1) OBJECTIVE
a) To ensure the security and privacy of customers’ sensitive personal data.
b) Follow good practice.
c) Protect LONAWALA SAHAKARI BANK MARYADIT’s Stake holders, staff and other individuals
d) Protect the organization from the consequences of a breach of its responsibilities
2) SCOPE AND APPLICABILITY
This policy is applicable to all employees of the LONAWALA SAHAKARI BANK MARYADIT, Head office and its branches and its vendors
3) POLICY
Bank customers’ sensitive personal data i.e. biometric data, passwords and financial information such as bank account details, credit and debit card details shall be protected by LONAWALA SAHAKARI BANK MARYADIT by following reasonable security practices and procedures. For this, LONAWALA SAHAKARI BANK MARYADITK has:
1) Adopted a comprehensive documented information security program and policies that contain managerial, technical, operational and physical control measures
2) Implemented the documented security practices


LONAWALA SAHAKARI BANK MARYADIT shall always:
a) Comply with both the law and good practices
b) Respect individual’s rights of non-disclosure, confidentiality.
c) Be open and honest with individuals whose data is held.
d) Provide training and support for staff and volunteers who handle personal data, so that
they can act confidently and consistently
e) Recognize that its first priority is to avoid causing harm to individuals, which means:
– keeping information securely in the right hands, and
– holding good quality information
3.1 Security and confidentiality of Customer Data
3.1.1) As per Information Systems security policies and procedures implemented in the LONAWALA SAHAKARI BANK MARYADIT, LONAWALA SAHAKARI BANK MARYADIT has implemented administrative, physical and technical safeguards to protect electronic personal data from loss, misuse and unauthorized access. Customers’ personal
data shall be stored on a secured database.
3.1.2) Bank shall not sell personal data to any third party or anybody and shall remain fully compliant with confidentiality of the data as per law.
3.1.3) Bank shall share customers’ personal data to third party if required for business purpose only after implementing adequate controls to ensure maintenance of confidentiality and security of the data by the concerned third party.
3.2 Data Usage
3.2.1) Bank shall use customers’ personal data only for the purpose for which it is collected. Bank is committed to ensuring that personal data is kept strictly confidential. However, personal data may be disclosed to regulatory authorities for the purposes of obtaining regulatory approval in accordance with applicable legal requirements, or otherwise to comply with applicable legal requirements.
3.3 Data Retention
Customer’s data shall be retained as per Directives (circulars issued by Head Office) and Regulatory Standards (RBI directives)..
3.4 Data Modification
LONAWALA SAHAKARI BANK MARYADIT shall update the customer data only after ensuring the authenticity of the change request. Adequate access controls and authorization controls shall be in place to monitor data modifications.
3.5 Data Quality
LONAWALA SAHAKARI BANK MARYADIT shall continuously review and asses the quality and completeness of the data.
3.6 Auto Read OTP functionality:
LONAWALA SAHAKARI BANK MARYADIT shall have auto read facility for OTP validation in the Mobile application. Whenever the OTP is send to the customer LONAWALA SAHAKARI BANK MARYADIT mobile application shall auto populate the OTP in the required field instead of entering by keypad.
3.7 SMS forwarding App / Remote access App:
LONAWALA SAHAKARI BANK MARYADIT mobile application shall have an ability to identify the “SMS forwarding Apps” as well as “Remote Access Apps” installed on the User’s handset. Based on the “AppID” of these kind of applications, LONAWALA SAHAKARI BANK MARYADIT mobile application shall restrict the users to access the login to the LONAWALA SAHAKARI BANK MARYADIT mobile application if user have installed the listed apps.
3.8 SMS Delivery status facility:
LONAWALA SAHAKARI BANK MARYADIT shall confirm that SMS Service Provider shall have Call back facility available to verify the status of SMS send from mobile application, also SMS service provider shall have “SMS Delivery receipt check” to know the delivery status of the SMS forwarded from mobile application end.
3.9 SMS forwarding App / Remote access App
LONAWALA SAHAKARI BANK MARYADIT Mobile banking Application shall have ability to read/detect Installed Application on user’s device and upload it on bank’s secure server for keeping safe track of existing applications. App shall prohibit/restrict Mobile Banking Application usage in case of any listed application with likes of “Remote Access Applications” and “SMS Forwarder Applications” is detected.
3.10 SMS forwarding App / Remote access App
By agreeing to terms within Mobile banking application and written consent form undertaken from user during opting mobile banking feature it will be considered user have provided affirmative consent for all above mention disclosures.
3.11 SECURITY AWARENESS AMONG USERS:
All staff handling personal data shall receive training in the requirements of data protection related laws and regulations. They shall also be educated about the legal consequences of intentional / unintentional disclosure /leakage of customers’ data.
3.12 The Bank shall take written consent of the customer in specific format before providing any special services via mobile.