logo
Privacy Commitment

Privacy Commitment (India)

Privacy Policy for NRI customers

Privacy Notice for EU customers

Cookie Guidance

 

Privacy Commitment (India)

Updated on 03-06-2022

  1. Introduction

This Privacy Commitment is applicable to personal information and sensitive personal data or information, including information that is of a confidential nature (“Customer Information”) belonging to the customers, potential customers, and other users of the Services (“Customer(s)” or “you”) of ICICI Bank Limited, its affiliates and group companies (collectively, “ICICI Bank”, “we”, “our”, or “us”).

In the course of using this website, mobile applications, or its custom extensions, or availing products and services vide online or offline platforms including bank branches, other points of sales, third party platforms, or through communications, by electronic means or otherwise, or any other mode/platform communicated/introduced by ICICI Bank from time to time (collectively, the “Services”), ICICI Bank may collect, receive, possess, store, use, deal, handle, transfer, retain and otherwise process Customer Information. By using or otherwise accessing our Services, you confirm that you have read and agreed to be bound by this Privacy Commitment and consent to the collection, receipt, possession, storage, usage, dealing with, handling, processing, transfer and retention of your Customer Information by ICICI Bank as described in this Privacy Commitment.

ICICI Bank is strongly committed to protecting the privacy of its Customers and has taken all necessary and reasonable measures to protect the confidentiality of the Customer Information and its transmission.

  1. Customer Information

Customer Information includes, without limitation, the following categories of personal data/sensitive personal data that we may collect, receive, possess, store, use, deal, handle, transfer, and otherwise process as per applicable laws:

  1. Data about you: This may include, without limitation, your name, user IDs, signature, email addresses, phone numbers, addresses, KYC/identity documents (for example: Aadhaar and PAN), biometric data, communications with us, device and location data, information about how you use our Services, etc.

  1. Financial data: This includes, without limitation, information about your bank account details, financial information, payment credentials, transaction data, loan details such as amounts, lending history, and repayments, credit history and income details. .

  1. Marketing and communications data: This includes, without limitation, your preferences relating to receiving marketing messages from us and our service providers, and your communication preferences.

You must ensure that all Customer Information that you provide us with is accurate, up-to-date, and true. You will be responsible for any errors, discrepancies, or inaccuracies in the Customer Information you share with us, except for such Customer Information that has been verified through KYC processes set out by applicable law and backed by documentary proof. When you use our Services, we make best efforts to provide you with the ability to access and correct inaccurate or deficient Customer Information, subject to any legal requirements.

  1. Collection of Customer Information

We are required to collect Customer Information to provide you with the Services, to comply with our contractual obligations and applicable law. If you do not wish to provide such Customer Information as and when requested by us, it will diminish our ability to perform our obligations under the arrangement we have with you or are trying to enter into with you (for example, to provide you with features of the Services). And consequently, we may be constrained to cancel or limit your access to the Services (or part thereof).

We use different methods to collect Customer Information from and about you, including, without limitation, through:

  1. Direct interactions: This includes Customer Information you consent to give us when you use our Services or when you interact with us, including, without limitation, when you:

  1. create an account with us;

  2. use the Services or carry out other activities in connection with the Services;

  3. consent to receiving marketing communications; or

  4. report a problem with the Services, give us feedback, or contact us.

  1. Automated technologies or interactions: When you use the Services, we may automatically collect data about your equipment, browsing actions, and patterns. We collect this data by using cookies, web beacons, pixel tags, server logs, and other similar technologies. We may also receive such data about you if you visit other websites that use our cookies.

  1. Third parties or publicly available sources: We receive Customer Information from publicly available sources as well as various third parties, such as our service providers, credit bureaus, partners, alliance partners, group companies, agents, affiliates and government portals.

  1. Cookies

The ICICI Bank website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies that are text files containing small amounts of information (this does not include personal sensitive information) which are downloaded to your device when you visit a website in order to provide you a personalised browsing experience. Cookies do lots of different jobs, like allowing you to navigate between pages efficiently, remembering your preferences, and generally improving your browsing experience. These cookies collect information analytics about how you use a website (for example: often visited pages).

We may contact third-party service providers to assist us in better understanding our site visitors. These service providers may use the information collected on our behalf to help us conduct and improve our Services.

Additionally, you may encounter cookies or other similar devices that are placed by third parties on certain pages of the website. We do not control the use of cookies by third parties. All information collected by third party cookies is aggregated and therefore anonymous.

You are free to disable or delete these cookies by changing your web browser settings. ICICI Bank is not responsible for cookies placed in Customers’ devices by any third party and information collected thereby.

  1. Use of Customer Information

We will only use your Customer Information as permitted under applicable law or pursuant to contractual obligations. Most commonly, we will use your Customer Information to perform the Services or to comply with a legal/contractual obligation. We use your Customer Information without limitation, for the following purposes:

  1. to verify your identity to register you as a Customer, and create and operate your account(s) with us;

  2. to provide the Services to you;

  3. to process payments made through our Services;

  4. to comply with legal obligations;

  5. to administer and protect our business and the Services, including for troubleshooting, data analysis, system testing, and performing internal operations;

  6. for risk control, fraud detection, and prevention;

  7. to perform our obligations that arise out of the arrangement we are about to enter or have entered with you;

  8. to respond to court orders, establish or exercise our legal rights, or defend ourselves against legal claims;

  9. to improve customer service to effectively respond to your service requests and support needs;

  10. to improve the functionality of our Services based on the information and feedback we receive from you;

  11. to send notifications to manage our relationship with you including to notify you of changes to our Services, send you information and updates pertaining to the Services you have availed, and to receive occasional company news and updates related to us or the Services;

  12. to monitor trends and personalise your experience;

  13. to market and advertise the Services to you;

  14. to improve our business; and

  15. To conduct training and AI-based skill training.

  1. Disclosure of Customer Information

ICICI Bank undertakes not to disclose Customer Information to any person, unless such action is necessary to:

  1. offer and provide our Services, including for the purposes set out in Section 5 above;

  2. conform to legal requirements or comply with legal process;

  3. protect or defend ICICI Bank's or its affiliates or group companies’ rights, interests or property;

  4. enforce the terms and conditions of the Services; or

  5. protect the interests of ICICI Bank, its affiliates, group companies, members, constituents, or of other persons.

Please note that to provide you with the Services, we may sometimes share confidential information that is about or belongs to ICICI Bank. We expect that you will keep such information confidential, and not share it with any third party. Your failure to keep this information confidential could result in loss to ICICI Bank, and if such failure does occur, ICICI Bank reserves the right to suspend Services being offered to you in addition to its other rights and remedies.

ICICI Bank will limit the collection and use of Customer Information to a need-to-know basis to deliver better service to Customers. ICICI Bank may share or store with, and otherwise transfer Customer Information to third parties (including our affiliates, group companies, successors, service providers, vendors and partners), subject to suitable confidentiality obligations, and in accordance with contractual terms, applicable laws and our instructions, in order to render the Services to you and to enable us to provide you information about the Services. Such third parties may include, but not be limited to, service professionals, vendors, social media companies, third-party service providers, storage providers, data analytics providers, consultants, and lawyers. These third parties shall use the Customer Information only for the above mentioned purposes or as per contractual obligations.

ICICI Bank may exchange, transfer or share all or a part of Customer Information with its affiliates, group companies, governmental agencies, and any third parties as may be required by applicable law, or for credit reporting, statistical analysis, credit scoring, verification, or risk management processes, and the Customer shall not hold ICICI Bank liable for such use or disclosure of this Customer Information.

  1. Storage and Transfer of Customer Information

ICICI Bank complies with applicable laws/internal policies in respect of the storage and transfer of Customer Information. As a part of your use of the Services, the Customer Information you provide to us may be transferred to and stored in countries other than the country you are based in. This may happen if any of our servers are from time to time located in a country other than the one in which you are based, or if one of our vendors, partners, or service providers is located in a country other than one you are based in. We ensure that that any recipients of Customer Information that we transfer are subject to suitable confidentiality obligations and access to and processing of Customer Information is in accordance with contractual terms, applicable laws, and our instructions.

  1. Retention of Customer Information

ICICI Bank may retain your Customer Information for as long as required to provide you with the Services in accordance with applicable laws and our internal policies, such as managing your account and dealing with any concerns that may arise, or if required for compliance with any legal or regulatory requirements, or for the institution, enforcement, or defence of legal claims.

ICICI Bank may also retain your Customer Information where we need to use it for our business and related purposes, including but not limited to, responding to queries or complaints, fighting fraud and financial crime or pursuant to contractual obligations.

If we do not require the retention of Customer Information, we use best efforts to destroy or delete such Customer Information as per our internal policies.

  1. Security of Customer Information

ICICI Bank endeavours to safeguard and ensure the security of the Customer Information using appropriate measures to protect it from unauthorised access, and follow standards prescribed by applicable law. ICICI Bank uses appropriately secure encryption for the transmission of Customer Information.

The Customer is required to cooperate with ICICI Bank in order to ensure the security of the Customer Information, and it is recommended that the Customer necessarily chooses their passwords carefully such that no unauthorised access is made by a third party. To make the password complex and difficult for others to guess, the Customer should use a combination of alphabets, numbers and special characters (like !, @, #, $, etc.). The Customer should not disclose their password to anyone or keep any written or other record of the password such that a third party could access it. 

  1. Updates to this Privacy Commitment

We may occasionally update this Privacy Commitment. By using our Services after such update, you consent to updates made to this Privacy Commitment.

We encourage you to periodically review this Privacy Commitment for the latest information on our privacy practices.

  1. Contact Us and Details of Grievance Officer

We understand that you may have questions about this Privacy Commitment, on how we process or handle your Customer Information, or may otherwise want to understand these aspects. We welcome you to reach out to us with your queries, grievances, feedback, and comments at [https://www.icicibank.com/feedback.page?ITM=nli_cms_compliments_complaintsfooter_link] or contact our grievance officer, whose details are provided below:

Name: Mr. Vinayak M. More

Designation: Grievance Officer

Email: headservicequality@icicibank.com

 

Privacy Policy for NRI customers

In the course of using the Website or availing the products and services vide the online application forms and questionnaires, ICICI Bank and its Affiliates may become privy to the personal information of Visitors (as defined in the Terms and Conditions, available elsewhere on this website), including information that is of a confidential nature.

ICICI Bank is strongly committed to protecting the privacy of Visitors and while it has taken all necessary and reasonable measures to protect the confidentiality of the Visitor information and its transmission through the world wide web, it shall not be held liable for disclosure of the confidential information when in accordance with this privacy Policy or in terms of the agreements, if any, with Visitors.

ICICI Bank uses 128-bit encryption, which is currently the permitted level of encryption in India, for the transmission of Visitor registration and transaction requests and information. When the information provided by Visitor is not transmitted through this encryption, the Visitor’s computer system (if configured accordingly) will display an appropriate message.

ICICI Bank undertakes not to disclose the information provided by Visitors to any person, unless such action is necessary to:

- Conform to legal requirements or comply with legal process;
- Protect and defend ICICI Bank's or its affiliates' rights, interests or property;
- Enforce the Terms and Conditions; or
- Act to protect the interests of ICICI Bank, its affiliates, or its members, constituents or of other persons.

However, the Internet is an open system and ICICI Bank cannot, and does not, guarantee that the personal information which the Registered User furnishes will not be intercepted or accessed by others and decrypted. ICICI Bank, its affiliates and partners, and its and their respective directors, employees, agents and representatives shall not be liable or responsible should any confidential or other information provided by or pertaining to the Visitor (including credit card numbers, bank account numbers, passwords, personal identification numbers, IDs, transaction details, etc.) be intercepted and subsequently used by an unintended recipient.

ICICI Bank will limit the collection and use of Visitor information only on a need-to-know basis to deliver a high level of service to the Visitors. ICICI Bank may use and share the information provided by the Visitors with its affiliates and third parties for providing services and any service-related activities such as collecting subscription fees for such services, and notifying or contacting Visitors regarding any problem with, or the expiration of, such services. In this regard, it may be necessary to disclose the Visitor information to one or more agents and contractors of ICICI Bank and their sub-contractors, but such agents, contractors, and sub-contractors will be required to agree to use the information obtained from ICICI Bank only for these purposes.

Visitors authorise ICICI Bank to exchange, share, part with all information related to the details and transaction history of the Visitor to ICICI Bank’s affiliates / banks / financial institutions / credit bureaus / agencies/participation in any telecommunication or electronic clearing network as may be required by law, customary practice, credit reporting, statistical analysis and credit scoring, verification or risk management and shall not hold ICICI Bank liable for use or disclosure of this information.

While ICICI Bank has no obligation to monitor the functioning of this website, Visitors acknowledge and agree that ICICI Bank has the right to monitor the functioning of this website electronically or otherwise from time to time and to disclose any information as necessary or appropriate to satisfy any law, regulation or other governmental request, to operate the Website properly or to protect itself, its affiliates and partners, and its and their respective directors, employees agents and representatives.

The records of access, instructions, transactions and other activities maintained or caused to be maintained by ICICI Bank through its or a third party's computer systems or on tape or other recording or storage device or otherwise shall be admissible in evidence, shall not be challenged by the Registered User and shall be accepted as genuine, accurate, conclusive and binding for all purposes including the recording of the time thereof.

 

Privacy Notice for EU customers

INTRODUCTION

ICICI Bank Limited, a banking company registered and incorporated under the Indian Companies Act, 1956 and existing under the Companies Act, 2013, having its registered office at ICICI Bank Towers, Near Chakli Circle, Old Padra Road, Vadodara-390007, Gujarat (hereinafter referred to as “ICICI Bank”, “we” or “our” or “us” which expression shall, unless it be repugnant to the subject or context thereof, include its successors and permitted assigns) is committed to protecting the privacy and security of your personal data. We shall process any personal data we collect from you in accordance with Data Protection Legislation (defined below) and the provisions of this Privacy Notice. Please read this Privacy Notice carefully to understand how and why we are using your personal data.


In this Privacy Notice:

Data Protection Legislation means the EU General Data Protection Regulation 2016/679 ("GDPR") together with all other applicable and national implementing legislation relating to privacy or data protection; and where we use the terms "personal data", "data subject", "controller", "processor" and "process" (and its derivatives), such terms shall have the meanings given to them in the Data Protection Legislation.

DATA CONTROLLER

For the purpose of the GDPR, ICICI Bank is the data controller of your information. As a data controller, we are responsible for deciding how we hold and use your personal data. We are required under the Data Protection Legislation to notify you of the information contained in this Privacy Notice.

COLLECTING INFORMATION FROM YOU

ICICI Bank will collect and process your personal data you provide us through application forms, our website, face-to-face and electronic communication (including telephone conversations), etc. in order to provide our services to you.

THE KIND OF INFORMATION WE PROCESS ABOUT YOU INLCUDE

  • Personal details such as name, address, date of birth, father’s name, mother’s name, email address, nationality, marital status, gender and phone numbers;
  • Other information such as visa, passport, overseas tax-identification number and overseas country-specific unique identifier
  • Current overseas residential address and permanent residential address and proof of overseas address such as address on passport, utility bills, bank statements, national ID cards and photographs
  • Transaction details
  • Financial Information
  • If you are seeking specialized services as permitted under applicable law, then your investment risk appetite and preferences, current investments profile and investment objectives and goals as shared by you
  • Voice biometric is used for NRI customers for enrollment for authentication purposes
  • Information in the nature of your occupation, education and qualifications, annual income and source of income
  • Details of nominee, witnesses, guardians which includes their signatures, addresses and relationship with you
  • Address proofs like valid passport, driving license, voter identification card, job card issues by issued by government agencies, and PAN card
  • IP addresses
  • CCTV footage and other information obtained through electronic means
  • Cookies

Advertising and Marketing

Links

There are links in our website leading to other third party websites. This Privacy Notice does not extend to those websites. We, therefore, would recommend you to read the data safeguarding policies of these websites.

Security

ICICI Bank takes the security of your personal data seriously. We have put in place appropriate technical and organizational security measures to protect your personal data and to prevent your personal information from being accidentally lost, used or accessed in an unauthorized manner, altered or disclosed. These precautions include for example the transfer of all data entered into our internet presence using SSL encryption (128 bit) or the use of a mandatory authentication mechanisms for access to your account.

LAWFUL GROUNDS FOR USING YOUR INFORMATION

We are permitted to process your personal data in compliance with Data Protection Legislation by relying on one or more of the following lawful grounds:

  • You have explicitly agreed to us processing such information for a specific reason.
  • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
  • The processing is necessary for compliance with legal obligations we have under certain laws.
  • The processing is necessary for the purposes of a legitimate interest pursued by us, which might be:
    1. to provide services to you;
    2. to ensure that our customer accounts are well-managed;
    3. to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes and to verify your identity in order
    4. to protect our business and to comply with laws that apply to us and/or where such processing is a contractual requirement of the services or financing you have requested;
    5. to protect our business interests;
    6. to ensure that complaints are investigated;
    7. to evaluate, develop or improve our services; or
    8. to keep our customers informed about relevant services, unless you have indicated at any time that you do not wish us to do so.

PURPOSES OF COLLECTING AND PROCESSING YOUR PERSONAL DATA

Specifically, we and our other group companies may use your information for the following purposes and under the following legal bases:

How we use your information
Legal basis
To provide and manage your account(s) and our relationship with you
  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
  • Where it's in our legitimate interests to ensure that our customer accounts are well-managed, so that our customers are provided with a high standard of service, to protect our business interests and the interests of our customers
To give you statements and other information about your account or our relationship
  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
To handle enquiries and complaints
  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
  • Where it's in our legitimate interests to ensure that complaints are investigated, for example, so that our customers receive a high standard of service and so that we can prevent complaints from occurring in future
  • In the case of sensitive information, such as medical information, where you have agreed
To provide our services to you
  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this

For assessment, testing (including systems tests) and analysis (including credit and/ or behaviour scoring), statistical, market and product analysis and market research.

  • Where the law requires this
  • Where it's in our legitimate interests to develop, build, implement and run business models and systems which protect our business interests and provide our customers with a high standard of service
To evaluate, develop and improve our services to you and other customers
  • Where it’s in our legitimate interests continually to evaluate, develop or improve our products as well as the experiences of users of our sites, so that our customers are provided with a high standard of service
To protect our business interests and to develop our business strategies
  • Where it's in our legitimate interests to protect our people, business and property and to develop our strategies
  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
  • In the case of sensitive information, such as voice biometric information, where you have agreed
To contact you, by post, phone, text, email and other digital methods. This may be:
  • to help you manage your accounts
  • to meet our regulatory obligations
  • to keep you informed about products and services you hold with us and to send you information about products or services (including those of other companies) which may be of interest to you.
  • Where the law requires this
  • Where we have agreed to contact you in our agreement
  • Where the law requires this
  • Where you agree
  • Where it’s in our legitimate interests to share information with our customers about products / services that may be relevant and beneficial to them. Where we send you marketing messages, you can always tell us when you no longer wish to receive them.
To collect any debts owing to us
  • Where it's in our legitimate interests to collect any debts owing to us
  • In the case of sensitive information, such as medical information, where you have agreed
To meet our regulatory compliance and reporting obligations and to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes. We may record your image on CCTV when you visit our premises.
  • Where the law requires this
  • Where it's in our legitimate interests to prevent and investigate fraud, money laundering and other crimes
  • Where such processing is a contractual requirement of the services or financing you have requested
To assess any application you make, including carrying out fraud, money laundering, identity, sanctions screening and any other regulatory checks.
  • Where you have made data public
  • Where such actions are in our legitimate interests, for the protection of our business interests
  • Where the law requires this
  • In the case of sensitive information, such as medical information, where you have agreed
To monitor, record and analyse any communications between you and us, including phone calls
  • Where it’s in our legitimate interests, to check your instructions to us, to prevent and detect fraud and other crime, to analyse, assess and improve our services to customers, and for training, for the enhancement of our customer service provision and protection of our business interests
  • In the case of sensitive information, such as medical information, where you have agreed
To transfer your information to or share it with any third party to whom your account has been or may be transferred following a restructure, sale or acquisition of any group company
  • Where necessary for the performance of our agreement with you
  • Where we have a legitimate interest in restructuring or selling part of our business
To share your information with India or other relevant tax authorities, Reserve Bank of India and other government authorities, credit reference agencies, fraud prevention agencies, and India and overseas regulators and authorities
  • Where the law requires this
  • Where we have a legitimate interest in performing certain credit checks so that we can make responsible business decisions. As a responsible organisation, we need to ensure that we only provide certain products to companies and individuals where the products are appropriate, and that we continue to manage the services we provide, for example if we consider that you may have difficulties making a payment to us.
  • Where we have a legitimate interest in assisting with the prevention and detection of fraud and other crime
  • Where we have a legitimate interest in assisting UK and overseas regulators, who monitor banks to ensure that they comply the law and regulations
  • More detail on our data sharing with these organisations is set out below
To share your information with our partners and service providers
  • Where necessary for the performance of our agreement
  • Where we have a legitimate interest in using third parties to provide some services for us or on our behalf

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you or we may be prevented from complying with our legal obligations.


AUTOMATED DECISION MAKING

If you apply to us for a product, your application may be processed by an automated decision-making process which may carry out credit and affordability assessment checks to determine whether your application should be accepted or not. Where these automated processes suggest that your application should be rejected, we may manually review your application before making a final decision. We may also use automated processes to decide credit limits.

We may also carry out automated anti-money laundering and sanction checks. This means that we may automatically decide that you pose a fraud or money laundering risk if the processing reveals your behaviour to be consistent with that of known fraudsters or money launderers and is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk: (i) we may refuse to provide the services you have requested, or we may stop providing existing services to you; and (ii) a record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services or employment to you.

INFORMATION SHARING

We keep all your personal data confidential. However, in order to be able to service your needs to the best of our ability, we may share any information you provide to us with our group companies and their agents, counterparties and support service or data providers, wherever located. If you have provided information to other members of our group, those entities may also share that information with us.

To help us provide services, your data will be processed internally and externally by other third parties. We use third parties for administrative, servicing, monitoring of your data. We will outsource some services to third parties whom we consider capable of performing the required processing activities so that there is no reduction in the service standard provided to you by us.

Due to the size and complexity of our operations, it is not possible for us to name each of our data recipients in this notice. However, we only share your personal data with categories of recipients given below, whenever required:

  • Any revenue service or tax authority including Income Tax Department, if obliged to do so under applicable regulations.
  • Overseas regulators and authorities in connection with their duties (such as crime prevention).
  • Anyone to whom we may transfer our rights and/or obligations;
  • Any other person or organization after a restructure, sale or acquisition, as long as that person uses your information for the same purposes as it was originally given to us or used by us (or both)
  • Credit reference, identity and address verification organizations who may record and use your information and disclose it to other lenders, financial services organizations and insurers. Your information may be used by those third parties to make assessments in relation to your creditworthiness for debt tracing.
  • Fraud prevention agencies and law enforcement agencies who will use it to prevent fraud and money-laundering and to verify your identity if false or inaccurate information is provided by you and fraud is identified. We, fraud prevention agencies and law enforcement agencies may access and use your information for example, when:
    1. Checking details on applications for credit and credit related or other facilities;
    2. Managing credit and credit related accounts or facilities;
    3. Recovering debt;
    4. Checking details on proposals and claims for all types of insurance
  • Other product and service providers for products and services which you would have agreed to avail or being referred to
  • Service providers as appointed from time to time for operational support to the Bank
  • Courier or postal service providers for the purpose of sending of mails to you as a customer
  • Social media websites for our marketing campaigns where permitted

For further information, please refer to our product specific terms and conditions and application form.

DETAILS OF DATA TRANSFERS OUTSIDE THE EU

As we are a bank established in India, if you are an EU resident, information about you will be transferred to us and to other parties in countries outside the European Economic Area (particularly India) for any of the purposes described in this Privacy Notice.

You understand and accept that these countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar process. In addition, a number of countries have agreements with other countries providing for exchange of information for law enforcement, tax and other purposes.

If we transfer your information outside the European Economic Area in (for example because we have to provide such information by law), we will use best endeavours to put in place appropriate safeguards to ensure that your information remains adequately protected.

RETENTION AND DISPOSAL OF DATA AND OUTPUT

We will keep the information we collect about you on our systems or with third parties for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. or as required to comply with any legal obligations to which we are subject.

STORAGE OF YOUR PERSONAL DATA AND DATA SECURITY

All information you provide to us is stored in our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping such password confidential. We ask you not to share your password with anyone.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know basis. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

OUR COMMUNICATION WITH YOU

We may communicate with you via electronic mail (e-mail). We will never ask you for your password.

When you contact us through any of our communication channels including visiting a local branch or calling the telephone banking service, we will verify your identity by asking you a number of questions based on information known to us about you and the transactions on your account. We may record your calls for training, quality and security purposes.

MARKETING INFORMATION

We and other members of our group may use your information from time to time to inform you by letter, telephone, text (or similar) messages, email or other electronic means, about similar services which may be of interest to you or them.

You may opt out of marketing at any time using Do Not Call-

https://www.icicibank.com/do-not-call.page?

RIGHTS OVER YOUR PERSONAL DATA

You may be entitled under the Data Protection Legislation to the following rights in respect of your personal data:

  • Be informed about the processing of your personal data (i.e. for what purposes, what types, to which recipients it is disclosed, storage periods, any third party sources from which it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences).
  • Object to your personal data being processed for a particular purpose or to request that we stop using your information.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you
  • Request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.
  • Withdraw, at any time, any consent that you have previously given to us for our use of your personal data.
  • Ask us to stop or start sending you marketing messages at any time.
  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.
  • Request the erasure of your personal data. This enables you to ask us to delete or remove personal data where you think that we do not have the right to process it.

Any request for access to or a copy of your personal data must be through service request on Rights under GDPR and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will provide this information free of charge unless the request is manifestly unfounded or excessive. We will comply with our legal obligations as regards any individual’s rights as a data subject.

If you would like to contact us to get more information on your rights, wish to exercise your rights, or have any questions about our privacy notice please contact us using the following contact details. To protect your privacy and security, we may take reasonable steps to verify your identity before providing you with the details.

Mr. Pramod PC, The Data Protection Officer, ICICI Bank, ICICI Bank Towers, Bandra Kurla Complex, Mumbai- 400051.

idataprotection@icicibank.com

RIGHT TO COMPLAIN TO THE SUPERVISORY AUTHORITY

You have a right to lodge a complaint with the supervisory authority of state of habitual residence for data protection issues.

CHANGES TO THIS PRIVACY NOTICE

The content or services mentioned on our website may be changed in future and consequently we reserve the right to update this Privacy Notice at any time. Any changes we may make to this Privacy Notice in the future will be posted on this page and where appropriate, notified to you by email. We recommend that you re-visit this page regularly and inform us if you do not agree to any term mentioned here.

 

Cookie Guidance

Safeguarding your right to privacy is imperative to us. Hence, we request you to peruse through our Cookie Guidance.

Anonymous information retrieval

Our NRI Services and Money2India websites (www.icicibank.com/nri & www.money2india.com) may be accessed by you anonymously. That means, your personal data (e.g. name or address) will not be collected. We only gather, stock and make use of anonymous information like the name of the Internet provider, the website from where you access our site and the websites you access from our site. All this is collated for reasons that are statistical and calculated to modify our website to serve the needs of our users in an appropriate manner. Your identity as a user will always stay unidentified.

Cookies

We acquire information about your general internet usage through cookie files kept on your computer hard drive. These cookies hold information that is transferred to your computer's hard drive. They help us improve our website and deliver a more customised service. The NRI Services and Money2India websites currently use the following cookies:

CookieType of cookieCategoryCurrent use

WT_FPC
cs-token
bc.visitorToken
JSESSIONID
lsCookieLevel
_uetvid

Website cookie

Essential

This is a Java Script file which defines the behavior of the top navigation of our website and is used for faster loading and effective representation of information on it, enabling our site to function as intended.

_fbp fr

Facebook cookie

 

Performance & Statistical

 

These cookies are used by Google Analytics and give us information about how visitors use our website. The cookies collect information in an anonymous form, including the number of visitors to the site, how visitors were directed to the website, and the pages they have visited. They are usedacross ICICI Bank NRI Website

_ga

Google Analytics cookies

_gid

GA cookies are used to distinguish users.

_vis_opt_s

Persistent / Session

Targeting

This cookie detects if the user is new or returning to a particular campaign.

_vwo_ds
_vwo_sn
_vwo_uuid
_vwo_uuid_v2

Persistent / Session

Performance & Statistical

Used by Visual Web Optimizer when testing new functionality on the website.

 

You may refuse to accept cookies by activating the setter on your browser, which allows you to refuse the setting of cookies. However, this may cause certain parts of our website to remain inaccessible to you. Until you have set your browser setting to refuse cookies, our system will continue to issue cookies when you log onto our site. Please take note of the fact that our advertisers may also use cookies and we have no control over this.

Advertising and Marketing

Links

There are links in our website leading to other sites. This guidance does not extend to those sites. We therefore would recommend the reading of the data safeguarding policies of these sites.

Security

All proper and expected technical and organizational security procedures have been taken to shield your personal data and to prevent that no unauthorized persons gain access to the same. These precautions include for example the transfer of all data entered into our internet presence using SSL encryption (128 bit) or the use of a mandatory authentication mechanism for access to your account.