Security & Privacy

Maintaining your privacy and security, that’s our commitment to you.

The Bank of Nevis Limited is committed to providing the highest level of security and privacy regarding the collection and use of our customers’ personal information. The Bank will therefore maintain strict standards to ensure your privacy and security at all times. This privacy and security policy outlines our principles and procedures regarding the privacy, confidentiality and security of your personal and financial information.

Collecting and Using Your Personal Information

The Bank of Nevis Limited collects personal information via your interactions with us, through application forms and transactions made with the Bank. We will collect and use only that information which is necessary for the purposes of:

providing financial services
understanding the retail, financial and banking needs of our customers
developing and managing products and services to meet the needs of our customers
contacting our customers directly for products and services that may be of interest
determining the eligibility of our customers for different products and services
ensuring the highest standard of service to our customers
periodically conducting surveys in order to enhance the provision of services
complying with regulatory requirements
verifying a customer’s identity

We will retain your personal information only as long as necessary or expected to be necessary for the identified purposes above, or as required by legislation governing the Federation of St. Christopher and Nevis.

Every employee of The Bank of Nevis Limited is held accountable for the protection of customers’ personal information. The Bank of Nevis Limited educates all employees about the importance of confidentiality and customer privacy in accordance with the Banking Act. Annually, each employee of The Bank of Nevis Limited is required to sign a Declaration of Secrecy verifying that he/she is aware of and is conforming to the policy. Notwithstanding, access to any personal information that we collect is restricted to those employees who need to know that information in order to perform their specific duties. Any staff member who violates the Bank’s customer privacy will be terminated.

Disclosing Your Personal Information

The Bank of Nevis Limited will never reveal any specific information about its customers or their accounts or other personally identifiable data to any third parties unless:

The customer requests or permits the disclosure
The disclosure is required by or allowed by law (e.g., subpoena, investigation of fraudulent activity, demand by regulatory authorities, etc.); or,
The customer has been informed about the possibility of disclosure for marketing or similar purposes through a prior communication and given the opportunity to decline (i.e., “opt out”).

When we do provide customer information to affiliated third parties The Bank of Nevis Limited will require – through a written agreement – that any such third parties adhere to privacy principles similar to those to which The Bank of Nevis Limited adheres for keeping this information confidential.

How We Protect Your Personal Information

The Bank of Nevis Limited maintains sophisticated physical, electronic, and procedural safeguards for the purpose of securing your personal information. We use data encryption and firewalls to maintain the security of the information we receive via our website. We also use Secure Sockets Layer (SSL) with 128-bit encryption a valid and current certificate from a recognized Certification Authority.

Guarding Your Personal Information/Steps that you can take

While security and privacy risks cannot be eliminated, they can be minimized. The Bank of Nevis Limited recommends that you take the following precautions to guard against the disclosure and unauthorized use of your account and personal information.

Proper Use of Passwords

Do not under any circumstances share your passwords with anyone, including family members
Never give your password to a third party such as a payment service provider as this places your financial information at risk
Don’t use passwords that are obvious like your name, names of family members, your address, date or birth or any other information that might be found in your purse or wallet
Try to avoid passwords that are real words. Choose passwords that are difficult for others to guess. Such passwords may contain a combination of letters, numbers or symbols
Avoid using the same password for several accounts or services. Try to use unique passwords for different web sites and purposes
Change your passwords frequently
If you suspect that someone knows your password, change it immediately. In the meantime, ensure that your information has not been compromised

Using a Firewall

Your computer may become vulnerable to hackers if it is not properly protected while connected to the Internet. All cable modems, digital subscribe lines (DSL) and dial-up users may be susceptible to Internet hackers.

A personal firewall will help protect your computer while it is connected to the Internet. A firewall creates a barrier between your computer and the rest of the Internet. A firewall can be a hardware device, a software application or a combination of the two. Firewalls can help prevent hacker attacks and block certain types of data from entering your computer or private network. They can also be set up to alert you if anyone tries to access your system.

Security Updates
Be sure to download and install security updates regularly. Alternatively, you may configure your operating system to check for new updates automatically.

Be Wary of Internet Fraud

Criminals will use varied ways and means to target you via the Internet. The most common of these are email fraud, identity theft, phishing and pharming.

E-mail fraud
Exercise caution with e-mails that ask for personal information. Never provide your personal passwords, personal identification numbers (PIN), account numbers or log in information for B-Online Internet Banking. Please note that The Bank of Nevis Ltd will never send you an e-mail asking you to provide these personal details.

Most importantly, if you think that you are a target of e-mail fraud, do not reply to the e-mail — delete it immediately without opening it.

Learn more about e-mail fraud …

How do I know if this is e-mail fraud?

The message in the e-mail threatens that your account will be deactivated if you do not respond. Also, the e-mail may contain added emphasis, such as exclamation points and words like “don’t delay”, “now” or “immediately,” to create a sense of urgency. This is simply a scare tactic that is used to make feel obligated to react or respond.
The message asks you to send personal information, including your password, personal identification number (PIN), account number etc
The message asks you to confirm or verify information about your account.
The message is poorly written with ALL CAPS, spelling and grammatical errors, and sentences that don’t seem to flow smoothly.

Remember too that e-mail is not secure or confidential unless properly encrypted. The Bank of Nevis Limited does not use encryption or digital signatures for incoming or outgoing e-mail. Consequently, we discourage the use of e-mail to send personal or financial information to us. If a customer nonetheless chooses to do so, the customer assumes full responsibility for the risks of doing so.

Identity Theft

Identity fraud occurs when someone steals your personal information like your name, social security number, date of birth or account number and uses it illegally. If you think that you are a victim of identity fraud and you are a customer of The Bank of Nevis Ltd, please alert usimmediately. Learn more about Identity Theft…

How do identity thieves get my personal information?

Identity thieves may retrieve your personal information in a variety of ways including but not limited to:

Dumpster driving: They rummage through your trash looking for unshredded documents, bills
Skimming: They steal your credit/debit/ATM card numbers by using a special storage device when processing your card.
Phishing:They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information.
Changing Your Address: They divert your billing statements to another location by completing a “change of address” form.
Using the Internet: They steal personal that you may have posted on websites or transmitted via e-mail.
“Old-Fashioned” Stealing: They steal your wallets and purses; mail, including bank and credit card statements; pre-approved credit card offers, new checks or any documents that contain your personal information.

How can I protect myself from becoming a victim of Identity Theft?

You can take certain basic steps to protect yourself from identity fraud:

Shred financial documents and paperwork with personal information before you discard them.
Don’t give out personal information on the phone, through the mail, or over the Internet unless you know who you are dealing with.
Never click on links sent in unsolicited emails; instead, type in a web address you know. Use firewalls, anti-spyware, and anti-virus software to protect your home computer; keep them up-to-date.
Don’t use an obvious password like your birth date, your mother’s maiden name, or the last four digits of your Social Security number.
Keep your personal information in a secure place at home, especially if you have roommates, employ outside help, or are having work done in your house.

You may not be aware that someone has stolen your identity until months or years have passed. The key is to stay alert.

Monitor your credit card statements.
Review them promptly and carefully monthly.
Become suspicious if you do not receive your bills on time. A missing bill could mean that an identity thief has taken over your account and changed your billing address to cover his tracks.
Become suspicious if you begin receiving calls or letters from debt collectors or businesses asking about merchandise that you did not order.

Phishing

Identity thieves use this method to get hold of your personal information. They pretend to be financial institutions and use spam, pop-up messages or e-mails to encourage you to reveal your personal information such as your password, bank account and credit card details and Personal Identification Number (PIN). These fraudulent messages will be very convincing. They will ask you to validate or update your financial or personal information. Remember that The Bank of Nevis Limited will never send you an e-mail asking you to validate or update your personal details.

Pharming

This is an illegal practice in which the perpetrators ‘pharm’ for information by hacking into DNS server software. (DNS servers are the giant computers that ‘run’ the Internet). These perpetrators or Internet hackers identify areas of vulnerability in the DNS software through which they can acquire the domain name of a website. They then re-direct traffic from that website to another fraudulent or bogus website. Learn more …

Protect yourself from ‘phishing’ and ‘pharming’ by following these simple but essential guidelines:

DO NOT provide your personal or financial information into any pop-up window, even if it appears to be legitimate.
NEVER respond to e-mails that ask you to confirm, validate or verify your personal information.
DELETE without opening any e-mail from a financial institution of which you are not or member.
BE SUSPICIOUS of e-mails containing grammatical or spelling errors as well as words that convey urgency such as ‘now’ or ‘immediately’.
BE WARY OF suspicious websites. Always be certain that the website you are on is legitimate. Before entering your personal information, you should also ensure that the website is secure by looking for the small closed-lock symbol in the lower corner of the web browser window. (This symbol might be slightly different depending on the search engine) You may also look for the letters ‘https://” at the beginning of the website address in the web browser. If you suspect any fraud, leave the website immediately without following any instructions on that site.

General

Do’s …

always log off a website after terminating a session, especially when using public computers in Internet Cafes, Libraries etc.
clear your brower’s cache when you complete a session, to ensure that your personal information is not accessible to others who may come behind you
always sign off/log off your online accounts and close your browser if you’re going to step away from your computer even if only momentarily.

… and Don’ts

leave your computer screen unattended while in the secure banking area of the site
send privileged account information (account number, password, etc.) via e-mail
use software or select the option that allows your computer to automatically remember your passwords or log in information – someone else using your computer could take advantage of this

Keeping up to date with our Privacy Policy

We encourage you to familiarize yourself with our privacy policy. If you have any queries regarding our privacy policy, how we protect you, or how you could protect yourself, please call or visit our office because maintaining your privacy and security is our commitment to you.