Our Privacy Policy

Our Privacy Policy

For BANCO INTERNACIONAL DE COSTA RICA, S.A. and Subsidiaries (“BICSA” or “us”), the protection of your personal data is extremely important. We are committed to ensuring the protection and security of personal data (as detailed in this document) that our customers and suppliers entrust to us or that we obtain in the course of our business relationship.

In this Privacy Policy, the term “personal data” refers to our customers’ personally identifiable information that we obtain in connection with the banking products and services we provide to them or, in the case of our suppliers, the products and services they provide to us. For the purposes of this Privacy Policy, personal data will not be considered to be data obtained from public sources of information, nor anonymized information, for historical, statistical or scientific purposes.
Among the banking products and services that we provide directly to our clients are the following:

  • Deposit accounts
  • Loans
  • Credit Cards
  • Economic, financial or investment advice
  • Electronic Banking (including Mobile Banking and Internet Banking)

This Privacy Policy also applies to personal data received from candidates who apply for job vacancies with us, as described below.

This Privacy Policy is governed by Law 81 of 2019, Executive Decree 285 of 2021, its eventual amendments and related Banking Agreements.

Banco Internacional de Costa Rica, S.A., with registered office for its main offices at BICSA Financial Center tower, 50th Floor, Aquilino de La Guardia street and Balboa Avenue, Panama City, Republic of Panama, acting on its own behalf and on behalf of its Subsidiaries, listed below, is the Controller of the processing of your personal data:

  • BICSA Factoring, S. A.
  • BICSA Capital, S. A.
  • BICSA Leasing, S. A.
  • BICSA Fiduciaria, S. A.

e-mail address: seguridadyprivacidad@bicsa.com.

We obtain data about you from the following sources:

Source Examples
Information we receive from you on applications and other forms. Contact details, demographic data and details of income and financial situation, among others.
Information about transactions made with us. Details of source and destination accounts, amounts, date and time of the transaction, authorized signatures, among others.
Information about your transactions with nonaffiliated third parties. Details of source and destination accounts, amounts, date and time of the transaction, authorized signatures, among others.
Information from public institutions and credit reporting, due diligence and tax agencies such as APC, Tribunal Electoral and Equifax, among others. Credit and criminal history, immigration and employment status, among others.
Information about your use of Electronic Banking. User-id, e-mail address, IP address, browser identifiers, device and session (date/time/duration), location, biometric data for multifactor authentication.
Information to apply for job openings at BICSA. Contact data, demographic data, resume, educational, professional and criminal history, personal and professional references, among others.

On our website we use the technology called “cookies” to improve the experience of our users. When you access BICSA’s website, you will be presented with a small box that allows you to choose the cookies you wish to accept, from those that are strictly necessary to those that are optional. The following is a description of the cookies used on our website:
Strictly necessary:

Cookie Name Provider Type Purpose Description Expiry
_grecaptcha Bicsa.com HTML This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. Persistente
_GRECAPTCHA Google.com HTTP This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. 179 days
ARRAffinity Bicsa.com HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
ARRAffinity s11wa004-
qa.azurewebs
ites.net
HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
ARRAffinitySam
eSite
Bicsa.com HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
ARRAffinitySam
eSite
s11wa004-
qa.azurewebs
ites.net
HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
incap_ses_# Bicsa.com HTTP Preserves users states across page requests. Session
nlbi_# Bicsa.com HTTP Used to ensure website security and fraud detection. Session
rc::a Google.com HTML This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. Persistent
rc::b Google.com HTML This cookie is used to distinguish between humans and bots. Session
rc::c Google.com HTML This cookie is used to distinguish between humans and bots. Session
rc::d-15# Google.com HTML This cookie is used to distinguish between humans and bots. Persistent
visid_incap_# Bicsa.com HTTP Preserves users states across page requests. 1 year
_ga Bicsa.com HTTP Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 year
_gat Bicsa.com HTTP Used by Google Analytics to throttle request rate. 1 day
_gid Bicsa.com HTTP Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 1 day

Optional:

Cookie Name Provider Type Purpose Description Expiry
___utmvc Bicsa.com HTTP Collects information on user behaviour on multiple websites. This information is used in order to optimize the relevance of advertisement on the website. 1 day

Through the means that we have enabled for these purposes, you give your consent to be contacted by e-mail, SMS, or any other equivalent means of electronic communication, to send you commercial, marketing and/or advertising communications.

However, if at any time you do not wish to receive further communications of this nature, you may revoke your consent by sending a notification to the following e-mail address seguridadyprivacidad@bicsa.com, providing a copy of your identity document, or by using the link provided for this purpose in the commercial communications you receive.

Once you unsubscribe from marketing communications, we may continue to send you operational and transactional communications, such as those related to customer service, fraud detection and prevention, and activities related to the products and services you maintain with us.

Pursuant to the authorizations and consents granted by you, the personal data collected is used to provide you with our products and services. This includes pre- and ongoing due diligence, fraud detection and prevention, identity verification, transaction and transaction processing, customer service, product and service related surveys, collection, analysis and research, enhancements to our products and services, and transactional and marketing communications.
In addition, if you apply for job vacancies with us, we will use your personal data to contact you, verify your eligibility for the vacancy applied for and, if you are hired, prepare your employee file. The personal data of applicants on their resumes submitted but not hired will remain for future job vacancies with us.

We limit Access to your personal data and findientcial information to those employees, subsidiaries, affiliated companies and suppliers who require the information to provide our products and services. We maintain the administrative, organizational and technical controls established by law for the protection of personal data, and we also contractually require our suppliers to do the same. For more information, please contact our Data Protection Officer at seguridadyprivacidad@bicsa.com.

We will not disclose any personal data or confidential information about you without your consent or as permitted by law.

Depending on the producto or service you maintain with us, the retention period of your data may vary. Unless otherwise provided by law, we will retain your personal data for a period of seven (7) years after the end of the business relationship.

Rigth Content
Access Consultation of personal data included in our files.
Rectification Modification of your personal data when it is inaccurate.
Cancellation Request that we delete your personal data.
Opposition Request that your personal data not be processed.
Portability Obtain a copy of your personal data.

You may exercise your rights by visiting any BICSA branch, or by writing to our Data Protection Officer at seguridadyprivacidad@bicsa.com. Remember to accompany your request with a copy of your identity document.

Likewise, you may file a complaint with the Superintendency of Banks of Panama, in case you are not satisfied with the attention given to your request to exercise your rights.

Please note that, in cases where you have provided us with your personal data for the contracting of banking products and services, the exercise of your rights may affect our ability to provide you with such products and services.

We update our Privacy Policy annually, or more frequently if there is a legal requirement or organizational change that warrants it.


Last update: May 26, 2022.

Help

REPORT THE FRAUD

If you should have a question about or suspect being the victim of fraud, do not hesitate in contacting your relationship officer or the Customer Service Department at 800-800-24272, (507)208-9500

email: servicioalcliente@bicsa.com / customerservice@bicsa.com

For credit card reporting, contact the lines with 24-hour service: US and Canada +1-800-396-9665 Other countries: +507-303-2189.

Common Frauds

Common Frauds

Social engineering is a psychological manipulation of people to perform actions or disclose confidential information. The attackers focus on creating a good pretext, or an invented scenario, that they can use to try to steal the personal information of their victims. Social engineering can occur in person-to-person conversations, telephone conversations, email exchanges or social media promotions.

We recommend that you never disclose and / or share your confidential information. Remember that BICSA will never ask you by phone or email or social networks; the information regarding your password, user, token or your confidential information.

The objective of Phishing or identity fraud is to acquire confidential information in a fraudulent manner. It commonly begins with the receipt of a phony email that takes the person to a clone of a legitimate website, in this way allowing for the disclosure of personal and confidential information that is then used to commit fraud.

You can identify this type of email as follows:

  • The email urgently asks for confidential information about your bank accounts or online baking access information.

  • The email could be about a special deal or to inform you that you have won a prize and asks you to input personal information.

  • The body or subject line of the email may contain obvious and numerous spelling errors.

We recommend that you never provide confidential information through email. To gain access to BICSA’s e-Banking, type in www.bicsa.com into your browser’s address bar.

Pharming is a type of cyber-fraud that commonly occurs when the computer is infected with a harmful “trojan horse” program or virus that takes it to a false website, with the objective of stealing the victim’s confidential information. This type of fraud occurs when downloading images or programs linked to a fraudulent email, or when downloading files or images from internet pages belonging to unknown sources.

It is an online crime that usually occurs when a user’s computer is infected by a malicious program termed a “trojan horse or virus” that takes the user from a bank’s website to a fraudulent website to steal confidential information and allow for the commission of fraud.

We recommend that you do not download files or images from unknown sources on the internet and to keep your computer’s anti-virus software updated.

Malware is a software designed to interfere with the normal operation of a computer and usually its user does not realize what is happening because it runs in hidden mode. Malware is short for (Malicious Software).
Among the symptoms that can show the presence of malware on your computer are:

  • Slow speeds of the computer or web browser.

  • Strange files or programs, or desktop icons appear.

  • Programs that run, shut down or reconfigure themselves.

  • Strange computer behavior, freezing, blocking, etc.

  • Emails / messages that are sent automatically and without the knowledge of the email owner/sender.

BICSA recommends the following measures to prevent malware:

  • Keep your computer with updated antivirus program and personal firewall enabled.

  • Regular updates of the operating system and other application software installed on your computer.

  • Back up your information constantly. Periodically test that backups work.

Protect Yourself

Protect Yourself

Your personal information is private and confidential. Do not publish or disseminate the following information in any form (print, telephone, mail, person-to-person conversations and / or social networks):

  • Personal Identity Card, Passport, Social Security and / or driver’s license.
  • Number of your credit and / or debit cards, or their security pin number. Try not to write them but learn them.
  • All your personal information and bank information is important. Before throwing them away, try to disintegrate it, crushing the information and throwing them in various trash cans.
  • Always check your credit history and report any unusual or unrecognized activity by you.
  • Memorize your password and do not write it anywhere it can be easily discovered by other persons.

  • Never include your password in an email.

  • Avoid the use of birthdays, phone numbers, pet or family names in passwords.

  • Do not utilize the same password for more than one account. If your password is discovered, it could give the attacker access to several of your accounts.

  • Create passwords in accordance with the website’s requirements. We recommend creating complex passwords that utilize upper case letters, lower case letters, numbers and special characters.

  • Change your password from time to time for greater security.

  • Always enter our Online Banking through our website, writing our website’s address www.bicsa.com in your browser’s address bar.

  • Once you are at our website, make sure that a green lock appears in the address bar, and that the address is shown as “https://www.bicsa.com” , the “s” indicating that it is a secure website.

  • Memorize your e-Banking access credentials (user name and passwords) and don’t share them with anyone.

  • When you are finished using e-Banking, make sure to close the session, clicking on the corresponding button.

  • You should use e-Banking through known devices, be it your personal computer, work computer or personal tablet.

  • Your internet browser’s version should comply with the minimum specification required by our e-Banking’s certification.

  • Avoid making transfers from public places.
  • Verify that the beneficiary account’s information is correct.
  • If you receive an email with information about the transfer you are carrying out, contact the beneficiary to confirm the information.

  • BICSA will never ask for this information through emails, telephone, person to person or social networks.

  • Delete any email where you are asked for confidential information, such as your telephone, client number, user name, password and account information, especially if it is marked URGENT.

  • Be wary of emails that show obvious and numerous grammatical errors. Often, these emails are fraudulent.

  • Never gain access to our website from links included in emails you have received.

  • Keep your computer updated with the latest version of an anti-virus software.
  • Avoid downloading programs and applications from untrustworthy sites, as these may have a virus that will affect your computer.
  • Make sure that your internet browser has the latest updates released by its maker.
  • Avoid sharing your computer with unknown persons that could have access to your confidential documents.
  • Keep a personal firewall active on your computer.
  • Update your computer’s operating system with the latest releases from its maker.
  • Constantly review your accounts’ transactions to aid you in detecting fraud and detecting a suspicious transaction.
  • Use ATMs that are in well illuminated areas and are not isolated.

  • Never use ATMs that seem deteriorated or have obvious damage.

  • Check the appearance of the ATM to detect possible alterations or overlapping parts that you have not normally seen in others.

  • Protect your PIN, do not share it with other people and cover it when typing it on the keypad.

  • Check that there is no suspicious individual around you and do not accept help from anyone when using the ATM.

  • If someone approaches you at the moment of making a transaction, ask for their distance.

  • Be sure to withdraw your card after each transaction.

  • Frequently check your account statement for transactions made with your card to make sure they have been made by you.