Privacy Policy

Bank Privacy Policy Summary

The bank's privacy policy details what uses the bank makes of personal information when using the bank's online services. It's important to us that you know what uses we make or may make of it. We have compiled here a concise summary of the main principles that are detailed more broadly in the policy. This summary is not a substitute for reviewing the complete policy.

 

What Information Do We Collect?

We collect personal information about you that is required by law for the purpose of providing services. Additionally, we collect additional personal information that you have provided or that has been collected about you with your consent. The information we collect also includes technical information about your devices and how you behave in online services, as well as information that is transmitted or created during your use of online services. Your personal information will be stored in Leumi Group's databases.

Important to know: Some information is required by law and without it we cannot provide service, and some is collected only voluntarily and with your consent. If you choose not to provide the required information or do not consent to its collection, you will not be able to join the online services for which the information is required.

 

What Uses May We Make of the Information?

Legal Compliance - meeting regulatory and legal requirements; Service Provision - operating online services and services ancillary or complementary to them; Authentication and Identification - to verify your identity and manage the relationship with you; Risk Management and Decision Making - in relation to you or other parties; Detection and Prevention - of suspicious or illegal activities; Service Improvement - developing and optimizing our services; Sending Messages - sending operational messages, updates and promotions, marketing and direct mail as well as customizing advertisements in online services and other platforms; Information Security - protecting information and our systems.

Important to know: We may use advanced technological tools such as artificial intelligence to process information, subject to law. Information that does not personally identify you may be used by us for any purpose.

 

With Whom Do We Share Information?

Within the Group - other companies in the bank group; Service Providers - companies that provide services in collaboration with us or on our behalf; Our Business Partners; Outsourcing Providers - including cloud service providers in Israel and abroad; Financial Institutions and Payment Providers - for example, other banks, insurance companies, stock exchanges, payment service providers, credit card companies; Additional Parties - such as in cases required by local or foreign law, for essential public interest, protecting our interests, preventing damage, or for legal proceedings.

You agree that providing information to third parties as described in the privacy policy will not constitute a breach of confidentiality obligation.

 

Use of Cookies and Information Collection Technologies

We use information collection technologies like Cookies for various purposes: improving service and personalizing it for users, analysis and performance measurement, and personalized advertising.

You can change the settings of these technologies in your browser or device.

 

Third Parties

We work with third-party information collection technologies such as Google, Meta, and LinkedIn for advertising and performance analysis purposes. We share personal information with them and receive information from them for these purposes. The activity of those entities is subject to their privacy policies and is carried out under their responsibility. We recommend reviewing the privacy policies of these entities.

 

Your Rights

You can review the personal information held about you, request to correct or delete it in certain circumstances, and request to stop receiving marketing messages or direct mail.

Additionally, you are invited to contact the Data Protection Officer at the bank with questions regarding this privacy policy.

 

Device Permissions

If we have requested access permissions to various services on your device, you can cancel them at any time at your discretion.

This is a summary only. It is recommended to read the complete policy. 

 

Bank Leumi Le-Israel Ltd. (the "Bank") respects the privacy of its customers and the users of its services, including users who do not hold an account at the Bank, such as authorized signatories, authorized representatives and beneficiaries (the "User/s"), and places great importance on protecting their privacy.

 

The Bank makes significant efforts to properly safeguard the information provided by and collected about the Users, and takes necessary measures to ensure information security and User privacy.

 

This Privacy Policy specifies how the information about you is collected and processed, as well as the uses of this information incidentally in your use of the digital services offered by the Bank, including the Bank's websites, applications (apps) and other online services (collectively, the "Services" or the "Online Services").

 

This Privacy Policy applies in addition to provisions regarding privacy and the use of information in the Account Terms and Conditions and other privacy-related provisions set forth in the Bank's documents applicable to the User, including with respect to specific activities and services. The provisions of these terms are intended to supplement rather than derogate from the validity of any other agreement between you and the Bank.

 

When logging into or making first use of the Online Services, the Users express explicit consent to the provisions of the Privacy Policy and to the methods of collection, use and transfer of the information as described herein. If the Users do not agree to these terms and conditions, they must immediately refrain from continuing to log into or use the Online Services.

 

  1. Types of Information Collected

     

    1.1 The Bank collects, receives and retains the following types of information regarding Users of the Online Services:

     

    1.1.1 Any technical information made available to the Bank or provided by the Users incidentally to use of the Online Services, including prior to User authentication, and including:

  • Information about the Users’ behavior – such as activity patterns in the Online Services, browsing times, browsing paths, visits to pages and ads before, during and after accessing the Online Services;

  • Information about the Users’ devices – such as IP address, in accordance with the network, computer or mobile device used to access the Online Services (the “Device”), device identifier, browser type and information about geographic location, all regardless of whether the Device or any of its components are on or off, according to the Device settings.

     

    1.1.2 Some of the Online Services require registration, provision and collection of personal information, whether when accessing or using the Services, or upon commencement of and during the term of the engagement with the Bank. The Bank and any third party acting on its behalf and collecting information for it, collect and process personal information knowingly and voluntarily provided by the Users during their use of the Services. The personal information will be collected from the details provided by the Users in the context of contacting the Bank, account opening, loan application or any other process initiated by the Users, or other Services that they chose to receive in the context of their use of the Services, regardless of whether or not the Users have completed entering and submitting the information in the relevant fields. Information defined as “Mandatory” will be marked differently and more prominently than the other fields, and may vary depending on the Service.

     

Such information may include:

  • Personal details – full name, contact information, residential address, identification number, age, date of birth, gender, marital status, bank account details and payment method details, education, occupation and professional experience.
  • Information in the context of performance of various actions and receipt of Services – details of actions performed in the account such as transactions in the account, money transfers and buying and selling of securities, execution of various trading actions such as in securities, bonds and other financial instruments, credit card charges, location data, information provided or generated in the context of communication with the Bank and its systems, including with human and virtual representatives, phone and video calls, recordings, video clips, queries and surveys, images and documents uploaded or approved by the Users digitally, information about actions or forms not completed in the context of the Services, biometric data used for authentication and biometric means enabling the extraction of such biometric data, such as a scanned copy of an identification document and a self-captured image which are required, inter alia, for online account opening or for security purposes, as well as any other information related to the use of the Services.

  • Information in the context of services external to the Bank – at the User’s request, also information collected in the context of use of services external to the Bank, including any information received from such external services through their interface with the Bank’s systems.

     

    1.2 Certain information provided by the Users or collected by the Bank is information that is required by law, in the Bank’s opinion, for the purpose of receiving the Online Services, for example, under the Non-Sufficient Funds Checks Law, 5741-1981, and the Prohibition of Money Laundering Law, 5760-2000. Other data collected by the Bank in the context of the use of the Online Services or related services are voluntarily and consensually provided and collected, and without Users being under any legal obligation to provide such data. However, without the Users’ consent to the provision, collection and processing of such information, it is not possible to register for the Online Services for which the information is required, or to receive these or related services.

     

    1.3 The Users agree that the information they provide to the Bank or that is collected by the Bank will be held in the databases controlled by the Bank group and processed thereby or by any entity on its behalf or therefor, in Israel or abroad, as stated in this Privacy Policy and the Bank’s documents.

     

    1.4 The Users represent and confirm that all the information they have provided is correct, reliable and accurate, and that they are using the Online Services on their own behalf and for themselves only, except in cases where they have been expressly authorized in writing by the Bank to do so.

     

  1. Granting Access and Permissions

     

    2.1 In the context of the use of the Online Services, access permissions may be requested for certain services on the Users’ Device, in order to perform actions in the context of such Services. The Users are not obligated to grant such access for such Services on their Device, and they may revoke / deny such access via their Device. However, doing so may result in the Users’ being unable to benefit from the full scope of Services provided in the context of the Online Services. Below are the permissions that may be required for the Online Services, subject to your consent:

     

    2.1.1 Access to the list of contacts – This permission is requested to enable the User to select, from the list of contacts on their Device, the contacts they wish to add for their initiated requests for the Online Services.

     

    2.1.2 Permission to receive Push Notifications – This permission is requested to enable the User to receive Push Notifications related to important updates, alerts about activity in the account or trading portfolio, alerts related to credit card activity, and to offer the Users various products or services that may be of interest to them, from time to time, based on their preferences or usage of their managed account or of the Online Services, all subject to their rights under any law.

     

    2.1.3 Access to the Device camera – This permission is requested for check deposit and voucher payment services, card load requests, or to enable the User to take photos for a profile picture, photos for money requests from a parent, or photos for savings, when made available.

     

    2.1.4 Access to the photo gallery and storage and memory functionalities on the Device – This permission is requested insofar as the customer wishes to save files, screenshots of transactions or of the Online Services screens, or to enable the User to select images from their photo gallery for profile/background pictures, photos for deposits and various financial instruments, photos for money requests from a parent and photos for savings when made available, or for uploading files from the Device memory at the User’s request.

     

    2.1.5 Access to read SMS messages – This permission is requested for data cleansing and information security, identification and verification of details, and for reading the SMS code automatically sent to the Device.

     

    2.1.6 Access to Identity/Phone/Device ID data – This permission is requested for creating a unique identifier during registration for various services, identification and verification, and security checks. Use of this information is essential for the secure and proper operation of the app and is necessary for the operation of the Services.

     

    2.1.7 Calendar – This permission is requested for the "Snap and Pay" service or for creating reminders for the next bill payment in the Device’s calendar, or for creating reminders to execute trading instructions and various actions in the Online Services.

     

    2.1.8 Device location – This permission is requested for the branch locator service based on the Device’s location, as well as for information security, identification, and User authentication purposes. When a location-based service is active on the User’s Device, the Bank may use information about the User’s location coming from GPS signals, nearby Wi-Fi access points, and cellular antennas, regardless of whether the app is open or closed. The User can disable the location-based service via the Device’s operating system. After disabling this service, we will no longer receive information about the User’s location.

     

    2.1.9 Access to NFC connection – For mobile payment services, if requested and approved by the User.

     

    2.1.10 Access to the list of apps on the Device – Access to this list may be granted solely for the purpose of identifying security risks that might compromise the safety of the User’s use of or access to the Bank’s app.

     

    2.1.11 Access to the microphone – This permission is requested for dictating text when using chat in the app or for executing the User’s voice commands (if made available).

     

    2.1.12 Fingerprint / face recognition – This permission is requested for identification and authentication when a sensitive action is requested in the app, inter alia for information security purposes. The app does not receive the said information, but rather receives an indication from the Device regarding the User’s authentication.

     

    2.1.13 Access to Bluetooth – This permission is requested for information security and User identification purposes.

     

    2.1.14 If the User chooses to use the "Digital Wallet" or "Mobile Payment" services, the User will be asked to authorize the use of the details of credit card/s to be charged within this service, and specifically: the details imprinted on the credit card entered into the service (in whole or in part), the User’s mobile phone number, and an indication from the User’s Device regarding the use of a device PIN, pattern or biometric identification (fingerprint or face recognition), as they choose. The list of the essential components required for this service and for processing the User’s chosen credit card may be updated from time to time. As part of this service, the card details will be transferred, as needed, to third parties that require them for operational purposes to provide the service, in encrypted form, including to credit card companies or secure payment processors. It is hereby clarified that using the mobile payment service may allow third parties (the merchants at which payment is made, the credit card company, payment processors, etc.) to collect and process information about the User’s payment method or other information about the purchase or collection activities requested by the User in the context of the service.

     

  2. Purposes of Use of the Information

     

    3.1 All information provided by the User or information received and collected in the framework of the Services or incidentally to use of the Services will be kept in accordance with the provisions of the Privacy Protection Law, 5741-1981 (the "Privacy Protection Law") and subject to any legal or regulatory obligations or requirements applicable to the Bank.

     

    3.2 The Users confirm and agree that the Bank will use the personal information about them, including through third parties that process information on its behalf at its sole discretion, for the following purposes:

     

    3.2.1 Fulfilling the obligations imposed on the Bank under any law.

     

    3.2.2 Providing the Services, including services the Bank may offer in the future, as well as any related or complementary services.

     

    3.2.3 Managing the relationship with the Users, responding to inquiries and conducting surveys.

     

    3.2.4 Making decisions, whether human or algorithmic, regarding Users or other entities, including decisions about provision of the Services, their scope, the conditions to their receipt, the method of provision and optimization thereof, evaluation, rating and management of risks, compliance with legal obligations (for example, regarding anti-money laundering (AML) and combating the financing of terrorism (CFT)), and the conduct of legal proceedings.

     

    3.2.5 Internal and operational processes of the Bank, including improving workflows and efficiency, enhancing the Services and tailoring them to the Users’ needs and characteristics, purchasing or developing technological services, managing and profiling usage data and information, as well as for generating anonymous, statistical and aggregate data based on personal information, for any purpose, including research and statistics, trend analysis, service development, advertising needs, and the like.

     

    3.2.6 Sending operational messages and alerts, for example regarding actions performed in the Services, by various digital means and inter alia via e-mail, SMS, push notifications, and the like.

     

    3.2.7 Marketing various content, including promotional materials and marketing offers on behalf of the Bank, via any digital means of communication (including SMS, e-mail and push notifications), as well as offering various products or services, by any means of communication, that may be of interest to the User, from time to time, based on profiling of their preferences or usage of the Online Services, all subject to the law.

     

    3.2.8 Generating additional types of information and specifications, including regarding the Users’ areas of interest, personality and preferences, as well as based on their belonging to a certain population group, using the information provided to the Bank and collected about the Users from other sources, in a manner that may be used by the Bank for existing services and additional services it may offer to Users, including for direct mailing purposes.

     

    3.2.9 Personalizing advertisements displayed to the Users while using the Online Services and on other digital platforms across the internet.

     

    3.2.10 Detecting, preventing and handling fraud, misuse or illegal or unauthorized activity in the Services.

     

    3.2.11 Information security and for secure identification and authentication actions.

     

    3.2.12 Handling technical malfunctions and providing technical support.

     

    3.2.13 Conducting legal proceedings.

     

    3.2.14 Complying with the requirements of any law, including foreign law, and in this context responding to orders or requests from a governmental, regulatory or other competent authority (for example, on AML and CFT issues, cross-border risks and sanctions regimes).

     

    3.2.15 Any other purpose permitted by law or as specified in the additional documents of the Bank that apply to the User.

     

    3.3 When the notification service on the User's Device is active, we may send them various notifications related to the app on their Device, to actions performed in the app, important updates, and to offer the User various products or services that may be of interest to them, from time to time, based on their preferences or usage of the managed account or the Online Services, all subject to the User's rights under any law. The User can disable or block the notification service by changing the settings in the Device's operating system.

     

    3.4 It is clarified that the Bank is entitled to use statistical or aggregate information that is not personal and does not identify you for any purpose, including to improve, enhance or streamline the service and related or ancillary services, for research and statistical purposes, as well as for training and developing AI models and applications.

     

    3.5 In the context of the Online Services, for example in order to create and use a personal account, the Users will be required to provide and enter information such as a username and personal password. It is clarified that the Users must keep their username and password strictly confidential, and they undertake not to disclose them or allow their use by others. The Users will be fully and solely responsible for any use made of the Online Services by them, on their behalf, or in their stead, including through the use of their username and password.

     

    3.6 The processing of the personal information as described in this Privacy Policy may be carried out using advanced technological tools, such as systems based on algorithms, AI, machine learning, language analysis, etc., all subject to any law and according to the Bank’s procedures.

     

  3. Transfer of Information to Third Parties

     

    4.1 The Users’ personal information shall not be delivered to third parties without their consent, except as permitted under this Privacy Policy or the other  Bank documents that apply to the Users’ engagement with the Bank. Notwithstanding the foregoing, the Bank or service providers on its behalf may share and transfer personal information about the Users to third parties, from time to time, and inter alia also outside the borders of the State of Israel, in accordance with the purposes of use specified in this Privacy Policy and the Bank’s other documents that apply to the User, pursuant to any law and according to the Bank’s procedures, in the following cases.

     

    4.1.1 Upon obtaining consent from the Users to perform such a transfer.

     

    4.1.2 In the context of or in connection with the provision of the Online Services, including to service providers and vendors who assist in operating the Services or provide them on the Bank’s behalf, including outsourcing service providers, in Israel and abroad and including cloud service providers (including to a dedicated server of the Bank http://sa.bankleumi.co.il), the Bank’s accountants and auditors, as well as to parties involved in the Services, such as other banks, correspondents, credit card companies or issuers of other means of payment, acquirers, aggregators and providers of payment services, payment systems and payment switches (such as Shva, Masav, SWIFT, Zahav and their equivalents), stock exchanges, clearing houses, insurers, insurance agents and other entities that provide credit risk protection. It is clarified that each of the entities listed above may transfer the information to additional third parties pursuant to any law. The processing of information provided to such third parties may be subject to the provisions of foreign law and to the privacy policies of the third parties to which the information is provided.

     

    4.1.3 In the context of the Bank’s collaborations with its business partners, inter alia for the purpose of data cleansing, sending operational, marketing and promotional messages, creating User profiles, etc.

     

    4.1.4 To respond to Users’ support requests,

     

    4.1.5 To enforce this Privacy Policy or the terms of use, including in the context of investigating possible violations of the Privacy Policy or the terms of use.

     

    4.1.6 To detect, prevent or otherwise handle fraud, scams, misuse or security and safety issues, as well as technical problems.

     

    4.1.7 To comply with the requirements of any Israeli or foreign law, including for legal proceedings, orders, including discovery orders or requests of government, regulatory or any other competent authorities, in Israel or abroad, including in relation to AML and CFT, cross-border risks and sanctions regimes.

     

    4.1.8 In any case where the Bank believes that delivery of the information is necessary to prevent harm to the Bank, other Users or third parties.

     

    4.1.9 In the event that the Bank transfers or assigns its business, rights or obligations vis-à-vis the Users, or any part thereof, to a third party, including in the context of business negotiations, and in cases of a transfer of Bank shares, assets, or any part thereof, insofar as the transfer of the information is required for performance of such actions, provided that such third parties assume the provisions specified in this Privacy Policy.

     

    4.1.10 In any case where the information is transferred to corporations included in the Bank group.

     

    4.1.11 For conducting legal proceedings and enforcing this Privacy Policy or the provisions of the terms of use or the legal aspects applicable to the Online Services, including in the context of investigating possible violations of the Privacy Policy or the terms of use and the legal aspects as aforesaid.

     

    4.1.12 To comply with the requirements of any law.

     

    4.2 Without derogating from the uses specified above, the Bank is entitled to and may provide statistical or aggregate information that is not personal and does not identify the User to third parties for any purpose, and inter alia in order to improve, enhance or streamline the service and related or ancillary services, as well as to tailor content to the User's needs and preferences.

     

    4.3 In addition, if the User uses the Online Services to carry out a transfer, the User is aware that the Bank may provide the User's details to the recipient to whom the transfer is requested.

     

    4.4 The Users agree and confirm that delivery of information to third parties as stated in this Privacy Policy shall not constitute a breach of the duty of confidentiality imposed on the Bank by any law.

     

  4. Use by Minors

    The Services are primarily intended for Users over the age of 18. If a particular service is made available to Users under the age of 18, such Users must obtain the consent of one of their parents or their legal guardian prior to using the Services and providing personal details in the context thereof. The Bank is entitled to and may employ security measures and automated software to profile User data in order to authenticate or verify the identity of Users of its various Online Services and to prevent fraud, scams and impersonation.

     

  5. Cookies and Other Data Collection Technologies

     

    6.1 The Bank may use or operate software that collects or profiles information, including personal information, regarding all of the User’s activity vis-à-vis the Bank in the Online Services, and analyzes it to streamline the provision of the Bank’s services and to better tailor the Services to the User’s needs or characteristics. The User’s use of the Services constitutes consent to the collection and processing of such information.

     

    6.2 The Bank utilizes various software and technologies which are based, inter alia, on cookies, tags, pixels, web beacons and other storage technologies (collectively, “Cookies”). Cookies are essentially text files (or lines of code) created in the browser or mobile device, provided the User has enabled this in the device/computer settings, and collect relevant information, such as the time the User spends on a site/page/screen, the User’s browsing behavior and the actions performed, including use of the IP address, domain name and access point to the service, device location, login times and other digital identification codes.

     

    6.3 The Bank uses Cookies and similar technologies for a variety of purposes related to improving the service and personalizing it for Users. These purposes include: information security and protecting access to information about the User; preventing fraud, impersonation, unauthorized use or misuse of the Bank’s various services; collecting and receiving information in the Online Services; displaying and providing targeted information in the Online Services or on other platforms; the ongoing operation of the Online Services; verifying the User’s details and identity; collecting and profiling various statistical data about the User and about how the Online Services are used, actions performed and usage preferences; measurement, segmentation and targeted advertising services, including for the exclusion of irrelevant content by the Bank or subsidiaries in the Bank group on advertising platforms and other websites; tailoring services and products to the User’s personal needs or preferences; tailoring and targeting advertisements and marketing content according to the information and data collected and processed as aforesaid; cross-referencing all such data with other uses made by the User of different Online Services and on other platforms provided by or through the Bank, whether direct actions vis-à-vis the Bank at branches, in the context of management of the User’s accounts, or with other online and digital activities of the User through other Online Services of the Bank, including for the purpose of making financial, business and other decisions regarding the provision and scope of various services for the User.

     

    6.4 In this context, Cookies originating from third parties may be used, including Google services (Ads, Google DV, Google Analytics, Search Console, reCAPTCHA), AppsFlyer, Firebase, Meta and Facebook Pixels LinkedIn, Taboola, Outbrain, and information may be transferred to other statistical and advertising services of the said entities, in accordance with their terms of use and privacy, inter alia for profiling and monitoring Events, targeting advertisements to Users and audiences, or for the exclusion of irrelevant content by the Bank or subsidiaries in the Bank group on advertising platforms and other websites, for performing actions in the Online Services and identifying usage patterns.

     

    6.5 The User is aware that the activity of third parties, as stated above, is also carried out for their own purposes, as independent controllers of databases, and is subject to such parties’ privacy policies, and is the responsibility of such parties. The Bank is not responsible for the collection and processing of the personal information about the Users that is carried out by these third parties. We recommend reviewing the privacy policies of the third parties to learn how they use tracking technologies, and the information collected through them, as well as the options they offer for managing the Cookies they create or use.

     

    6.6 For more information about the use of relevant Cookies, visit:

    http://www.google.com/policies/technologies/types

    or https://www.google.com/policies/privacy

    www.facebook.com/policies/cookies

    https://www.appsflyer.com/product/data-privacy

    https://www.linkedin.com/legal/cookie-policy

    https://policies.taboola.com/en/privacy-policy

    and https://www.outbrain.com/privacy/cookies

     

    6.7 If you wish to opt out of the use of these or similar tools, or to delete the Cookies that are stored on your Device on an ongoing basis, you can do so manually via your browser/device settings, or use readily available automated tools that will perform the requested removals for you according to your choice, such as: http://www.aboutads.info/choices or https://youradchoices.com/control.

     

    You can also edit your preferences regarding Google tools and services at: https://tools.google.com/dlpage/gaoptout and also: https://adssettings.google.com, in which case, certain Services, in whole or in part, may not function properly (for example, automatic recognition, usage or language preferences may not be saved).

     

    6.8 As stated above, as part of improving the Bank’s marketing activities, the Bank utilizes, inter alia, Google services, when you have logged into your Google account and allowed it to share connection and access data, ad and content personalization (Google Ads Personalization), including ad performance measurement services. For these services only, the Bank may verify, vis-à-vis Google, access and usage data and other information about you that you choose to provide, such as your e-mail address or phone number, which will be used solely for identifying your details and personalizing the ads you may see. By using the Bank’s Online Services, you agree to such use for the provision of the services stated above, including ad performance measurement services.

     

    6.9 To review and obtain information about Google’s services, visit: https://support.google.com/websearch/answer/54068.
    To manage or opt out of the services, visit: https://myactivity.google.com/.

     

    6.10 You agree that the Bank shall share the Users’ personal information with third parties that provide services as stated in this section and shall also receive personal information about the Users from them.

     

  6. Direct Mailing and Marketing Mail

     

    7.1 If the Users have shown an interest in or registered for the Bank’s services, including in the context of the Online Services, or if the Users have agreed to receive marketing mail from the Bank via one of its Online Services, as the case may be, the Bank or anyone on its behalf may send such Users marketing and promotional information, including updates, offers, benefits, promotions, etc., by various digital means, including e-mail, various instant messaging applications (such as chat, WhatsApp and SMS messages). If the Users do not wish to receive such mailings, they may opt out at any time within the mailing itself and may also request to be removed from the mailing list by accessing “Contact Us” on the Leumi website: https://www.leumi.co.il.

     

    7.2 The Bank may send direct mailings (within the meaning thereof in the Privacy Protection Law) by electronic and other means, based on the Bank’s databases. As part of the direct mailing activities, the Users agree that the Bank may contact them in personalized communications, based on their affiliation with a group with certain characteristics and based on segmentation and profiling actions carried out by the Bank based on the information retained by it as stated above. The content of the direct mailings may include advertisements, value propositions and additional content of the Bank and its business partners, at the Bank’s discretion.

     

    7.3 You may, at any time, request to stop receiving direct mailings from the Bank, including a request that information about you not be used for such activities in relation to certain entities or for specific purposes. To this end, the User may contact the Bank and request to no longer receive such personalized communications by accessing “Contact Us” on the Leumi website: https://www.leumi.co.il.

     

  7. Information Security

     

    8.1 Efforts have been made in the Online Services to maintain information security, including through technological systems and mechanisms designed to help in protecting against information leaks, unauthorized access and use, as well as against the transfer, exposure, copying and deletion of information. However, while these efforts reduce the existing risks, it cannot be guaranteed that the Online Services will be completely immune to such actions, and there shall be no liability for any resulting damage caused to Users or anyone on their behalf.

     

    8.2 You are aware that there is always a certain risk associated with services based on information processing, especially when information is transmitted over the internet, and you agree to the provision and collection of the information in accordance with the provisions of the Privacy Policy and the law, and you assume the risk of information security incidents that impact the confidentiality, integrity or availability of such information.

     

  8. Other Platforms

     

    9.1 When using the Services, links may appear to external pages, websites, platforms or apps (“External Pages”), for example in the form of advertisements, banners, links, etc. The use of External Pages is subject to the terms of the privacy policies of the External Pages. It is clarified that the Bank has no control over the terms of the privacy policies of External Pages, how they are operated or the consequences and risks associated with their use, and full responsibility for use of External Pages lies with the User. It is recommended to review and read the privacy policies of these sites before using them. For example, for details regarding Facebook’s policy, visit: https://www.facebook.com/policy.php.

     

    9.2 In addition, Users may be able to use products or services of third parties, which are displayed and/or accessible through the Online Services. The use of such products or services is at your sole responsibility and is subject to the privacy policies and terms of use of the operators of such products / services. Accordingly, we recommend reviewing Google’s privacy policy regarding its map or location services at www.google.com/policies/privacy if you choose to use these services via the app.

     

    9.3 For your information, the Bank may use URL shortening services (links) when providing access to services or if messages are sent to the User on behalf of the Bank, including links to other pages or service screens within the Online Services. These links may be operated by third parties which provide the Bank with analysis services and which log the details of your access to such links on behalf of the Bank.

     

  9. Collection and Provision of Financial Information in the Context of Financial Information Services – Open Banking

     

    Under the Financial Information Services Law, 5782-2021 (the “Financial Information Law”), financial information may be received or transferred to authorized entities listed in the Financial Information Law, only at your request and with your consent. Therefore.

     

    10.1 According to your request, the authorization you give to the Bank as a service provider and the type of service you choose, the Bank will be entitled to use the information and provide you with financial offers and services such as consolidating financial information, offering financial products or services, giving advice on financial conduct, and other services listed in the Financial Information Law.

     

    10.2 In addition, with your consent, the Bank may use the information it has received for statistical purposes for all of its customers, which will be presented regarding them in a non-personal and non-identifiable manner. We note that any information received will not be transferred to any other entity without your explicit consent, for example, for the purpose of providing an offer from another financial entity to engage with you, whether through brokerage or directly.

     

    10.3 According to the Financial Information Law, the Bank also serves as an information source and will allow access permission, according to a request submitted and approved by you, to a third party authorized under the Financial Information Law and, at your discretion, may transfer information on issues such as checking accounts, debit cards, credit, savings and securities.

     

    10.4 The Bank will display for you the data and effective access permissions at any time, through the relevant channels.

     

    10.5 Should you wish to revoke or limit the access permission or your consent to transfer financial information or your consent to the use of information, the Bank will allow you to do so at any time, through the standard channels.

     

    10.6 The manner of storing the information  described in Section 27(c)(1) of the Financial Information Law, which was received from an authorized entity listed in this Law, will be managed and held in a dedicated database separate from the database used by the Bank for its other activities. In addition, any personal information received under the Financial Information Law will be deleted and will only be held in accordance with the requirements and conditions in the Financial Information Law and according to the relevant regulation.

     

    10.7 It is clarified that you are not obligated to provide information under the Financial Information Law or to grant these permissions by law, and their provision depends solely on your  free will and consent. If you choose not to provide or grant such permissions, the Bank will be unable to provide services regulated by the Financial Information Law, including open banking services.

     

  10. The Users’ Rights

     

    11.1 Under the Privacy Protection Law, the Users are entitled to review personal information collected about them in the context of the use of the Online Services and which is stored in the Bank’s databases, as well as to request that the Bank correct this information in certain circumstances. To exercise these rights, the Bank may be contacted at: Privacy.Requests@BankLeumi.co.il.

     

    11.2 If personal information is transferred to the Bank by third parties located in the European Economic Area (EEA), the Users are entitled to request to review, correct or delete such personal information, insofar as the Bank is obligated to do so by any law and subject to the Privacy Protection Regulations (Instructions regarding Data Transferred to Israel from the European Economic Area), 5783-2023.

     

  11. Changes to the Privacy Policy

     

    12.1 The provisions of this Privacy Policy may change from time to time, inter alia to reflect technological, business, legal or regulatory changes. It is clarified that if any material changes are made to the provisions regarding the use of personal information provided or collected about the Users in the context of the Online Services, notice thereof will be posted on the appropriate platform in the Online Services or in this Privacy Policy. Use of the Online Services after the changes are made as aforesaid will attest to the Users’ consent to such changes. It is therefore recommended to review this Privacy Policy from time to time.

     

    12.2 In any case of a question or request, or if you believe that your privacy has been violated in any way, you may contact the Bank’s Data Protection Officer with questions regarding the provisions of this section and the other privacy policy documents, at: Privacy.Leumi@BankLeumi.co.il.

     

This document constitutes a translation of the original Hebrew version. In the event of any discrepancy between the versions, the Hebrew version shall prevail.