Privacy Commitment (India)
Privacy Policy for NRI customers
INTRODUCTION
ICICI Bank Limited, a banking company registered and incorporated under the Indian Companies Act, 1956 and existing under the Companies Act, 2013, having its registered office at ICICI Bank Towers, Near Chakli Circle, Old Padra Road, Vadodara-390007, Gujarat (hereinafter referred to as “ICICI Bank”, “we” or “our” or “us” which expression shall, unless it be repugnant to the subject or context thereof, include its successors and permitted assigns) is committed to protecting the privacy and security of your personal data. We shall process any personal data we collect from you in accordance with Data Protection Legislation (defined below) and the provisions of this Privacy Notice. Please read this Privacy Notice carefully to understand how and why we are using your personal data.
In this Privacy Notice:
Data Protection Legislation means the EU General Data Protection Regulation 2016/679 ("GDPR") together with all other applicable and national implementing legislation relating to privacy or data protection; and where we use the terms "personal data", "data subject", "controller", "processor" and "process" (and its derivatives), such terms shall have the meanings given to them in the Data Protection Legislation.
DATA CONTROLLER
For the purpose of the GDPR, ICICI Bank is the data controller of your information. As a data controller, we are responsible for deciding how we hold and use your personal data. We are required under the Data Protection Legislation to notify you of the information contained in this Privacy Notice.
COLLECTING INFORMATION FROM YOU
ICICI Bank will collect and process your personal data you provide us through application forms, our website, face-to-face and electronic communication (including telephone conversations), etc. in order to provide our services to you.
THE KIND OF INFORMATION WE PROCESS ABOUT YOU INLCUDE
- Personal details such as name, address, date of birth, father’s name, mother’s name, email address, nationality, marital status, gender and phone numbers;
- Other information such as visa, passport, overseas tax-identification number and overseas country-specific unique identifier
- Current overseas residential address and permanent residential address and proof of overseas address such as address on passport, utility bills, bank statements, national ID cards and photographs
- Transaction details
- Financial Information
- If you are seeking specialized services as permitted under applicable law, then your investment risk appetite and preferences, current investments profile and investment objectives and goals as shared by you
- Voice biometric is used for NRI customers for enrollment for authentication purposes
- Information in the nature of your occupation, education and qualifications, annual income and source of income
- Details of nominee, witnesses, guardians which includes their signatures, addresses and relationship with you
- Address proofs like valid passport, driving license, voter identification card, job card issues by issued by government agencies, and PAN card
- IP addresses
- CCTV footage and other information obtained through electronic means
- Cookies
Advertising and Marketing
Links
There are links in our website leading to other third party websites. This Privacy Notice does not extend to those websites. We, therefore, would recommend you to read the data safeguarding policies of these websites.
Security
ICICI Bank takes the security of your personal data seriously. We have put in place appropriate technical and organizational security measures to protect your personal data and to prevent your personal information from being accidentally lost, used or accessed in an unauthorized manner, altered or disclosed. These precautions include for example the transfer of all data entered into our internet presence using SSL encryption (128 bit) or the use of a mandatory authentication mechanisms for access to your account.
LAWFUL GROUNDS FOR USING YOUR INFORMATION
We are permitted to process your personal data in compliance with Data Protection Legislation by relying on one or more of the following lawful grounds:
- You have explicitly agreed to us processing such information for a specific reason.
- The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
- The processing is necessary for compliance with legal obligations we have under certain laws.
- The processing is necessary for the purposes of a legitimate interest pursued by us, which might be:
- to provide services to you;
- to ensure that our customer accounts are well-managed;
- to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes and to verify your identity in order
- to protect our business and to comply with laws that apply to us and/or where such processing is a contractual requirement of the services or financing you have requested;
- to protect our business interests;
- to ensure that complaints are investigated;
- to evaluate, develop or improve our services; or
- to keep our customers informed about relevant services, unless you have indicated at any time that you do not wish us to do so.
PURPOSES OF COLLECTING AND PROCESSING YOUR PERSONAL DATA
Specifically, we and our other group companies may use your information for the following purposes and under the following legal bases:
How we use your information
|
Legal basis |
---|---|
To provide and manage your account(s) and our relationship with you
|
|
To give you statements and other information about your account or our relationship
|
|
To handle enquiries and complaints
|
|
To provide our services to you
|
|
For assessment, testing (including systems tests) and analysis (including credit and/ or behaviour scoring), statistical, market and product analysis and market research. |
|
To evaluate, develop and improve our services to you and other customers
|
|
To protect our business interests and to develop our business strategies
|
|
To contact you, by post, phone, text, email and other digital methods. This may be:
|
|
To collect any debts owing to us
|
|
To meet our regulatory compliance and reporting obligations and to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes. We may record your image on CCTV when you visit our premises.
|
|
To assess any application you make, including carrying out fraud, money laundering, identity, sanctions screening and any other regulatory checks.
|
|
To monitor, record and analyse any communications between you and us, including phone calls
|
|
To transfer your information to or share it with any third party to whom your account has been or may be transferred following a restructure, sale or acquisition of any group company
|
|
To share your information with India or other relevant tax authorities, Reserve Bank of India and other government authorities, credit reference agencies, fraud prevention agencies, and India and overseas regulators and authorities
|
|
To share your information with our partners and service providers
|
|
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you or we may be prevented from complying with our legal obligations.
AUTOMATED DECISION MAKING
If you apply to us for a product, your application may be processed by an automated decision-making process which may carry out credit and affordability assessment checks to determine whether your application should be accepted or not. Where these automated processes suggest that your application should be rejected, we may manually review your application before making a final decision. We may also use automated processes to decide credit limits.
We may also carry out automated anti-money laundering and sanction checks. This means that we may automatically decide that you pose a fraud or money laundering risk if the processing reveals your behaviour to be consistent with that of known fraudsters or money launderers and is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk: (i) we may refuse to provide the services you have requested, or we may stop providing existing services to you; and (ii) a record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services or employment to you.
INFORMATION SHARING
We keep all your personal data confidential. However, in order to be able to service your needs to the best of our ability, we may share any information you provide to us with our group companies and their agents, counterparties and support service or data providers, wherever located. If you have provided information to other members of our group, those entities may also share that information with us.
To help us provide services, your data will be processed internally and externally by other third parties. We use third parties for administrative, servicing, monitoring of your data. We will outsource some services to third parties whom we consider capable of performing the required processing activities so that there is no reduction in the service standard provided to you by us.
Due to the size and complexity of our operations, it is not possible for us to name each of our data recipients in this notice. However, we only share your personal data with categories of recipients given below, whenever required:
- Any revenue service or tax authority including Income Tax Department, if obliged to do so under applicable regulations.
- Overseas regulators and authorities in connection with their duties (such as crime prevention).
- Anyone to whom we may transfer our rights and/or obligations;
- Any other person or organization after a restructure, sale or acquisition, as long as that person uses your information for the same purposes as it was originally given to us or used by us (or both)
- Credit reference, identity and address verification organizations who may record and use your information and disclose it to other lenders, financial services organizations and insurers. Your information may be used by those third parties to make assessments in relation to your creditworthiness for debt tracing.
- Fraud prevention agencies and law enforcement agencies who will use it to prevent fraud and money-laundering and to verify your identity if false or inaccurate information is provided by you and fraud is identified. We, fraud prevention agencies and law enforcement agencies may access and use your information for example, when:
- Checking details on applications for credit and credit related or other facilities;
- Managing credit and credit related accounts or facilities;
- Recovering debt;
- Checking details on proposals and claims for all types of insurance
- Other product and service providers for products and services which you would have agreed to avail or being referred to
- Service providers as appointed from time to time for operational support to the Bank
- Courier or postal service providers for the purpose of sending of mails to you as a customer
- Social media websites for our marketing campaigns where permitted
For further information, please refer to our product specific terms and conditions and application form.
DETAILS OF DATA TRANSFERS OUTSIDE THE EU
As we are a bank established in India, if you are an EU resident, information about you will be transferred to us and to other parties in countries outside the European Economic Area (particularly India) for any of the purposes described in this Privacy Notice.
You understand and accept that these countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar process. In addition, a number of countries have agreements with other countries providing for exchange of information for law enforcement, tax and other purposes.
If we transfer your information outside the European Economic Area in (for example because we have to provide such information by law), we will use best endeavours to put in place appropriate safeguards to ensure that your information remains adequately protected.
RETENTION AND DISPOSAL OF DATA AND OUTPUT
We will keep the information we collect about you on our systems or with third parties for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. or as required to comply with any legal obligations to which we are subject.
STORAGE OF YOUR PERSONAL DATA AND DATA SECURITY
All information you provide to us is stored in our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping such password confidential. We ask you not to share your password with anyone.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know basis. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
OUR COMMUNICATION WITH YOU
We may communicate with you via electronic mail (e-mail). We will never ask you for your password.
When you contact us through any of our communication channels including visiting a local branch or calling the telephone banking service, we will verify your identity by asking you a number of questions based on information known to us about you and the transactions on your account. We may record your calls for training, quality and security purposes.
MARKETING INFORMATION
We and other members of our group may use your information from time to time to inform you by letter, telephone, text (or similar) messages, email or other electronic means, about similar services which may be of interest to you or them.
You may opt out of marketing at any time using Do Not Call-
https://www.icicibank.com/do-not-call.page?
RIGHTS OVER YOUR PERSONAL DATA
You may be entitled under the Data Protection Legislation to the following rights in respect of your personal data:
- Be informed about the processing of your personal data (i.e. for what purposes, what types, to which recipients it is disclosed, storage periods, any third party sources from which it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences).
- Object to your personal data being processed for a particular purpose or to request that we stop using your information.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you
- Request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.
- Withdraw, at any time, any consent that you have previously given to us for our use of your personal data.
- Ask us to stop or start sending you marketing messages at any time.
- Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.
- Request the erasure of your personal data. This enables you to ask us to delete or remove personal data where you think that we do not have the right to process it.
Any request for access to or a copy of your personal data must be through service request on Rights under GDPR and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will provide this information free of charge unless the request is manifestly unfounded or excessive. We will comply with our legal obligations as regards any individual’s rights as a data subject.
If you would like to contact us to get more information on your rights, wish to exercise your rights, or have any questions about our privacy notice please contact us using the following contact details. To protect your privacy and security, we may take reasonable steps to verify your identity before providing you with the details.
Mr. Pramod PC, The Data Protection Officer, ICICI Bank, ICICI Bank Towers, Bandra Kurla Complex, Mumbai- 400051.
RIGHT TO COMPLAIN TO THE SUPERVISORY AUTHORITY
You have a right to lodge a complaint with the supervisory authority of state of habitual residence for data protection issues.
CHANGES TO THIS PRIVACY NOTICE
The content or services mentioned on our website may be changed in future and consequently we reserve the right to update this Privacy Notice at any time. Any changes we may make to this Privacy Notice in the future will be posted on this page and where appropriate, notified to you by email. We recommend that you re-visit this page regularly and inform us if you do not agree to any term mentioned here.
Cookie Guidance
Safeguarding your right to privacy is imperative to us. Hence, we request you to peruse through our Cookie Guidance.
Anonymous information retrieval
Our websites (https://www.icicibank.com/, www.icicibank.com/nri & www.money2india.com) may be accessed by you anonymously. That means, your personal data (e.g. name or address) will not be collected. We only gather, stock and make use of anonymous information like the name of the Internet provider, the website from where you access our site and the websites you access from our site. All this is collated for reasons that are statistical and calculated to modify our website to serve the needs of our users in an appropriate manner. Your identity as a user will always stay unidentified.
Cookies
We acquire information about your general internet usage through cookie files kept on your computer hard drive. These cookies hold information that is transferred to your computer's hard drive. They help us improve our website and deliver a more customised service. The NRI Services and Money2India websites currently use the following cookies:
Cookie | Type of cookie | Category | Current use |
---|---|---|---|
WT_FPC |
Website cookie |
Essential |
This is a Java Script file which defines the behavior of the top navigation of our website and is used for faster loading and effective representation of information on it, enabling our site to function as intended. |
tvc_im |
It is used to identify if the website is opened in incognito mode or not. |
||
bannerCount |
It is used to set the count of the banner on the various pages. |
||
AEC |
Adobe Analytics Cookies |
Ensure that requests within a browsing session are made by the user, and not by other sites. These cookies prevent malicious sites from acting on behalf of a user without that user's knowledge. |
|
s_nr30 |
This cookie is used to identify whether the user is new or repeat visitor which is dropped by Adobe Analytics plugins through Adobe Tags/Launch. |
||
brand |
Biocatch |
These cookies are being invoked from the Biocatch WUP call JavaScript that we have included as a part of the biocatch integration. |
|
_fbp fr |
Facebook Cookie |
Performance & Statistical
|
These cookies are used by Google Analytics and give us information about how visitors use our website. The cookies collect information in an anonymous form, including the number of visitors to the site, how visitors were directed to the website, and the pages they have visited. They are usedacross ICICI Bank Website |
_vis_opt_test_cookie |
VWO Cookies |
This cookie is created to detect if the cookies are enabled on the visitor’s browser or not. It also helps in tracking the number of browser sessions a visitor has gone through. The value of this cookie is always 1 |
|
_vis_opt_s |
This cookie tracks session created for a visitor, i.e., the number of times the browser was closed and reopened. The value is >=1, followed by a pipe sign. For example, the value of 2 indicates that the visitor restarted the browser once while 3 means twice |
||
_vwo_sn |
This cookie stores session-level information |
||
_vwo_ds |
This cookie stores persistent visitor-level data for VWO Insights |
||
_vwo_uuid |
Used by Visual Web Optimizer when testing new functionality on the website. |
||
|
This cookie calculates unique traffic on a website |
||
_ga |
Google Analytics Cookies |
GA cookies are used to distinguish users. |
|
ad_storage |
Manage the cookie for analytic. |
||
_gcl_au |
To store and track conversions. |
||
_ga_YS3WY4N6FE |
To store and count pageviews. |
||
_nli_aem_NTB_ID |
To capture values of itm query parmeter for recording internal redirection |
||
RT |
Akamai Cookie |
This is a real user monitoring cookie used by Akamai mPulse to improve HTML page loading. |
|
_vis_opt_s |
VWO Cookies |
Targeting |
This cookie detects if the user is new or returning to a particular campaign. |
_vwo |
These cookies are used to track engagement by users and to analyze traffic. |
||
_vwo_ssm |
This cookie is used for testing and is created only on sites that use the HTTP protocol. This is used to check if VWO can create cookies on them, post which this cookie is deleted. |
||
__nli_aem_ITM_hit_scope |
Google Analytics Cookies |
To set unique NTB id of the user for redirection |
|
IDE |
Adobe Cookies |
To set unique NTB id of the user for redirection |
|
mccmdealsOfferSetCount |
Adobe Analytics Cookies |
Offer url updated for handpicked offers |
|
kndctr_6EE66F3A6038FCF30A495FB7_AdobeOrg_identity |
Cookie used for the device identification cookie for the visitor |
||
kndctr_6EE66F3A6038FCF30A495FB7_AdobeOrg_cluster |
Cookie to create and store unique, persistent identifiers for your site visitors. These cookies let the ID service track visitors and enable data sharing among different Adobe Experience Cloud solutions |
||
NID |
Used to show Google ads in Google services for signed-out users, while the 'ANID', 'IDE' and 'id' cookies are used to show Google ads on non-Google sites. |
||
1P_JAR |
This cookie collects statistics on website usage and measures conversions. |
You may refuse to accept cookies by activating the setter on your browser, which allows you to refuse the setting of cookies. However, this may cause certain parts of our website to remain inaccessible to you. Until you have set your browser setting to refuse cookies, our system will continue to issue cookies when you log onto our site. Please take note of the fact that our advertisers may also use cookies and we have no control over this. For more information on how to control and/or disable cookies please click here.
Advertising and Marketing
Links
There are links in our website leading to other sites. This guidance does not extend to those sites. We therefore would recommend the reading of the data safeguarding policies of these sites.
Security
All proper and expected technical and organizational security procedures have been taken to shield your personal data and to prevent that no unauthorized persons gain access to the same. These precautions include for example the transfer of all data entered into our internet presence using SSL encryption (128 bit) or the use of a mandatory authentication mechanism for access to your account.