This application collects some Personal Data (including account related information) from its users.
Following data is accessed for purposes mentioned below and using the services:
Data / Information
Bank account information
View account information and generate statement
Password (Default password provided by the system and password created by the user)
Mobile app login
Collection of personally identifiable information and other information
When you use our application we may collect and store your personal information, with your permission. We do so to ensure that you are provided a safe, efficient, smooth and seamless experience. This also allows us to understand your needs and provide tailored services and features. We strive to provide for customizations on our application to ensure that your experience is always safer and easier. This requires collection of personal information to the extent necessary for achieving this purpose and objective.
Please note that it is mandatory to register yourself in order to use M Pass Book. We may automatically track certain information about you based upon your behaviour on our app to the extent permitted by law.
We collect personally identifiable information (name, phone numberetc.) from you when you register with us to create your unique identification in terms of Virtual Payment Address and/ or any other unique registration identification that is/ shall be made available to our customers.
Use of Demographic/ Profile Data/ Your Information
We use personal information to provide the services you request. We use personal information to resolve disputes; we may use the information to keep you apprised on any online and offline offers, products, services and updates that shall be made available for use of our customers. We may use this information to customize your experience; detect and protect us against error, fraud and other criminal activity; enforce our terms and conditions which are an integral part of the use of this application; and as otherwise described to you at the time of such collection.
We identify and use your IP address to help diagnose problems with our server, and to administer our app. Your IP address is also used to help identify you and to gather broad demographic information.
Sharing of personal information
We may disclose personal information if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal processes. We may disclose personal information to law enforcement officers upon such requests, third party rights owners or others in order to:
- Respond to claims that an advertisement, posting or other content violates the rights of a third party
- Protect the rights, property or personal safety of our users or the general public.
Methods of data processing:
Data is controlled and processed in-house by the Bank. The in-house data centre processes the data of users in a proper manner and appropriate security measures are taken to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the data. The data processing is carried out using computers and / or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the data centre, in some cases, the data may be accessible to bank officials, involved with the operation of the service (administration, sales, marketing, legal, system administration) or external parties (such as vendors, third party technical service providers, mail & SMS carriers) appointed, if necessary, as data processors by the business owner. The updated list of these parties may be requested from the business owner at any time.
Storage of your information:
The Bank shall maintain personal data, and records of transactions between the Bank and the customer for periods set out as per the Data Protection Act of Kenya.
The Bank has well defined procedures for process of sanitization, to expunge data from storage media for destruction as per the Data Protection Act of Kenya.
The Bank has well defined procedures and standards for handling data security.
Place of data processing: Data is processed at the Bank’s data centre in India (Parent Bank) and in any other places where the parties involved with the processing are located. The Parent Bank may also outsource personal data as required from time to time as per their requirements.
Retention time: The data is kept for the time necessary as set out by requirements of the Data Protection Act of Kenya and as per other Kenyan regulations (like Anti Money Laundering Regulations).
Legal action: The user's personal data may be used for legal purposes by the Bank, in court or in the stages leading to possible legal action arising from improper use of this application or the related services. The user is aware of the fact that the Data Controller may be required to reveal personal data upon request of public authorities.
System Logs and Maintenance: For operation and maintenance purposes, this application and any third-party services may collect files that record interaction with this application (system logs).
Information not contained in this policy: More details concerning the collection or processing of personal data may be requested from the Bank at any time.
The rights of users: Users have the right, at any time, to know whether their personal data has been stored and can consult the Bank to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, updated or corrected, or to delete any data held in violation of the law. Requests should be sent to the Bank’s Data Protection Officer at firstname.lastname@example.org. .
Definitions and legal references
Personal data (or Data): Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Usage data: Information collected automatically from this application (or third party services employed in this application ), which can include: the mobile number and SIM serial number of the Users who use this application, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the application) and the details about the path followed within the application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the user's IT environment.
User: The individual (registered customer) using this application, which must coincide with or be authorized by the bank Subject, to whom the personal data refer.
Bank (or owner): Bank of Baroda Kenya Ltd is the owner of this application.
This application: M Pass Book. The hardware or software tool by which the personal data of the user is collected.
Cookie: Small piece of data stored in the user's device.