Bankmed sal Privacy Notice

1. General

   Bankmed SAL, a banking institution organized and existing under the laws of Lebanon, registered with the Commercial Register of Beirut under No. 5261 and on the list of banks issued by Banque du Liban (“BDL”) under No. 22, having its registered office at Bankmed Center, 482 Clemenceau Street, Beirut, Lebanon (“Bankmed”), is committed to protecting the privacy, confidentiality and security of Personal Data.

   This Privacy Policy explains how Bankmed collects, uses, discloses, stores, transfers and otherwise processes Personal Data relating to clients, prospective clients, website visitors, users of digital channels, authorized signatories, representatives, beneficial owners, guarantors, security providers, suppliers, service providers and other persons connected with Bankmed’s clients, services, transactions or business activities.

   Bankmed processes Personal Data in accordance with applicable data protection, confidentiality and banking secrecy requirements, including, where applicable, Lebanese Law No. 81 dated 10 October 2018 on Electronic Transactions and Personal Data, the Lebanese Banking Secrecy Law dated 3 September 1956, BDL Basic Circular No. 146 dated 13 September 2018, the European Union General Data Protection Regulation (“GDPR”) to the extent applicable, and any other laws, regulations or regulatory requirements applicable to Bankmed or to the relevant service, channel or relationship.

   Bankmed acts as controller in respect of the Personal Data it processes, meaning that it determines the purposes and means of such Processing.

   Where a Client is required to accept or approve specific Terms of Personal Data Protection and Processing in connection with onboarding, digital banking, electronic banking, mobile banking, internet banking or any other service, such terms shall apply in addition to this Privacy Policy and shall govern the Processing of Personal Data in connection with the relevant client relationship or service. In case of inconsistency between this Privacy Policy and such terms, the Terms of Personal Data Protection and Processing shall prevail to the extent applicable to the relevant client relationship or service.

2. Definitions

   For the purposes of this Privacy Policy:

   Bankmed means Bankmed SAL.

   Client means any past, current or prospective client of Bankmed, whether a natural or legal person.

   Data Subject, you or your means any identified or identifiable natural person whose Personal Data is processed by Bankmed, including clients, prospective clients, website visitors, users of digital channels, authorized signatories, representatives, beneficial owners, guarantors, security providers and other persons connected with a client, transaction, service or relationship.

   Personal Data means any information relating to an identified or identifiable natural person, including identification data, contact details, financial information, transactional information, technical data, usage data, location data, online identifiers, device identifiers and any other information which may identify a person directly or indirectly.

   Processing means any operation performed on Personal Data, whether automated or not, including collection, recording, organization, storage, use, disclosure, transfer, deletion or destruction.

   Sensitive Data means Personal Data which may reveal sensitive information, including racial or ethnic origin, political opinions, religious beliefs, trade union, syndicate or professional order membership, health data, biometric data, genetic data, criminal records, or any other data treated as sensitive under applicable law.

3. Data Protection Principles

   Bankmed endeavors to process Personal Data in accordance with applicable data protection principles.

   Personal Data shall be collected and processed lawfully, fairly and transparently; collected for specified, explicit and legitimate purposes; adequate, relevant, not excessive and limited to what is necessary in relation to the purposes for which it is processed; accurate, complete and, where necessary, kept up to date; not further processed in a manner incompatible with such purposes, except where permitted by applicable law; retained for no longer than is necessary, subject to applicable legal, regulatory, contractual and legitimate business requirements; and processed in a manner that ensures appropriate security and confidentiality.

4. How Bankmed Collect Personal Data

   Bankmed may collect Personal Data directly from you or indirectly from other sources.

   Bankmed may collect Personal Data directly from you when you:

   a. apply for or use any of Bankmed’s products or services;

   b. open, maintain, operate or close an account;

   c. use Bankmed’s branches, automated teller machines (“ATMs”), websites, mobile applications, electronic banking, internet banking, mobile banking or other digital channels;

   d. communicate with Bankmed by telephone, email, branch visit, online form, digital channel, secure message or any other means;

   e. submit an enquiry, complaint, instruction, application, request or claim;

   f. participate in campaigns, offers, surveys, events or promotional activities;

   g. provide documents or information in connection with a transaction, facility, service or relationship with Bankmed; or

   h. browse or use Bankmed’s website or digital channels.

   Bankmed may also collect Personal Data from other sources, including:

   a. authorized signatories, representatives, agents, lawyers, introducers or other persons acting on your behalf;

   b. employers, joint account holders, guarantors, security providers, counterparties, beneficial owners, family members, associates, shareholders, directors, officers, employees, trustees, partners or other persons connected to you;

   c. other entities within Bankmed’s group, where applicable;

   d. other banks, financial institutions, correspondent banks, card schemes, payment service providers, credit reference agencies, fraud prevention agencies, debt collection entities, insurance companies or service providers;

   e. public authorities, regulators, courts, governmental bodies, tax authorities, BDL, the Special Investigation Commission (“SIC”), the Banking Control Commission of Lebanon (“BCCL”) or law enforcement bodies;

   f. publicly available sources, including commercial registers, real estate registers, official gazettes, sanctions lists, public databases, media, online search engines, official governmental platforms and other public resources; and

   g. cookies, similar technologies, device identifiers, online identifiers, browser information, security logs, analytics tools and technical tools used through Bankmed’s websites or digital channels.

5. Requirement to Provide Personal Data

   Certain Personal Data is required in order for Bankmed to establish, maintain or continue a banking relationship, provide products or services, perform contractual obligations and comply with legal and regulatory requirements, including know-your-customer (“KYC”), anti-money laundering and combating the financing of terrorism (“AML/CFT”), sanctions screening, tax reporting, banking secrecy-related requests, and other compliance obligations.

   Where the provision of Personal Data is required by law, regulation, contract or Bankmed’s internal policies and procedures, failure to provide such Personal Data, or the provision of incomplete, inaccurate or outdated Personal Data, may prevent Bankmed from opening or maintaining an account, providing or continuing to provide a product or service, executing a transaction, entering into or continuing a business relationship, or complying with the relevant request.

6. Accuracy and Updating of Personal Data

Data Subjects shall ensure that the Personal Data provided to Bankmed is accurate, complete and up to date, and shall promptly notify Bankmed of any change, update or correction affecting such Personal Data.

Bankmed may rely on the Personal Data, documents and information provided to it or otherwise made available to it, unless and until Bankmed is duly notified of any change, update or correction in accordance with its applicable procedures.

Failure to provide accurate, complete or updated Personal Data may affect Bankmed’s ability to provide or continue providing any product or service, execute any transaction, process any request, maintain any relationship or comply with applicable legal, regulatory, compliance, KYC, AML/CFT, FATCA, CRS or other requirements.

7. Types of Personal Data Processed by Bankmed

   Bankmed may process different categories of Personal Data depending on the nature of the relationship, service, transaction, channel or communication. Such Personal Data may include:

   a. identification data, such as name, surname, father’s name, mother’s name, nationality, date and place of birth, gender, marital status, civil status, passport details, identity card details, residency details, tax identification numbers and social security numbers;

   b. contact data, such as residential address, mailing address, email address, telephone number, mobile number and other contact details;

   c. professional and financial data, such as occupation, employer, business activity, income, assets, liabilities, source of funds, source of wealth, tax residency, tax status, information required under the U.S. Foreign Account Tax Compliance Act (“FATCA”) and the Common Reporting Standard (“CRS”), creditworthiness and financial profile;

   d. account and transaction data, such as account numbers, International Bank Account Numbers (“IBANs”), balances, statements, transaction history, payment instructions, beneficiaries, counterparties, card transactions, transfer details and purpose of payment;

   e. KYC, AML/CFT and compliance data, including customer due diligence documents, beneficial ownership information, control structure information, politically exposed person information, sanctions screening results, risk classifications and related compliance records;

   f. credit and facility data, including information relating to loans, facilities, collateral, guarantees, security providers, repayment history, defaults, insurance coverage and related documentation;

   g. investment-related data, including investment profile, risk appetite, investment knowledge, experience, objectives, classification and suitability information;

   h. digital and technical data, including IP address, device type, operating system, browser type, login data, access time, approximate location or location data, cookies, online identifiers, usage data, application activity and security logs;

   i. communication data, including correspondence, emails, telephone recordings, complaints, instructions, requests and records of interactions with Bankmed;

   j. closed-circuit television (“CCTV”) footage and branch security records, where applicable; and

   k. any other information required or permitted to be collected or processed under applicable laws, regulations, contractual documents or Bankmed’s internal policies.

8. Purposes of Processing Personal Data

   Bankmed may process Personal Data for one or more of the following purposes:

   a. assessing applications for products or services;

   b. opening, maintaining, managing, servicing and closing accounts;

   c. providing banking, financial, payment, card, digital, investment, credit and ancillary services;

   d. verifying identity and performing KYC, AML/CFT, sanctions, fraud prevention and compliance checks;

   e. executing instructions, transfers, payments, card transactions, foreign exchange transactions and other operations;

   f. managing the client relationship and communicating with clients or relevant persons;

   g. assessing creditworthiness, risk, eligibility, suitability and financial standing;

   h. managing credit facilities, collateral, guarantees, defaults, collections and enforcement actions;

   i. complying with legal, regulatory, tax, accounting, reporting, audit, record-keeping, judicial and supervisory obligations;

   j. responding to requests from regulators, public authorities, courts, tax authorities, law enforcement bodies, the SIC, BDL, the BCCL and other competent authorities in Lebanon or abroad;

   k. protecting Bankmed’s rights, interests, assets, systems, business, clients, service providers, counterparties and employees;

   l. preventing, detecting, investigating and addressing fraud, cybercrime, security incidents, financial crime, suspicious transactions or misuse of Bankmed’s services;

   m. ensuring network, information, system, branch, digital channel, operational and transaction security;

   n. improving Bankmed’s products, services, digital channels, website functionality and customer experience;

   o. conducting analytics, statistical analysis, reporting, service quality monitoring, internal control, business continuity, disaster recovery and risk management;

   p. sending service-related communications, notices, updates and important information;

   q. sending marketing communications, offers, campaigns, invitations or information, where permitted by law or where consent has been obtained when required;

   r. conducting profiling, scoring or automated Processing to support risk management, credit assessment, compliance, marketing customization and/or service improvement, subject to applicable law;

   s. supporting any restructuring, sale, transfer, assignment, merger, acquisition, financing or business transaction involving Bankmed or any of its assets, rights or obligations; and

   t. any other purpose required or permitted by applicable law or reasonably connected with Bankmed’s lawful banking activities.

9. Legal Basis for Processing

   Bankmed may process Personal Data on one or more of the following legal bases, as applicable:

   a. the Processing is necessary for the performance of a contract with the Client or for taking steps prior to entering into such contract;

   b. the Processing is necessary for compliance with legal, regulatory, judicial, tax, accounting or reporting obligations;

   c. the Processing is necessary for the legitimate interests of Bankmed or a third party, provided that such interests are not overridden by applicable legal rights;

   d. the Processing is necessary for the establishment, exercise or defense of legal claims;

   e. the Processing is necessary for reasons of public interest, regulatory compliance, financial crime prevention, AML/CFT requirements, sanctions screening or banking supervision;

   f. the Data Subject has provided consent, where consent is required under applicable law; or

   g. any other legal basis available under applicable laws and regulations.

   Where any declaration, permit, authorization or license is required for a particular Processing activity under applicable law, Bankmed shall address such requirement in accordance with the applicable legal and regulatory procedures.

   Where consent is relied upon, you may withdraw such consent at any time, without affecting the lawfulness of Processing carried out before withdrawal. However, withdrawal of consent may affect Bankmed’s ability to provide certain products, services, channels or functionalities.

10. Sensitive Data

    Bankmed may process Sensitive Data only where permitted under applicable law and where necessary for a lawful purpose.

    Sensitive Data processed by Bankmed may include:

    a. biometric data used for authentication, security or access to certain services;

    b. trade union, syndicate or professional order membership where relevant to a product or service;

    c. information appearing on official identification documents;

    d. data required for legal, regulatory, compliance, AML/CFT, sanctions, judicial or public authority purposes;

    e. data necessary for the establishment, exercise or defense of legal claims; or

    f. any other Sensitive Data which Bankmed is required or permitted to process under applicable law.

    Where consent, declaration, authorization or license is required for the Processing of Sensitive Data, Bankmed shall address such requirement in accordance with applicable law.

11. Minors’ Privacy

    Bankmed’s websites and digital channels are intended for a general audience. Bankmed does not knowingly collect Personal Data from minors through its websites or digital channels without the consent of their parent, guardian or legal representative.

    Should Bankmed become aware that Personal Data has been provided by a minor without the required consent, Bankmed may use such Personal Data only to inform the minor that such consent must be obtained by Bankmed before receiving or Processing such Personal Data.

    This section does not prevent Bankmed from Processing Personal Data relating to minors where permitted under applicable law, including in connection with accounts, products or services made available to minors through their parents, guardians, legal representatives or other authorized persons.

12. Disclosure of Personal Data

    Bankmed may disclose Personal Data to third parties, in Lebanon or abroad, where necessary or permitted for the purposes set out in this Privacy Policy, for the provision of services, for compliance with applicable laws, regulations, judicial or regulatory requirements, or for the protection of Bankmed’s rights and legitimate interests.

    Such third parties may include:

    a. Bankmed’s affiliates, group entities, shareholders, directors, officers and authorized employees;

    b. service providers, outsourcing providers, information technology (“IT”) providers, hosting providers, cybersecurity providers, digital platform providers, archiving providers and other technical partners;

    c. payment processors, card schemes, correspondent banks, intermediary banks, clearing systems, custodians, exchanges and financial market participants;

    d. auditors, lawyers, consultants, professional advisors, valuators, appraisers and experts;

    e. credit reference agencies, credit control agencies, fraud prevention agencies, debt collection agencies and non-performing loan management entities;

    f. insurers, reinsurers, insurance brokers and insurance service providers;

    g. regulators, supervisory authorities, central banks, tax authorities, public authorities, courts, arbitral tribunals, law enforcement agencies, BDL, the BCCL, the SIC and governmental bodies in Lebanon or abroad;

    h. authorities or bodies competent for the purposes of FATCA, CRS and other tax or reporting obligations, where applicable;

    i. guarantors, security providers, account holders, joint account holders, beneficial owners, counterparties, transaction beneficiaries and other persons connected with a transaction or service;

    j. courier companies, notification service providers, communication service providers and electronic communication channels;

    k. marketing agencies, research agencies, analytics providers and website service providers, where permitted by law;

    l. potential or actual purchasers, assignees, transferees, financiers or successors in connection with any restructuring, sale, assignment, transfer, merger, financing or business transaction involving Bankmed or its rights, assets or obligations; and

    m. any other person or entity where disclosure is required or permitted by applicable law, regulation, contract, client authorization, regulatory requirement or judicial order.

    Bankmed shall take reasonable steps, where applicable and appropriate, to require service providers and third parties processing Personal Data on its behalf to maintain confidentiality and security and to process such data only for authorized purposes and in accordance with Bankmed’s instructions and applicable laws and regulations.

13. Banking Secrecy and Confidentiality

    Nothing in this Privacy Policy shall be construed as limiting the application of the Lebanese Banking Secrecy Law or any other confidentiality obligation applicable to Bankmed.

    Personal Data and banking information shall be disclosed only where such disclosure is permitted or required under applicable laws, regulations, contractual arrangements, client authorizations, judicial or regulatory requirements, including requests issued by BDL, the BCCL, the SIC or any other competent authority in accordance with applicable laws and regulations, or other lawful grounds applicable to Bankmed.

14. Cross-Border Transfers

    Personal Data may be transferred to, stored in or processed in jurisdictions outside Lebanon, including jurisdictions that may not provide the same level of data protection as the jurisdiction in which the data was originally collected.

    Such transfers may occur where:

    a. necessary for the provision of banking, payment, card, investment, digital or other services;

    b. necessary for executing instructions, transactions, transfers, letters of credit, letters of guarantee or other operations;

    c. required for compliance with legal, regulatory, tax, AML/CFT requirements, sanctions, FATCA, CRS or reporting obligations;

    d. made to Bankmed affiliates, group entities, service providers, correspondents or professional advisors;

    e. necessary for the establishment, exercise or defense of legal claims;

    f. consent has been obtained where required; or

    g. otherwise permitted under applicable law.

    Where required by applicable law, Bankmed shall implement appropriate safeguards for such transfers, which may include contractual, technical and organizational measures designed to protect Personal Data.

15. Data Retention

    Bankmed shall retain Personal Data for as long as necessary to fulfill the purposes for which it was collected or processed, including for the duration of the banking relationship and thereafter as required or permitted by applicable laws, regulations, contractual obligations, accounting requirements, regulatory requirements, limitation periods, litigation needs, audit requirements and Bankmed’s legitimate interests.

    Bankmed may retain Personal Data for longer periods where required or permitted by banking, AML/CFT requirements, tax, regulatory, judicial, accounting, record-keeping or litigation-related obligations.

    When Personal Data is no longer required, Bankmed may delete, destroy, anonymize or archive it in accordance with applicable law, regulatory requirements and its internal policies.

16. Security and Confidentiality

    Bankmed implements reasonable technical and organizational measures designed to protect Personal Data against unauthorized access, disclosure, alteration, loss, destruction or unlawful Processing.

    Such measures may include, as applicable, access controls, authentication procedures, encryption, firewalls, monitoring tools, secure infrastructure, internal policies, staff training, confidentiality obligations, need-to-know access restrictions and audit controls.

    However, no method of transmission over the internet or electronic storage is completely secure. Bankmed cannot guarantee absolute security against all risks, including unauthorized access, cyberattacks, hacking, phishing, malware, system failures or third-party actions beyond its reasonable control.

    You are responsible for maintaining the confidentiality of your login credentials, passwords, devices and authentication tools and for promptly notifying Bankmed of any suspected unauthorized access or misuse.

    Bankmed may also make available security notices, alerts or guidance relating to online security, phishing, fraud prevention, social engineering or similar risks through its websites, mobile applications, digital channels or other official communication channels.

17. Cookies and Similar Technologies

    Bankmed uses cookies and similar technologies on its websites, mobile applications and digital channels to support website functionality, enhance security, improve performance, analyze usage and provide a better user experience.

    For more information on how Bankmed uses cookies and similar technologies, please refer to Bankmed’s Cookie Policy.

18. Marketing Communications

    Bankmed may process Personal Data to send information about products, services, offers, campaigns, events or updates that may be of interest to you, where permitted by law or where consent has been obtained if required.

    You may object to receiving marketing communications or withdraw your consent at any time through the channels made available by Bankmed or by contacting Bankmed through the contact details set out below, without affecting the lawfulness of any Processing carried out before such withdrawal.

    Even if you opt out of marketing communications, Bankmed may continue to send service-related, regulatory, contractual, security or transactional communications.

19. Automated Processing and Profiling

    Bankmed may use automated Processing or profiling to support certain activities, including risk assessment, credit assessment, account classification, fraud prevention, compliance monitoring, AML/CFT checks, sanctions screening, marketing customization and service improvement.

    Bankmed does not generally rely solely on automated Processing to make decisions that produce legal effects concerning clients or significantly affect them, unless permitted by applicable law. Where applicable, automated Processing is used as a tool to assist Bankmed’s decision-making and internal review processes.

20. Data Subject Rights

    Subject to applicable laws, regulatory requirements, banking secrecy, AML/CFT requirements, tax obligations, record-keeping duties, contractual obligations and Bankmed’s legitimate interests, you may have the right to:

    a. request information about the Personal Data processed by Bankmed, including, where applicable, the purposes of Processing, the categories of Personal Data processed, the source of such Personal Data, the nature of Processing, and the recipients or categories of recipients to whom such Personal Data is disclosed or may be accessed;

    b. access Personal Data relating to you and request a readable copy thereof, where permitted by applicable law;

    c. request correction, completion or updating of inaccurate, incomplete, ambiguous or outdated Personal Data;

    d. request deletion or erasure of Personal Data where permitted by law;

    e. object to certain Processing activities where permitted by law, including, where applicable, information and analyses used in automated Processing relating to you;

    f. request restriction of Processing where applicable;

    g. withdraw consent where Processing is based on consent;

    h. request data portability where applicable and technically feasible; and

    i. submit a complaint or request in relation to the Processing of Personal Data.

    The exercise of these rights may be subject to limitations under applicable law. In particular, Bankmed may be required or permitted to continue Processing or retaining Personal Data for legal, regulatory, AML/CFT requirements, tax, contractual, litigation, audit, record-keeping or legitimate business purposes.

    Bankmed may require verification of identity and additional information before processing any request.

    Bankmed shall review and respond to requests relating to Data Subject rights in accordance with applicable legal and regulatory requirements and Bankmed’s internal procedures.

21. Third-Party Websites

    Bankmed’s websites or digital channels may contain links to third-party websites, platforms or services, including links made available through QR codes or similar access tools. Such third parties have their own privacy policies, cookie policies, security standards and practices.

    Bankmed is not responsible for the privacy practices, content, security or cookie practices of third-party websites, platforms or services, including those accessed through QR codes or similar access tools. You should review the privacy policies, cookie policies and applicable terms of such third parties before using their websites, platforms or services or providing any Personal Data to them.

    Bankmed may maintain official pages or accounts on social media platforms. Any information or content that you submit, post or otherwise make available through such platforms shall be subject to the terms, privacy policies and practices of the relevant social media platform. Bankmed is not responsible for the privacy, security or data processing practices of such platforms.

22. Amendments to this Privacy Policy

    Bankmed may amend, update or supplement this Privacy Policy from time to time to reflect changes in applicable laws, regulatory requirements, technologies, services, internal policies or business practices.

    The updated version shall be published on Bankmed’s website or digital platforms or made available through any other official channel designated by Bankmed, and shall indicate the date of its latest update, where applicable.

    Where required by applicable law or where Bankmed considers that any amendment is material, Bankmed may take appropriate steps to notify Data Subjects through the channels it deems appropriate.

23. Contact Details

    For questions, requests or complaints relating to this Privacy Policy or the Processing of Personal Data, you may contact Bankmed’s through the following channels:

    Bankmed SAL

    Bankmed Center, 482 Clemenceau Street

    P.O. Box 11-348 Riad El-Solh

    Beirut, Lebanon

    Telephone: +961 1 708090 or 1270 from Lebanon

    You may also visit any Bankmed branch or use any other official contact channel made available by Bankmed from time to time.

1. General

   This Cookie Policy explains how Bankmed SAL (“Bankmed”) uses cookies and similar technologies on Bankmed’s websites, digital platforms, mobile applications and electronic channels.

   This Cookie Policy should be read together with Bankmed’s Privacy Policy, which explains how Bankmed collects, uses, discloses, stores, transfers, otherwise processes and protects Personal Data. Capitalized terms not defined in this Cookie Policy shall have the meanings assigned to them in the Privacy Policy.

   Bankmed uses cookies and similar technologies to support the proper functionality, security, performance and improvement of its websites, mobile applications and digital channels, to provide users with a better browsing experience, and to make Bankmed’s websites, mobile applications and digital channels easier, safer and more convenient to use.

   By clicking “I Agree” on Bankmed’s cookie banner, you consent to the use of cookies in accordance with this Cookie Policy, subject to your browser settings and any cookie preferences or management tools made available by Bankmed from time to time. Where certain cookies or similar technologies are strictly necessary for the operation, security or functionality of Bankmed’s websites, mobile applications or digital channels, such cookies or similar technologies may be used without requiring separate consent, to the extent permitted by applicable law.

2. What are Cookies?

   Cookies are small text files placed on your computer, smartphone, tablet or other device when you visit a website or use an online service.

   Cookies allow a website to recognize your device, remember certain information about your visit, support website functionality, improve security, enhance user experience and provide information about how the website or digital channel is used.

   Similar technologies may include pixels, tags, scripts, local storage, device identifiers, software development kits (“SDKs”) or other technologies used for similar purposes.

   Cookies may be set directly by Bankmed or by third parties providing services to Bankmed.

3. Why Bankmed Uses Cookies

   Bankmed may use cookies and similar technologies for the following purposes:

   a. enabling the website, mobile application or digital platform to operate properly;

   b. maintaining security during your visit or session;

   c. validating the integrity of user requests and protecting against unauthorized, fraudulent or malicious activity;

   d. supporting authentication, session management and access control;

   e. remembering cookie preferences or user choices;

   f. improving website performance, functionality and user experience;

   g. understanding how visitors or users navigate and use Bankmed’s websites, mobile applications or digital channels;

   h. identifying technical issues and improving services;

   i. supporting analytics, reporting, service development and website optimization; and

   j. supporting marketing or communication activities, where applicable and permitted by law.

4. Types of Cookies Used by Bankmed

   Bankmed may use the following types of cookies:

   A. Strictly Necessary Cookies

   These cookies are required for the website, mobile application or digital platform to function properly. They may be used for security, session management, authentication, fraud prevention, load balancing, request validation and other essential functions, including to support secure access, maintain session continuity and protect against unauthorized activity.

   Without these cookies, certain services or parts of the website, mobile application or digital channel may not be available, secure or able to function properly.

   B. Functional Cookies

   These cookies allow the website, mobile application or digital channel to remember choices you make and provide enhanced functionality, such as remembering preferences, language settings or other user selections.

   C. Analytics and Performance Cookies

   These cookies help Bankmed understand how visitors use the website, mobile application or digital channel, which pages are visited, how users navigate the website, mobile application or digital channel and whether technical issues occur.

   Bankmed may use analytics tools, including third-party analytics tools, to collect aggregated or statistical information about website, mobile application or digital channel usage. Where possible, such information is used in an anonymized or pseudonymized manner.

   D. Marketing or Advertising Cookies

   Where used, these cookies may help Bankmed provide more relevant content, campaigns, offers or communications and measure the effectiveness of marketing activities.

   Bankmed shall use such cookies in accordance with applicable law and, where required, subject to your consent.

5. Third-Party Cookies

   Some cookies may be set by third parties providing services to Bankmed, such as analytics, security, hosting, content delivery, website performance, digital platform, advertising or other technical service providers.

   Third-party cookies may collect information such as browser type, device information, pages viewed, time spent on the website, mobile application or digital channel, approximate location derived from technical data, language settings and other usage information.

   Bankmed does not control all third-party cookies in the same manner as cookies placed directly by Bankmed. Third-party cookies may also be subject to the privacy and cookie policies of the relevant third parties.

6. Personal Data and Cookies

   Some cookies or similar technologies may collect or be linked to information that may qualify as Personal Data, such as IP address, device identifiers, online identifiers, browser information, login data, security logs, SDK-related technical data, mobile application usage data or other usage data.

   Where cookies involve the Processing of Personal Data, such Processing shall be governed by this Cookie Policy and Bankmed’s Privacy Policy.

7. Managing or Disabling Cookies

   Most internet browsers are set to accept cookies by default. You may change your browser settings to block cookies, delete cookies, receive alerts before cookies are placed, or otherwise manage cookie preferences.

   The method for managing cookies depends on the browser and device you use. You should refer to the settings or help section of your browser for further information. Common browsers and devices may provide different tools for managing cookies, and you may need to manage your cookie settings separately for each browser and device you use.

   Please note that disabling or blocking certain cookies, particularly strictly necessary cookies, may affect the availability, security or functionality of Bankmed’s websites, mobile applications, digital channels or services.

   Where Bankmed provides a cookie preference tool or cookies management section, you may also use that tool to manage your cookie preferences, subject to the technical options made available.

8. Links to Other Websites

   Bankmed’s websites, mobile applications or digital channels may contain links to third-party websites, platforms or services. These third-party websites, platforms or services may use their own cookies and similar technologies.

   Bankmed is not responsible for the privacy, security or cookie practices of third-party websites, platforms or services. You should review the privacy and cookie policies of such third parties before using their websites, platforms or services or providing any information to them.

9. Amendments to this Cookie Policy

   Bankmed may amend, update or supplement this Cookie Policy from time to time to reflect changes in applicable laws, technologies, cookies used, services, website, mobile application or digital channel configuration, or internal policies.

   The updated version shall be published on Bankmed’s website or made available through any other official channel designated by Bankmed, and shall indicate the date of its latest update, where applicable.

10. Contact Details

    For questions relating to this Cookie Policy or Bankmed’s use of cookies, you may contact Bankmed through the following channels:

    Bankmed SAL

    Bankmed Center, 482 Clemenceau Street

    P.O. Box 11-348 Riad El-Solh

    Beirut, Lebanon

    Telephone: +961 1 708090 or 1270 from Lebanon

    You may also visit any Bankmed branch or use any other official contact channel made available by Bankmed from time to time.