Our Privacy Policy

For BANCO INTERNACIONAL DE COSTA RICA, S.A. and Subsidiaries (“BICSA” or “us”), the protection of your personal data is extremely important. We are committed to ensuring the protection and security of personal data (as detailed in this document) that our customers and suppliers entrust to us or that we obtain in the course of our business relationship.

In this Privacy Policy, the term “personal data” refers to our customers’ personally identifiable information that we obtain in connection with the banking products and services we provide to them or, in the case of our suppliers, the products and services they provide to us. For the purposes of this Privacy Policy, personal data will not be considered to be data obtained from public sources of information, nor anonymized information, for historical, statistical or scientific purposes.
Among the banking products and services that we provide directly to our clients are the following:

  • Deposit accounts
  • Loans
  • Credit Cards
  • Economic, financial or investment advice
  • Electronic Banking (including Mobile Banking and Internet Banking)

This Privacy Policy also applies to personal data received from candidates who apply for job vacancies with us, as described below.

This Privacy Policy is governed by Law 81 of 2019, Executive Decree 285 of 2021, its eventual amendments and related Banking Agreements.

Banco Internacional de Costa Rica, S.A., with registered office for its main offices at BICSA Financial Center tower, 50th Floor, Aquilino de La Guardia street and Balboa Avenue, Panama City, Republic of Panama, acting on its own behalf and on behalf of its Subsidiaries, listed below, is the Controller of the processing of your personal data:

  • BICSA Factoring, S. A.
  • BICSA Capital, S. A.
  • BICSA Leasing, S. A.
  • BICSA Fiduciaria, S. A.

e-mail address: seguridadyprivacidad@bicsa.com.

We obtain data about you from the following sources:

Source Examples
Information we receive from you on applications and other forms. Contact details, demographic data and details of income and financial situation, among others.
Information about transactions made with us. Details of source and destination accounts, amounts, date and time of the transaction, authorized signatures, among others.
Information about your transactions with nonaffiliated third parties. Details of source and destination accounts, amounts, date and time of the transaction, authorized signatures, among others.
Information from public institutions and credit reporting, due diligence and tax agencies such as APC, Tribunal Electoral and Equifax, among others. Credit and criminal history, immigration and employment status, among others.
Information about your use of Electronic Banking. User-id, e-mail address, IP address, browser identifiers, device and session (date/time/duration), location, biometric data for multifactor authentication.
Information to apply for job openings at BICSA. Contact data, demographic data, resume, educational, professional and criminal history, personal and professional references, among others.

On our website we use the technology called “cookies” to improve the experience of our users. When you access BICSA’s website, you will be presented with a small box that allows you to choose the cookies you wish to accept, from those that are strictly necessary to those that are optional. The following is a description of the cookies used on our website:
Strictly necessary:

Cookie Name Provider Type Purpose Description Expiry
_grecaptcha Bicsa.com HTML This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. Persistente
_GRECAPTCHA Google.com HTTP This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. 179 days
ARRAffinity Bicsa.com HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
ARRAffinity s11wa004-
qa.azurewebs
ites.net
HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
ARRAffinitySam
eSite
Bicsa.com HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
ARRAffinitySam
eSite
s11wa004-
qa.azurewebs
ites.net
HTTP Used to distribute traffic to the website on several servers in order to optimize response times. Session
incap_ses_# Bicsa.com HTTP Preserves users states across page requests. Session
nlbi_# Bicsa.com HTTP Used to ensure website security and fraud detection. Session
rc::a Google.com HTML This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. Persistent
rc::b Google.com HTML This cookie is used to distinguish between humans and bots. Session
rc::c Google.com HTML This cookie is used to distinguish between humans and bots. Session
rc::d-15# Google.com HTML This cookie is used to distinguish between humans and bots. Persistent
visid_incap_# Bicsa.com HTTP Preserves users states across page requests. 1 year
_ga Bicsa.com HTTP Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 year
_gat Bicsa.com HTTP Used by Google Analytics to throttle request rate. 1 day
_gid Bicsa.com HTTP Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 1 day

Optional:

Cookie Name Provider Type Purpose Description Expiry
___utmvc Bicsa.com HTTP Collects information on user behaviour on multiple websites. This information is used in order to optimize the relevance of advertisement on the website. 1 day

Through the means that we have enabled for these purposes, you give your consent to be contacted by e-mail, SMS, or any other equivalent means of electronic communication, to send you commercial, marketing and/or advertising communications.

However, if at any time you do not wish to receive further communications of this nature, you may revoke your consent by sending a notification to the following e-mail address seguridadyprivacidad@bicsa.com, providing a copy of your identity document, or by using the link provided for this purpose in the commercial communications you receive.

Once you unsubscribe from marketing communications, we may continue to send you operational and transactional communications, such as those related to customer service, fraud detection and prevention, and activities related to the products and services you maintain with us.

Pursuant to the authorizations and consents granted by you, the personal data collected is used to provide you with our products and services. This includes pre- and ongoing due diligence, fraud detection and prevention, identity verification, transaction and transaction processing, customer service, product and service related surveys, collection, analysis and research, enhancements to our products and services, and transactional and marketing communications.
In addition, if you apply for job vacancies with us, we will use your personal data to contact you, verify your eligibility for the vacancy applied for and, if you are hired, prepare your employee file. The personal data of applicants on their resumes submitted but not hired will remain for future job vacancies with us.

We limit Access to your personal data and findientcial information to those employees, subsidiaries, affiliated companies and suppliers who require the information to provide our products and services. We maintain the administrative, organizational and technical controls established by law for the protection of personal data, and we also contractually require our suppliers to do the same. For more information, please contact our Data Protection Officer at seguridadyprivacidad@bicsa.com.

We will not disclose any personal data or confidential information about you without your consent or as permitted by law.

Depending on the producto or service you maintain with us, the retention period of your data may vary. Unless otherwise provided by law, we will retain your personal data for a period of seven (7) years after the end of the business relationship.

Rigth Content
Access Consultation of personal data included in our files.
Rectification Modification of your personal data when it is inaccurate.
Cancellation Request that we delete your personal data.
Opposition Request that your personal data not be processed.
Portability Obtain a copy of your personal data.

You may exercise your rights by visiting any BICSA branch, or by writing to our Data Protection Officer at seguridadyprivacidad@bicsa.com. Remember to accompany your request with a copy of your identity document.

Likewise, you may file a complaint with the Superintendency of Banks of Panama, in case you are not satisfied with the attention given to your request to exercise your rights.

Please note that, in cases where you have provided us with your personal data for the contracting of banking products and services, the exercise of your rights may affect our ability to provide you with such products and services.

We update our Privacy Policy annually, or more frequently if there is a legal requirement or organizational change that warrants it.


Last update: May 26, 2022.