Data security:

At á, we are aware of the need to safeguard the flow of information between the Bank and our customers. We make every possible effort to safeguard the confidentiality of the communications between the Bank and our customers.

Remember that á will never ask you for your user name or password by email or by telephone. Your passcodes are secret and should be known only by you.

If you receive a message in this regard, please do not provide any information and contact á immediately by calling .

Confidentiality and integrity:

  • Of user credentials:
    • User passcodes are irreversibly encrypted and stored in specialised identity management systems so that they cannot be deciphered by anyone.
    • The á e-banking operating procedures do not require anyone within the institution to have access to the customers’ log-in details. This means that your details will not be disclosed to any employee, nor will you be requested to disclose them at any time.
  • Of communications:
    • Transactional services operate on a secure server that uses the SSL (Secure Socket Layer) protocol, which is activated when the customer logs on. The secure server establishes a secure connection, encrypting the information using algorithms and transmitting it in such a way that it is only intelligible to the customer's computer and the Bank’s server. Therefore, the use of the SSL protocol ensures that:
      • The customer’s data is shared only with á's data centre and no one else trying to impersonate the Bank.
      • The information transmitted between the customer’s device and the á data center is encrypted to prevent access or manipulation by unauthorised third parties.
  • Of the information:
    • The information stored in the Bank’s internal systems and databases is protected by various security systems and can only be accessed by authorised employees.
    • á has an automated system for managing access privileges to the information, which guarantees that access is controlled and restricted to authorised personnel only.

Traceability of transactions: transactions are reflected in the automated records of operations. These records show the transaction performed, the date and time and the user who performed it, all of which allows us to confirm the validity of the recorded operations.

Information on last connection:

  • The first time a user logs on, a Welcome Screen will appear with an explanation of the online environment.
  • Next time you log in, the e-banking service will show you the date and time of your last connection.

Automatic session logout: as an additional security measure, after 30 minutes of inactivity in the e-banking service, your session will be closed and you will be logged out of the system.

Before entering your data, always ensure you are on a secure site. Remember to follow these safety guidelines whenever you are asked for personal data on the Internet:

  1. Verify that the connection is being made through a secure server by checking one or more of the following aspects:
    • Verify that the connection is being made through a secure server by checking one or more of the following aspects:
    • The address of the secure server (URL) should begin with https rather than the usual http.
  2. Check the security certificates for the secure site you are on:
    • To do so, click on the padlock that appears in the upper left corner when you log onto a secure site. Check the expiration date and the validity of the domain name. The detailed information that appears should include the issuer, how long the certificate is good for and the company in whose name it was issued.

Protecting your user credentials:

  • Your á log-in and e-banking details are personal, non-transferable and confidential, and therefore you are required to safeguard them. Your details are stored in á systems and encrypted using an algorithm. They are not disclosed to anyone.
  • Do not reveal your password to anyone, under any circumstances, and do not use them anywhere but in the á.
  • Choose passwords that are hard to guess. We also recommend you change your password periodically.
  • Be wary of sites that ask for personal data, except in relation to the provision of a service you have requested.
  • If you receive a message requesting your username/password, do not provide any information and contact the Customer Service Department of á immediately.

Physical security at data centres:

The data centres of á are equipped with strict security measures for the protection of data processing systems. These measures include the following, among others:

  • Restricted access to data centres.
  • Individualised control of access to the site and the different data rooms which are equipped with hazard detection systems.
  • Round-the-clock security guards and video surveillance of the interior and exterior of the facility.
  • Special detection and protection systems in the event of intrusion, fire, flood, black-out and other catastrophic events.

Also, with two fully operational data centres, á guarantees that the information is protected and can be recovered, should it be necessary.

Above all, remember:

á will never request your personal information by email. If you receive such a message, please do not provide any information and contact á immediately.