Privacy
Policy
The
purpose of this Privacy Policy is to put on record the Bank’s commitment in
ensuring privacy and confidentiality of customer information. This policy is
applicable to the Bank’s website, the Internet Banking Service and/or all
online services offered by the Bank.
All
visitors who visit the Bank’s website and provide information to the Bank are
covered under this Policy.
This
information may be:
Personal/private
information of the visitors: "Personal information" means any
information that relates to a natural person, which, either directly or
indirectly, in combination with other information available or likely to be
available with a body corporate, is capable of identifying such person.
Sensitive
personal data or information of the visitors: "Sensitive personal data or
information" of a person means such personal information which consists of
information relating to
•
Password;
•
Financial information such as Bank account or credit card or debit card or
other payment instrument details;
•
Sexual orientation;
•
Medical records and history;
•
Biometric information;
•
End user device details.
•
Government issued Identification documents such as AADHAAR, PAN, Driving
License etc. provided that, any information that is freely available or
accessible in public domain or furnished under the Right to Information Act,
2005 or any other law for the time being in force shall not be regarded as
sensitive personal data or information for these purposes.
Aadhaar Related Privacy Policy
The
Bank is a Global KYC User Agency (KUA) authorized to undertake eKYC
Authentication for those constituents who are desirous of receiving any benefit
or subsidy under any scheme notified under section 7 of the Aadhaar (Targeted
Delivery of Financial and Other subsidies, Benefits and Services) Act, 2016 (18
of 2016). In such case the bank will collect the Aadhaar Number. Every Aadhaar
number holder to establish his identity, may voluntarily use his Aadhaar number
in physical or electronic form by way of authentication or offline
verification, or in such other form as may be notified, in such manner as may
be specified by regulations.
The
Bank will also undertake the Biometric Authentication through finger, face,
IRIS or a combination of both. For every such authentication a separate consent
will have to be given by the constituent for each and every request.
The
bank also confirms that no core biometric information will be stored at the
bank’s end. The same shall be destroyed immediately on submission of the
request to the CIDR.
Once
the Aadhaar Number and Biometric is duly authenticated the CIDR will return the
Name, Date of Birth/Year, Gender and the address details which will stored by
the bank as a part of the account opening process. The Aadhaar number will be
tokenized and stored in the Data vault by the bank, as instructed by UIDAI, to
maintain the security of the information.
The
customer will have the right to request the Bank for the authentication records
up to 2 years from the date of authentication. A formal request has to be made
for the same to the bank in writing/email
This
information shall be shared without the Aadhaar number or images of the Aadhaar
card to the Regulatory bodies/Repositories like CERSAI/KRA/NPCI Mapper /Credit
Bureaus/NHB/HUDCO operating in India depending upon the business need of the
constituent. Details without the Aadhaar number will also be shared with the
field verification agencies in case of borrowal accounts
In
case the customer submits the Aadhaar number or physical image voluntarily as a
part of the account opening for undertaking KYC by the bank, the bank shall
store only the last four digits of the Aadhaar number and other related
information.
This Policy protects private information of
the visitors provided online to the Bank and any information collected by the
bank’s servers from the visitors’ browsers ("the Information").
This
information will be used to carry out any obligation related to the customer’s
business relationship with the Bank. Additionally, the bank may use this
information for its operational and management requirements such as but not
limited to statistics, product promotions, market survey, product development,
creditworthiness evaluation and/or , debt collection, customer relationship
management, fulfilling all statutory and regulatory obligations and all other
legitimate purposes.
This
information will not be disclosed to any parties outside the bank unless the
customer requests or authorizes it, the disclosure is required by law or the
disclosure is needed for a third party authorized by the bank to provide
services to the customer. The bank will take reasonable steps to ensure that
the third party follows the minimum standards in protecting the privacy and
confidentiality of customers' information.
The
bank may collect information regarding usage of bank web site for analysis, for
instance users visiting certain pages more often than others through the usage
of cookies. Cookies are text files with small amounts of information (does not
include personal sensitive information) that a website stores on the customers
computers.
A
cookie may be retrieved and read by the same site later. Cookies help to
provide a personalized browsing experience while allowing users to navigate
between pages efficiently, remember preferences, and providing a generally
improved browsing experience. User(s) agree through the usage of our bank
website, to have cookies placed on his/her device. User(s) is/are free to
disable or delete these cookies by changing their web browser settings
accordingly. The Bank is not responsible for cookies placed in users’ device by
any other website and collecting information.
The
bank is committed to implementing high computer security standards with
stringent procedures and policies in safeguarding customers' information. The
commitment to customers' privacy and confidentiality is clearly evident in the
bank’s Security Policy.
The
bank will try to keep all customers' information as updated as possible. It is
therefore required that all customers provide accurate information to bank and
also notify all changes, inaccuracies, incompleteness or errors found in their
information lodged with the bank in a timely manner. Only duly authorized
employees are permitted to access the actual data of customers.
The Bank undertakes not to disclose the
information provided by the customers to any person, unless such action is
necessary to:
•
Conform to legal requirements or comply with legal process;
•
Enforce the terms and conditions of the products or services; or
•
Act to protect the interest, rights, property of Bank, its Affiliates, or its
members, constituents or of other persons.
The
Customers shall not disclose to any other person, in any manner whatsoever, any
information relating to the Bank or its Affiliates of a confidential nature
obtained in the course of availing the services through the website. Failure to
comply with this obligation shall be deemed a serious breach of the terms
herein and shall entitle the Bank or its Affiliates to terminate the services,
without prejudice to any damages, to which the customer may be entitled
otherwise.
The Bank will limit the collection and use of customer
information only on a need-to-know basis to deliver better service to the
customers. The Bank may use and share the information provided by the Customers
with its Affiliates and third parties for providing services and any
service-related activities such as collecting subscription fees for such
services, and notifying or contacting the Customers regarding any problem with,
or the expiration of, such services. In this regard, it may be necessary to
disclose the customer information to one or more agents and contractors of Bank
and their sub-contractors, but such agents, contractors, and sub-contractors
will be required to agree to use the information obtained from the Bank only
for these purposes.