Statements of Practices and Policies
- The Bank recognises that one of its fundamental responsibilities is to ensure that the Bank protects personal information entrusted to the Bank by its customers. This is critical for the maintenance of the Bank’s reputation and for complying with its legal and regulatory obligations to protect the Banks’s customer information. The Bank also follows a transparent policy to handle personal information of its customers.
- In this Policy, personal information means any information that relates to a natural person, which either directly or indirectly, in combination with other information available or likely to be available with the Bank, is capable of identifying such person.
- The Policy is in compliance with the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules 2011 (the “IT Rules”) contained in the Information Technology Act 2000.
Applicability
- This Policy is applicable to personal information collected by the Bank directly from the customer or through the Bank’s online portals, electronic communications as also any information collected by the Bank’s server from the customer’s browser.
Accuracy
- The Bank shall have processes in place to ensure that the personal information residing with it is complete, accurate and current. If at any point of time, there is a reason to believe that personal information residing with the Bank is incorrect, the customer may inform the Bank in this regard. The Bank shall correct the erroneous information as quickly as possible.
Purpose of collection and Usage of Personal Information
The Bank shall use the information collected to manage its business and offer an enhanced, personalised online experience on its website. Further, it shall enable the Bank to:
- Process applications, requests and transactions
- Maintain internal records as per regulatory guidelines
- Provide services to customers, including responding to customer requests
- Comply with all applicable laws and regulations
- Recognise the customer when he conducts online banking
- Understand the needs and provide relevant product and service offers
- If a customer does not wish to provide consent for usage of its sensitive personal data or information or later withdraws the consent, the Bank shall have the right not to provide services or to withdraw the services for which the information was sought from the customer.
Disclosure/Sharing of Information
- The Bank shall not disclose personal information of its customers without their prior consent unless such disclosure has been agreed to in a contract between the body corporate and customer, or where the disclosure is necessary for compliance of a legal obligation. In-case Bank discloses the personal information to Third Parties, such Third Parties shall be bound contractually to ensure that they protect customer personal information in accordance with applicable laws.
- The above obligations relating to sharing of personal data or information shall not apply to information shared with government mandated under the law to obtain such information or by an order under law for the time being in force. Further, if any personal data or information is freely available or accessible in the public domain, the Bank shall not have any obligations regarding the same.
- No specific information about customer accounts or other personally identifiable data shall be shared with non-affiliated third parties unless any of the following conditions is met:
- To help complete a transaction initiated by the customer
- To perform support services through an outsourced entity provided it conforms to the Privacy Policy of the Bank
- The customer / applicant has specifically authorised it
- Conform to legal requirements or comply with legal process
- The information is shared with Government agencies mandated under law
- The information is shared with any third party by an order under the law
- Protect and defend the Banks’ rights, interests or property
- Enforce the terms and conditions of the products or services
- Act to protect the interests of the Bank, or its members, constituents or of other person
Security Practices
- The security of personal information is a priority and shall be ensured by maintaining physical, electronic, and procedural safeguards that meet applicable laws to protect customer information against loss, misuse, damage and unauthorised access, modifications or disclosures. Employees shall be trained in the proper handling of personal information. When other companies are used to provide services on behalf of the Bank, it shall ensure that such companies protect the confidentiality of personal information they receive in the same manner the Bank protects. The Bank shall continuously review and enhance its security policies and security measures to consistently maintain a high level of security.
Amendments
- The Bank shall reserve the right to change or update this Policy or practice, at any time with reasonable notice to customers on the Bank’s website so that customers are always aware of the information which is collected, for what purpose the Bank uses it, and under what circumstances, if any, Bank may disclose it.
- By virtue of this privacy policy, the customer assents to collection, use, transfer, disclosure, retention and other processing of her/his personal information, including sensitive personal information, as described in this Policy.
Response to Enquiries and Complaints
- The Bank shall encourage customer enquiries, feedback and complaints which shall help it identify and improve the services provided to the customers.