman at 876-936-0262
    • Write to us at 2-4 Constant Spring Road, Kingston 10, Jamaica
    • Contact our Call Centre at
      • JAM: 876-926-1344-9
      • CAN: 416-789-6675
      • USA: 305-593-7967/954-535-5767
    • WhatsApp us at 876-499-1605
    • Email us at

    You can also contact our Data Protection Officer:

    Anthony Robinson
    JN Group Data Protection Officer
    c/o JN Group
    2-4 Constant Spring Road
    Kingston 10
    E-mail address:

    Please let us know if you are unhappy with how we have used your personal information.  You can contact us by visiting any of our locations where you will be assisted to lodge a formal complaint, or you can use our online complaint form on our website at

    You also have the right to make a complaint to an EU regulator if you are resident in the EU. If you are unhappy about the way we have dealt with your privacy, you can contact our Data Protection Officer or make a complaint to the Information Commissioners Office. Find out on their website how to report a concern or write to:

    Information Commissioner’s Office
    Wycliffe House
    Water Lane
    Wilmslow, Cheshire
    SK9 5AF
    Helpline number: 0044 (0)303 123 1113

    Changes to this privacy statement occur from time to time as the business develops and grows and adds more processing. You are encouraged to check back regularly to see any changes that may have occurred.



    We use cookies and other internet tracking software to collect data while you are using our websites or mobile apps. Cookies allow us to store information about the computer device you use to access our website so that you can conduct business with us easily. They allow us to recognise when you revisit our websites and to evaluate our websites’ advertising and promotional effectiveness. We use both our own (first party) and partner companies’ (third party) cookies to support this activity.

    We do not use Cookies to:

    • track your internet usage after leaving the website
    • store personal information others may read and understand.

    Processing of personal data associated with the use of these cookies occurs based on our legitimate Interests to administer the website.

    Our cookies are listed below.

    Cookie NameRetention TimeDescription
    _ga2 yearsThis is a Google Analytics cookie used to distinguish users.
    _gid24 hoursThis is a Google Analytics cookie used to distinguish users and its main purpose is for performance of the site.
    _gat1 minuteThis is a Google Analytics cookie used to throttle the request rate limiting the collection of data on high traffic sites.
    moove_gdpr_popup1 yearStores your cookie consent state for the current domain


    You can deactivate the non-technical cookies by not consenting to non-essential cookies when your first visit the site. When you first visit the site, it gives you an opportunity to opt-in or opt-out of cookies.

    You may also set your browser’s setting to deactivate cookies. If you use that option, some functions of this website (e.g. login, memory of preferences etc.) may not be available. Detailed guidance on how to control cookies preferences for the most common browsers can be found at:

    You also have the option to install the Google Analytics opt-out browser add-on and thereby deactivate the use of Google analytics cookies and the associated data processing. You can find the Opt-out browser add-on here.

    You can find the Google privacy notice here.

    Google Analytics privacy notice.





    For your convenience, hyperlinks may be posted on the website that link to other websites. We are not responsible for these sites, and this privacy notice does not apply to, the privacy practices of any linked sites or of any companies that we do not own or control. Linked sites may collect information in addition to that which we collect on our website. We encourage you to seek out and read the privacy notice of each linked site that you visit to understand how the information that is collected about you is used and protected.



    We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not attempt to register for our services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Information, please contact us a soon as possible. You can find the information in the “Contact us” section of this privacy statement.