logo

Privacy Policy

This Privacy Policy (“Policy”) describes how Prime Bank Investment PLC (“PBIL,” “we,” “us,” or “our”) collects, uses, stores, shares, and protects personal and financial information obtained from users (“you” or “your”) of our website (www.pbil.com.bd), investor web portal (portal.pbil.com.bd), digital services, and other touchpoints through which we provide investment banking, portfolio management, and advisory services.

 

PBIL is a wholly owned subsidiary of Prime Bank PLC and is registered and regulated as a merchant bank under the Securities and Exchange Commission (Merchant Banker and Portfolio Manager) Rules, 1996, and other applicable laws and directives of the Bangladesh Securities and Exchange Commission (“BSEC”) and Bangladesh Bank.

 

By accessing our website, opening an account, using our web portal, or engaging our services, you acknowledge that you have read and understood this Policy and consent to the collection and use of your information as described herein.

 

1. Legal Framework

The collection, processing, storage, and sharing of personal data by PBIL is governed by and carried out in compliance with the following applicable laws and regulatory frameworks:

 

  • Digital Security Act, 2018: governing digital data handling and cybersecurity obligations in Bangladesh.

  • Money Laundering Prevention Act, 2012 and Anti-Terrorism Act, 2009: as administered by the Bangladesh Financial Intelligence Unit (BFIU), which impose mandatory data collection and reporting obligations.

  • Securities and Exchange Commission (Merchant Banker and Portfolio Manager) Rules, 1996: and all applicable BSEC directives governing investor data, KYC, and suitability assessment.

  • Bangladesh Bank Guidelines: on cybersecurity, data retention, and financial crime prevention.

  • Companies Act, 1994: as applicable to record-keeping and disclosure obligations.

 

2. Information We Collect

We collect personal and non-personal information through account applications, web portal registrations, service inquiries, and interactions with our website. The categories of information we collect include:

 

2.1 Personal Identification Information

  • Identity documents: Full legal name, National Identity Card (NID) number, passport details, date of birth, and Tax Identification Number (TIN).

  • Nominee information: Name, NID, relationship, and contact details of nominated beneficiaries, as required during BO account opening.

  • Biometric data: Where collected during eKYC or digital onboarding processes, including fingerprints or facial recognition data, subject to your explicit consent and applicable law.

 

2.2 Contact Information

  • Email address, mobile phone number, mailing and residential address.

  • Foreign address and contact details for Non-Resident Bangladeshi (NRB) clients, including those enrolling in the PrimeInvest Probashi scheme.

 

2.3 Financial and Investment Information

  • Bank account details, BO ID number, and source of funds documentation.

  • Investment preferences, risk tolerance, financial objectives, and suitability assessment data collected as part of portfolio management onboarding.

  • Transaction history, portfolio holdings, and trade records maintained through our web portal and CDBL/CCBL accounts.

  • Foreign currency information for NRB clients.

 

2.4 Corporate and Institutional Client Data

  • Business registration documents, Memorandum and Articles of Association, trade licenses, and financial statements.

  • Details of authorized signatories, beneficial owners, and directors.

  • Board resolutions or mandate letters governing investment authority.

 

2.5 Sensitive Personal Data

Certain products offered by PBIL — including PrimeInvest Shariah (a Shariah-compliant portfolio management scheme) and PrimeInvest Women — may, by their nature, involve the collection of information that is sensitive, including religious or gender identity. We collect such information only where it is directly necessary to deliver the requested service and will not use it for any profiling, marketing segmentation, or purpose beyond service delivery. Participation in religiously designated schemes will not be disclosed to any third party except where required by law.

 

2.6 Technical and Usage Data

  • IP addresses, browser type and version, device identifiers, and operating system.

  • Cookie data, session tokens, and web analytics information collected through our website and portal.

  • Log data recording access times, pages visited, and user interactions with our digital services.

 

3. How We Use Your Information

We use the information collected for the following specific and lawful purposes:

 

  • Service Delivery: Processing applications for and managing Portfolio Management (discretionary and non-discretionary), Equity Capital raising, Debt Capital raising, and Corporate Advisory services, including all PBIL investment schemes.

  • Know Your Customer (KYC) and Anti-Money Laundering (AML) Compliance: Verifying your identity, assessing the source of funds, and meeting ongoing due diligence obligations mandated by the BFIU, BSEC, and Bangladesh Bank.

  • Suitability Assessment: Evaluating your risk profile, investment objectives, and financial situation to recommend appropriate products and manage portfolios in your best interest.

  • Account and Portal Management: Facilitating secure access to the PBIL Web Portal, maintaining your investment account, and processing transactions through CDBL and CCBL.

  • Communications: Delivering market research reports, daily and monthly market updates, scheme-specific communications, and responding to your inquiries.

  • Regulatory Reporting: Meeting statutory reporting obligations, including Suspicious Transaction Reports (STRs) and Currency Transaction Reports (CTRs) required under the Money Laundering Prevention Act, 2012.

  • Service Improvement and Analytics: Analyzing website usage patterns and user behavior to improve our digital interface, products, and service quality.

  • Legal and Compliance Obligations: Meeting any court orders, regulatory directives, or legal requirements to which PBIL is subject.

 

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to any third party for commercial purposes. We may share your data only in the following specific and controlled circumstances:

 

  • Regulatory and Law Enforcement Authorities: Disclosure to BSEC, Bangladesh Bank, the Bangladesh Financial Intelligence Unit (BFIU), the National Board of Revenue (NBR), or any other competent authority where required by applicable law, court order, or regulatory directive — including mandatory STR and CTR reporting obligations.

  • Parent Company — Prime Bank PLC: Sharing with Prime Bank PLC for integrated group financial reporting, group-level KYC and AML compliance, or cross-functional service support, subject to strict intra-group confidentiality agreements and applicable regulatory requirements.

  • Market Infrastructure and Settlement Entities: Disclosure to the Central Depository Bangladesh Limited (CDBL), Central Counterparty Bangladesh Limited (CCBL), Dhaka Stock Exchange (DSE), and Chittagong Stock Exchange (CSE) as required to facilitate settlement, custody, and trading of securities on your behalf.

  • Payment and Banking Partners: Sharing necessary transaction and account details with banks and payment processors for the purposes of fund transfers, online deposits, and portfolio-related payments.

  • Technology and Service Providers: Third-party vendors engaged for website hosting, data analytics, CRM, cybersecurity, and portal infrastructure, operating under strict data processing agreements with confidentiality and security obligations equivalent to our own.

  • Auditors and Legal Advisors: Disclosure to external auditors, legal counsel, and compliance consultants engaged by PBIL, subject to professional confidentiality obligations.

  • Business Transfers: In the event of a merger, acquisition, restructuring, or sale of PBIL or Prime Bank PLC, your information may be transferred as part of that transaction, subject to equivalent privacy protections.

 

5. Data Security

PBIL implements industry-standard technical and organizational measures to protect your personal and financial information against unauthorized access, loss, alteration, disclosure, or destruction. Our security framework includes:

 

  • Two-factor authentication (2FA) on the PBIL Web Portal to prevent unauthorized account access.

  • Role-based access controls (RBAC) ensuring that internal staff can only access client data necessary for their specific function.

  • Secure firewall configurations and intrusion detection systems protecting our network perimeter.

  • Regular internal security audits, vulnerability assessments, and penetration testing.

  • Documented incident response procedures, including a data breach notification protocol.

 

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to improve user experience, remember preferences, and gather analytics data. We use the following categories of cookies:

 

  • Essential Cookies: Required for the website and web portal to function properly. These cannot be disabled without impairing your ability to use core features, including secure login and session management.

  • Functional Cookies: Remember your settings and preferences to personalize your experience (e.g., language, display preferences).

  • Analytics Cookies: Collect anonymized data on how visitors use our website (e.g., pages visited, time spent) to help us improve our digital services. We use third-party analytics tools for this purpose.

  • Marketing Cookies: Used to present relevant information and service updates. These are only set with your consent.

 

You may manage or disable non-essential cookies through your browser settings or our cookie consent banner. Please note that disabling essential cookies may prevent certain features — particularly the PBIL Web Portal — from functioning correctly.

 

7. Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law and regulatory obligations. Our standard retention periods are as follows:

 

  • KYC and AML Records: Minimum of 5 (five) years from the date of account closure or termination of the business relationship, in accordance with the Money Laundering Prevention Act, 2012.

  • Transaction and Portfolio Records: Minimum of 5 (five) to 7 (seven) years from the date of each transaction, in accordance with BSEC and Bangladesh Bank requirements.

  • Correspondence and Communications: Up to 5 (five) years for client correspondence relevant to investment decisions, disputes, or regulatory matters.

  • Analytics and Cookie Data: 12 to 24 months, depending on the type of cookie and data collected.

  • Marketing Data: Until you withdraw consent or request removal from our mailing list.

 

Upon expiry of the applicable retention period, personal data will be securely deleted or anonymized in a manner that prevents reconstruction.

 

8. Your Rights

Subject to applicable law and our regulatory obligations, you have the following rights with respect to your personal data:

 

  • Right of Access: You may request a copy of the personal information we hold about you.

  • Right to Rectification: You may request correction of any inaccurate or incomplete data in our records.

  • Right to Erasure: You may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected. Please note that certain data must be retained by us to meet regulatory obligations and cannot be erased upon request.

  • Right to Object: You may object to the processing of your data for direct marketing, profiling, or any other purpose not strictly required for service delivery or regulatory compliance.

  • Right to Data Portability: You may request that we provide your data in a structured, commonly used, and machine-readable format where technically feasible.

  • Right to Withdraw Consent: Where processing is based on your consent (e.g., marketing communications), you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.

 

To exercise any of these rights, please submit a written request to us using the contact details provided in Section 10 of this Policy. We will respond within a reasonable timeframe and in accordance with applicable regulatory requirements.

 

9. Changes to This Policy

Prime Bank Investment PLC reserves the right to update or amend this Privacy Policy at any time to reflect changes in our business practices, regulatory requirements, or legal obligations. When material changes are made, the updated Policy will be published on our website. We encourage you to review this page periodically. Where required by law or the nature of the change, we will notify you directly through your registered contact details.

 

10. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or our data handling practices, please contact our Compliance Department:

 

Prime Bank Investment PLC

Tajwar Center (5th Floor), House: 34, Road No: 19/A

Banani, Dhaka-1213, Bangladesh

 

Email: info@pbil.com.bd

Phone: 09678771773

Website: www.pbil.com.bd

 

Prev Post

Prime Bank Investment PLC. Hosts “Invest For Tomorrow” Session at Daraz Head Office
Next Post

PBIL, Korean Chamber to Boost Investment, Capital Market Access