Information to Public on
Data Privacy policy of the Bank

(Revised in January 2024)

1. Introduction

ESAF Small Finance Bank is committed to ensure the privacy of customer data and information; and to use personal information in a very judicious manner. The Bank is guided by the regulations and best practices in the area of data privacy. If a customer provides certain information with which that customer can be identified personally, he/she can remain rest assured that the information would be used only in accordance with the Bank's Data Privacy Policy approved by the Board of Directors.

2. Definitions

The use of the term "The Bank" refers to ESAF SMALL FINANCE BANK (ESFB).

WEBSITE means website of the Bank with URL: https://www.esafbank.com and other sites that can be directly reached by the URL owned by the Bank.

APPLICATION means any Digital Applications of the ESAF SMALL FINANCE BANK (ESFB).

USER refers to persons who access the Bank's Website and/or Digital Applications.

CUSTOMER refers to person doing any transactions with the Bank directly or indirectly.

PERSONAL INFORMATION includes but not limited to, financial information including banking related information, financial and credit information, ethnicity, caste, race or religion, biometric information, full name, date of birth, contact number, email, address, PAN, TAN, payment card information, photographs, passport number, driver's license number, Aadhar card number and other identity card information, Etc. However, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other laws in force shall not be regarded as sensitive personal data or information for the purposes of Data Privacy.

PRIVACY POLICY refers to the Data Privacy Policy of the Bank, approved by its Board of Directors.

THIRD PARTY refers to an entity that is not the Bank or its direct customer.

3. Scope & Coverage

The Policy covers all users who interact with the Bank / Website / Digital Applications and whose personal information is collected / received / transmitted / processed / stored / dealt with and / or handled by the Bank. This Policy covers the "sensitive personal data or information" of customers, which are handled by the Bank in any form or mode.

The Privacy Policy does not, however, extend to third party websites / applications linked to the Bank's Websites and Digital Applications.

4. Collection of Information

The Bank collects and uses the financial and personal information from its customers as is required under various regulations and guidelines including the KYC norms prescribed by the Reserve Bank of India. Such information is collected and used for specific business purposes or for other related purposes or for a lawful purpose, to comply with the applicable laws and regulations.

5. Consent

By making available their personal information to the Bank, the customers are deemed to have provided their consent to the Bank to use all such information -

  • i. For extending the products or services requested for / applied for or shown interest in,
  • ii. To enable the Bank for verification and check.
  • iii. To process applications, requests, transactions and / or to maintain records as per internal or legal or regulatory requirements, and / or.
  • iv. For any other lawful purposes.

6. Usage of Information

The Bank may use Personal Identification Information for the following purposes and/or for any other lawful purposes.

Note:

The Bank will not be responsible for content, information usage and privacy policies of linked sites which are not under control of the Bank. Confirmation of authenticity of the personal information provided by the customer will not be responsibility of the Bank.

7. Information Protection

The Bank's customers have access to a broad range of products and services such as basic Banking products, ATM, online Banking, Mobile Banking etc. To deliver products and services effectively and conveniently, it is extremely important that the Bank uses technology to manage and maintain certain customer information while ensuring that customer information is kept confidential and safe.

The Bank is committed to ensure that the information is secure. The collected information data from customer / user will be stored as per regulatory guidelines. In order to prevent unauthorised access or disclosure, the Bank has put in place physical, electronic and managerial procedures to safeguard and secure the data and information that the Bank collects.

8. Information Sharing

9. Retention and Disposal

10. Contact the Bank

Customers of the Bank can raise queries on this document for any clarifications or for more details, by emailing to the following email ID of the Bank.

infosec@esafbank.com

Alternatively, they may forward the same to the below mentioned mailing address.

Chief Information Security Officer, ESAF Small Finance Bank, ESAF Bhavan, Mannuthy, Thrissur, Kerala, India - 680651.

The set of information as above, regarding the policy of the Bank on Data Privacy is published and made known to the public through our Bank website, in order to ensure transparency and to create awareness.