WHAT ARE YOU LOOKING FOR?
Website Privacy Notice 2026

1    Introduction


1.1    At MauBank Ltd (“MauBank”, “we”, “us” or “our”), we are committed to safeguarding your personal data and take your privacy seriously by ensuring that your personal data is processed lawfully, fairly, and transparently. This Privacy Notice explains how we process your personal data in accordance with the Mauritius Data Protection Act 2017 (hereafter referred to as “MDPA”) and applies when we act as a data controller for the personal data of our website visitors and physical site visitors. We encourage you reading this Privacy Notice so that you understand our approach towards the processing of your personal data.


1.2    MauBank’s website may contain links to third-party websites that are not covered by this Privacy Notice. We therefore ask you to review the privacy statements of other websites and applications to understand their information practices.


2    Personal Data We Collect


2.1    We may collect your personal data in the following ways: 
a.    Directly from you, for example when you:
i.    Use our Website;
ii.    Visit our Premises;
b.    When it is available publicly for e.g. depending on your privacy settings for social media services, we may access information from those accounts or services (for example when you choose to interact with us through platforms such as Facebook, Instagram or LinkedIn) or on your website.


2.2    The types of personal data that we may process are detailed below:


2.2.1    Website Users
i.    We Process your personal data for the following purposes: 
•    To Provide Access to Website Features and Services
ii.    The types of personal data for the aforementioned purposes are listed below: 
•    IT information: IP addresses, browser type and version, access time and length of access, page views, user activity and website usage in log files


2.2.2    Physical Site Visitors
i.    We Process your personal data for the following purposes: 
•    For Logbook keeping and Record Maintenance  
•    For For Security Monitoring through CCTV Surveillance 
ii.    The types of personal data for the aforementioned purposes are listed below: 
•    Contact details: Name
•    Identification details: Signature 
•    Video Surveillance: CCTV Footage 


2.3    In addition to the above-mentioned specific purposes, we may also process any of your personal data where such processing is necessary for compliance with legal and regulatory requirements which apply to us, or when it is otherwise allowed by law, or when it is in connection with legal proceedings. 


3    Legal Basis For Processing your Personal Data 


3.1    MauBank processes your personal data on the following legal bases: 
•    Contractual Necessity: Processing is necessary for the performance of your contract with MauBank.
•    Legal Obligations: Processing is necessary for compliance with the legal obligations we are subject to.
•    Legitimate interests: Processing is necessary for our legitimate interests for promoting organisational accountability, protecting MauBank against risks and ensuring a proper and effective administration of the organisation.


4    Obligatory and Voluntary Information 


4.1    To effectively engage in business transactions and fulfil our contractual obligations, certain information is mandatory for you to provide. These mandatory information includes but is not limited to, your name and contact information. Failure to provide this obligatory information may impact your contractual relationship, accessing member-exclusive content on the website, or receiving benefits.  
4.2    If you choose to provide more information beyond what is required, we will evaluate its necessity for our purposes. If it is determined to be unnecessary, we will promptly delete it to ensure the protection of your privacy. 


5    Who has access to your personal data? 


5.1    Access to your personal data within MauBank  
5.1.1    Employees who may have access to your personal data are required to keep that data confidential. 
5.2    Access to your personal data by third parties 
5.2.1    We may need to share your personal data with third parties which assist us in fulfilling our responsibilities regarding the purposes listed above. The sharing or disclosure of personal data is done on a need-to-know basis and under clear contractual terms and instructions. These services include, but are not limited to security service provider. 
5.2.2    We are also required to disclose your personal data where processing is necessary for us to comply with our legal obligation, including responding to legal processes or lawful requests or where:
a.    We have a duty or a right to disclose in terms of law or for national security and/or law enforcement purposes;
b.    We believe it is necessary to protect our rights; 
c.    We need to protect the rights, property or personal safety of any member of the public or a customer of our company or the interests of our company;
d.    You have given your consent.
5.2.3    We require our service providers and other third parties to keep your personal data confidential and that they only use the personal data in furtherance of the specific purpose for which it was disclosed. We have agreements in place with our processors to ensure that they comply with these privacy terms.


6    Personal Data Security 


6.1    We prioritise the security of your personal data and take appropriate technical and organisational measures to protect it from unauthorised access, disclosure, alteration, or destruction. We employ a combination of physical, administrative, and technological safeguards to ensure the confidentiality, integrity, and availability of your data. Here are some of the security measures we have implemented: Access controls, secure storage and incident response amongst others.
6.2    In the event there is a personal data breach at MauBank involving your personal data, we will handle same as per our Data Breach Response Plan to minimise the effects of the breach and ensure that the rights and freedoms of our concerned stakeholders are maintained. 


7    Data Retention


7.1    We collect and process personal data for specific purposes and will retain it only as long as necessary to fulfil those purposes unless required for legitimate business or legal reasons. Generally, we will retain your personal data for a maximum of ten (10) years upon the termination of the business relationship between MauBank and you with the exception of: 
•    CCTV footage which will be retained for ninety (90) days

 

8    Transfer of Personal Data outside Mauritius


8.1    In cases where your personal data are transferred to and processed outside Mauritius, we will ensure that such transfer is compliant with the provisions stipulated in the MDPA. If your personal data is transferred to a country that does not provide an adequate level of protection, we will implement appropriate safeguards, such as contractual clauses, to protect your personal data.


9    Your Rights 


9.1    As a data subject, you have certain rights regarding your personal data as detailed below and we are committed to facilitating the exercise of these rights: 
•    Right of Access: You have the right to request access to the personal data we hold about you. This includes the right to obtain confirmation of whether we process your personal data and to receive a copy of that information.
•    Right to Rectification: If you believe that the personal data, we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it.
•    Right to Erasure: In certain circumstances, you may have the right to request the erasure of your personal data. This includes situations where your personal information is no longer necessary for the purposes for which it was collected, or you withdraw your consent and there is no other legal basis for processing.
•    Right to Restriction of Processing: You have the right to request the restriction of the processing of your personal data under certain conditions. This means we will temporarily suspend the processing of your personal data, such as when you contest its accuracy or when you object to the processing.
•    Right to Data Portability: You may have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another data controller.

•    Right to Object: You have the right to object to the processing of your personal data for certain reasons, such as direct marketing or legitimate interests. If you exercise this right, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
•    Right to Withdraw Consent: If we rely on your consent as the legal basis for processing your personal data, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
9.2    To exercise your right as a data subject, you are requested to fill out the Data Subject Rights Request Form (DSRR), available on our website at the following link https://www.maubank.mu/ or send an email to the DPO. 
9.3    You are asked to send your request with all required information, including:
•    The request type – For example, are you requesting a copy of your information, the deletion or modification of your personal data; and  
•    All relevant information which can help to successfully respond to your request.


10    Your Responsibilities 


10.1    You are responsible for the data you provide or make available to us, and you must ensure it is honest, truthful, accurate and not misleading in any way. You must ensure that the data provided does not contain material that is obscene, defamatory, or infringing on any rights of any third party, does not contain malicious code, and is not otherwise legally actionable.
10.2    Further, if you provide any data concerning any other person, such as individuals you provide as references, you are responsible for providing any notices and obtaining any consent necessary for us to collect and use that data as described in this notice.

11    Queries and Complaints  

11.1    If you have any questions or concerns about your personal data processing or wish to exercise your rights, you should contact our DPO as detailed in Section 12. When contacting the DPO, you are requested to provide a clear and detailed description of your concerns.  This will help us understand the issue and take the appropriate action.
11.2    We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of your personal data in accordance with this Notice and provide you with a timely and appropriate response, typically within thirty (30) days. If additional time is required, we will inform you accordingly. 
11.3    If you believe we have not handled your response appropriately, you may submit a complaint to the Data Protection Office in Mauritius.


12    Contact Us


12.1    For inquiries or to exercise your data protection rights, contact our Data Protection Officer as follows:
Email: dpo@maubank.mu  
Phone Number: (+230) 4059400
Address: 25 Bank Street, Ebene Cyber City, Mauritius 


13    Changes to this Notice 


13.1    We may update this Notice from time to time to reflect best practices in data management, security and control and to ensure compliance with any changes or amendments made to the MDPA and any laws or regulations thereof. We encourage you to review this notice periodically to stay informed about how we protect and use your personal data.