Privacy Commitment (India)

Updated on 6th Jan 2024

 

  1. Introduction

This Privacy Commitment is applicable to personal information and sensitive personal data or information, including information that is of a confidential nature (“Customer Information”) belonging to the customers, potential customers, and other users of the Services (“Customer(s)” or “you”) of ICICI Bank Limited, its affiliates and group companies (collectively, “ICICI Bank”, “we”, “our”, or “us”).

In the course of using this website, mobile applications, or its custom extensions, or availing products and services vide online or offline platforms including bank branches, other points of sales, third party platforms, or through communications, by electronic means or otherwise, or any other mode/platform communicated/introduced by ICICI Bank from time to time (collectively, the “Services”), ICICI Bank may collect, receive, possess, store, use, deal, handle, transfer, retain and otherwise process Customer Information. By using or otherwise accessing our Services, you confirm that you have read and agreed to be bound by this Privacy Commitment and consent to the collection, receipt, possession, storage, usage, dealing with, handling, processing, transfer and retention of your Customer Information by ICICI Bank as described in this Privacy Commitment.

ICICI Bank is strongly committed to protecting the privacy of its Customers and has taken all necessary and reasonable measures to protect the confidentiality of the Customer Information and its transmission.

 

  1. Customer Information

Customer Information includes, without limitation, the following categories of personal data/sensitive personal data that we may collect, receive, possess, store, use, deal, handle, transfer, and otherwise process as per applicable laws:

  1. Data about you: This may include, without limitation, your name, user IDs, signature, email addresses, phone numbers, addresses, KYC/identity documents (for example: Aadhaar and PAN), biometric data, communications with us, device and location data, information about how you use our Services, etc.

  2. Financial data: This includes, without limitation, information about your bank account details, financial information, payment credentials, transaction data, loan details such as amounts, lending history, and repayments, credit history and income details. .

  3. Marketing and communications data: This includes, without limitation, your preferences relating to receiving marketing messages from us and our service providers, and your communication preferences.

    You must ensure that all Customer Information that you provide us with is accurate, up-to-date, and true. You will be responsible for any errors, discrepancies, or inaccuracies in the Customer Information you share with us, except for such Customer Information that has been verified through KYC processes set out by applicable law and backed by documentary proof. When you use our Services, we make best efforts to provide you with the ability to access and correct inaccurate or deficient Customer Information, subject to any legal requirements.

 

  1. Collection of Customer Information

We are required to collect Customer Information to provide you with the Services, to comply with our contractual obligations and applicable law. If you do not wish to provide such Customer Information as and when requested by us, it will diminish our ability to perform our obligations under the arrangement we have with you or are trying to enter into with you (for example, to provide you with features of the Services). And consequently, we may be constrained to cancel or limit your access to the Services (or part thereof).

We use different methods to collect Customer Information from and about you, including, without limitation, through:

  1. Direct interactions: This includes Customer Information you consent to give us when you use our Services or when you interact with us, including, without limitation, when you:

    1. create an account with us;

    2. use the Services or carry out other activities in connection with the Services;

    3. consent to receiving marketing communications; or

    4. report a problem with the Services, give us feedback, or contact us.

  2. Automated technologies or interactions: When you use the Services, we may automatically collect data about your equipment, browsing actions, and patterns. We collect this data by using cookies, web beacons, pixel tags, server logs, and other similar technologies. We may also receive such data about you if you visit other websites that use our cookies.

  3. Third parties or publicly available sources: We receive Customer Information from publicly available sources as well as various third parties, such as our service providers, credit bureaus, partners, alliance partners, group companies, agents, affiliates and government portals.

 

  1. Cookies

The ICICI Bank website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies that are text files containing small amounts of information (this does not include personal sensitive information) which are downloaded to your device when you visit a website in order to provide you a personalised browsing experience. Cookies do lots of different jobs, like allowing you to navigate between pages efficiently, remembering your preferences, and generally improving your browsing experience. These cookies collect information analytics about how you use a website (for example: often visited pages).

We may contact third-party service providers to assist us in better understanding our site visitors. These service providers may use the information collected on our behalf to help us conduct and improve our Services.

Additionally, you may encounter cookies or other similar devices that are placed by third parties on certain pages of the website. We do not control the use of cookies by third parties. All information collected by third party cookies is aggregated and therefore anonymous.

You are free to disable or delete these cookies by changing your web browser settings. ICICI Bank is not responsible for cookies placed in Customers’ devices by any third party and information collected thereby.

 

  1. Use of Customer Information

We will only use your Customer Information as permitted under applicable law or pursuant to contractual obligations. Most commonly, we will use your Customer Information to perform the Services or to comply with a legal/contractual obligation. We use your Customer Information without limitation, for the following purposes:

 

  1. to verify your identity to register you as a Customer, and create and operate your account(s) with us;

  2. to provide the Services to you;

  3. to process payments made through our Services;

  4. to comply with legal obligations;

  5. to administer and protect our business and the Services, including for troubleshooting, data analysis, system testing, and performing internal operations;

  6. for risk control, fraud detection, and prevention;

  7. to perform our obligations that arise out of the arrangement we are about to enter or have entered with you;

  8. to respond to court orders, establish or exercise our legal rights, or defend ourselves against legal claims;

  9. to improve customer service to effectively respond to your service requests and support needs;

  10. to improve the functionality of our Services based on the information and feedback we receive from you;

  11. to send notifications to manage our relationship with you including to notify you of changes to our Services, send you information and updates pertaining to the Services you have availed, and to receive occasional company news and updates related to us or the Services;

  12. to monitor trends and personalise your experience;

  13. to market and advertise the Services to you;

  14. to improve our business; and

  15. To conduct training and AI-based skill training.

 

  1. Disclosure of Customer Information

ICICI Bank undertakes not to disclose Customer Information to any person, unless such action is necessary to:

  1. offer and provide our Services, including for the purposes set out in Section 5 above;

  2. conform to legal requirements or comply with legal process;

  3. protect or defend ICICI Bank's or its affiliates or group companies’ rights, interests or property;

  4. enforce the terms and conditions of the Services; or

  5. protect the interests of ICICI Bank, its affiliates, group companies, members, constituents, or of other persons.

Please note that to provide you with the Services, we may sometimes share confidential information that is about or belongs to ICICI Bank. We expect that you will keep such information confidential, and not share it with any third party. Your failure to keep this information confidential could result in loss to ICICI Bank, and if such failure does occur, ICICI Bank reserves the right to suspend Services being offered to you in addition to its other rights and remedies.

ICICI Bank will limit the collection and use of Customer Information to a need-to-know basis to deliver better service to Customers. ICICI Bank may share or store with, and otherwise transfer Customer Information to third parties (including our affiliates, group companies, successors, service providers, vendors and partners), subject to suitable confidentiality obligations, and in accordance with contractual terms, applicable laws and our instructions, in order to render the Services to you and to enable us to provide you information about the Services. While due to the size and complexity of our operations, it is not possible for us to name each of the third parties in this Privacy Commitment. Such third parties may include, but not be limited to:

(a) Any revenue service or tax authority including Income Tax Department, if obliged to do so under applicable regulations.

(b) Overseas regulators and authorities in connection with their duties (such as crime prevention).

(c) Anyone to whom we may transfer our rights and/or obligations;

(d) Any other person or organization after a restructure, sale or acquisition, as long as that person uses your information for the same purposes as it was originally given to us or used by us (or both)

(e) Credit reference, identity and address verification organizations who may record and use your information and disclose it to other lenders, financial services organizations and insurers. Your information may be used by those third parties to make assessments in relation to your creditworthiness for debt tracing.

(f) Fraud prevention agencies and law enforcement agencies who will use it to prevent fraud and money-laundering and to verify your identity if false or inaccurate information is provided by you and fraud is identified. We, fraud prevention agencies and law enforcement agencies may access and use your information for example, when:

  1. Checking details on applications for credit and credit related or other facilities;

  2. Managing credit and credit related accounts or facilities;

  3. Recovering debt;

  4. Checking details on proposals and claims for all types of insurance

(k) Other product and service providers for products and services which you would have agreed to avail or being referred to

(l) Service providers as appointed from time to time for operational support to the Bank

(m) Courier or postal service providers for the purpose of sending of mails to you as a customer

(n) Social media websites for our marketing campaigns where permitted

(o) Data analytics providers.

(p) Consultants and lawyers.

For further information, please refer to our product specific terms and conditions and application form.

These third parties shall use the Customer Information only for the above mentioned purposes or as per contractual obligations.

ICICI Bank may also exchange, transfer or share all or a part of Customer Information with its affiliates, group companies, as may be required by applicable law, and the Customer shall not hold ICICI Bank liable for such use or disclosure of this Customer Information.

 

  1. Storage and Transfer of Customer Information

ICICI Bank complies with applicable laws/internal policies in respect of the storage and transfer of Customer Information. As a part of your use of the Services, the Customer Information you provide to us may be transferred to and stored in countries other than the country you are based in. This may happen if any of our servers are from time to time located in a country other than the one in which you are based, or if one of our vendors, partners, or service providers is located in a country other than one you are based in. We ensure that that any recipients of Customer Information that we transfer are subject to suitable confidentiality obligations and access to and processing of Customer Information is in accordance with contractual terms, applicable laws, and our instructions.

 

  1. Retention of Customer Information

ICICI Bank may retain your Customer Information for as long as required to provide you with the Services in accordance with applicable laws and our internal policies, such as managing your account and dealing with any concerns that may arise, or if required for compliance with any legal or regulatory requirements, or for the institution, enforcement, or defence of legal claims.

ICICI Bank may also retain your Customer Information where we need to use it for our business and related purposes, including but not limited to, responding to queries or complaints, fighting fraud and financial crime or pursuant to contractual obligations.

If we do not require the retention of Customer Information, we use best efforts to destroy or delete such Customer Information as per our internal policies.

 

  1. Security of Customer Information

ICICI Bank endeavours to safeguard and ensure the security of the Customer Information using appropriate measures to protect it from unauthorised access, and follow standards prescribed by applicable law. ICICI Bank uses appropriately secure encryption for the transmission of Customer Information.

The Customer is required to cooperate with ICICI Bank in order to ensure the security of the Customer Information, and it is recommended that the Customer necessarily chooses their passwords carefully such that no unauthorised access is made by a third party. To make the password complex and difficult for others to guess, the Customer should use a combination of alphabets, numbers and special characters (like !, @, #, $, etc.). The Customer should not disclose their password to anyone or keep any written or other record of the password such that a third party could access it.

The security of customer’s personal information is a priority and the same is protected by maintaining adequate physical, electronic and procedural safeguards that meet applicable laws & regulatory guidelines. The Bank implements and maintains it security systems  to ensure  that the personal Information of the customer is appropriately protected. 

Bank follows a Board approved framework for handling security incidents.  The same is designed to align with the bank’s regulatory obligations, internal governance policies, and widely recognized industry best practices &  standards.

 

  1. Updates to this Privacy Commitment

We may occasionally update this Privacy Commitment. By using our Services after such update, you consent to updates made to this Privacy Commitment.

We encourage you to periodically review this Privacy Commitment for the latest information on our privacy practices.

 

  1. Contact Us and Details of Grievance Officer

We understand that you may have questions about this Privacy Commitment, on how we process or handle your Customer Information, or may otherwise want to understand these aspects. We welcome you to reach out to us with your queries, grievances, feedback, and comments at [https://www.icicibank.com/feedback.page?ITM=nli_cms_compliments_complaintsfooter_link] or contact our grievance officer, whose details are provided below:

Name: Ms. Sharlet Malvankar

Designation: Principal Nodal Officer

Email: pno@icicibank.com

 

 

Privacy Policy for NRI customers

In the course of using the Website or availing the products and services vide the online application forms and questionnaires, ICICI Bank and its Affiliates may become privy to the personal information of Visitors (as defined in the Terms and Conditions, available elsewhere on this website), including information that is of a confidential nature.

ICICI Bank is strongly committed to protecting the privacy of Visitors and while it has taken all necessary and reasonable measures to protect the confidentiality of the Visitor information and its transmission through the world wide web, it shall not be held liable for disclosure of the confidential information when in accordance with this privacy Policy or in terms of the agreements, if any, with Visitors.

ICICI Bank uses 128-bit encryption, which is currently the permitted level of encryption in India, for the transmission of Visitor registration and transaction requests and information. When the information provided by Visitor is not transmitted through this encryption, the Visitor’s computer system (if configured accordingly) will display an appropriate message.

ICICI Bank undertakes not to disclose the information provided by Visitors to any person, unless such action is necessary to:

- Conform to legal requirements or comply with legal process;
- Protect and defend ICICI Bank's or its affiliates' rights, interests or property;
- Enforce the Terms and Conditions; or
- Act to protect the interests of ICICI Bank, its affiliates, or its members, constituents or of other persons.

However, the Internet is an open system and ICICI Bank cannot, and does not, guarantee that the personal information which the Registered User furnishes will not be intercepted or accessed by others and decrypted. ICICI Bank, its affiliates and partners, and its and their respective directors, employees, agents and representatives shall not be liable or responsible should any confidential or other information provided by or pertaining to the Visitor (including credit card numbers, bank account numbers, passwords, personal identification numbers, IDs, transaction details, etc.) be intercepted and subsequently used by an unintended recipient.

ICICI Bank will limit the collection and use of Visitor information only on a need-to-know basis to deliver a high level of service to the Visitors. ICICI Bank may use and share the information provided by the Visitors with its affiliates and third parties for providing services and any service-related activities such as collecting subscription fees for such services, and notifying or contacting Visitors regarding any problem with, or the expiration of, such services. In this regard, it may be necessary to disclose the Visitor information to one or more agents and contractors of ICICI Bank and their sub-contractors, but such agents, contractors, and sub-contractors will be required to agree to use the information obtained from ICICI Bank only for these purposes.

Visitors authorise ICICI Bank to exchange, share, part with all information related to the details and transaction history of the Visitor to ICICI Bank’s affiliates / banks / financial institutions / credit bureaus / agencies/participation in any telecommunication or electronic clearing network as may be required by law, customary practice, credit reporting, statistical analysis and credit scoring, verification or risk management and shall not hold ICICI Bank liable for use or disclosure of this information.

While ICICI Bank has no obligation to monitor the functioning of this website, Visitors acknowledge and agree that ICICI Bank has the right to monitor the functioning of this website electronically or otherwise from time to time and to disclose any information as necessary or appropriate to satisfy any law, regulation or other governmental request, to operate the Website properly or to protect itself, its affiliates and partners, and its and their respective directors, employees agents and representatives.

The records of access, instructions, transactions and other activities maintained or caused to be maintained by ICICI Bank through its or a third party's computer systems or on tape or other recording or storage device or otherwise shall be admissible in evidence, shall not be challenged by the Registered User and shall be accepted as genuine, accurate, conclusive and binding for all purposes including the recording of the time thereof.