Today's Exchange Rate
INR 54.98/AUD
Today's Exchange Rate
INR 54.98/AUD
This Privacy Notice outlines HDFC Bank Limited’s (“HDFC Bank”) approach to data protection to fulfil its obligations under
the EU General Data Protection Regulation 2016/679 ("GDPR"). This Privacy Notice applies to personal
data of the Covered Person(s) which is processed by or for HDFC Bank as a controller, whether in physical or
electronic mode. In this Privacy Notice, the expressions ‘personal data’, ‘data subject’, ‘controller’, ‘processor’
and ‘processing’ shall have the meanings given to them in the GDPR.
HDFC Bank is committed to treating data privacy seriously. It is important that you know exactly what we do
with the personal data you and others provide to us, why we process it and what it means to you. Please read
this Privacy Notice carefully to understand our views and practices regarding your personal data and how we will
treat it.
Data Privacy Matters
This Privacy Notice applies in relation to all our products and services as applicable to the Covered Persons. Your product or service terms and conditions will specify which of our businesses is providing the relevant product or service to you. If you are a customer of one of these businesses, please also read the Data Privacy Notice applicable to such respective businesses. If you have any questions about how your personal data is processed, please contact our Privacy Contact.
Who we are
Throughout this document, “we”, “us”, “our” and “ours” refer to HDFC Bank & Quickremit.
HDFC Bank means:
HDFC Bank Limited having its registered office at Senapati Bapat Marg, Lower Parel (West), Mumbai 400013, Mumbai,
India and includes its branches in and outside India and subsidiary companies.
Website :
https://www.hdfcbank.com/
Our contact details are given at the end of this Privacy Notice. Should you need further details about HDFC
Bank, please visit the about us page in our website.
Who is covered under this Notice (Covered Persons)?
Any natural person in relation to whose personal data (to the extent processed by or for HDFC Bank), the GDPR applies, shall be to the extent of such personal data and such processing be the "Covered Person(s)" or “You”.
The information we collect about you
The information we collect falls into various categories as under:
When and how we collect personal data about you?
Personal data about you is gathered or collected:
How we process your Personal Data?
Whether we’re using it to confirm your identity, to help in the processing of an application for a product or service or to improve your experiences with us, your personal data is always handled with care and the principles outlined in this Data Privacy Notice are always applied.
Lawfulness and Purposes of the processing
The lawfulness and legal basis for obtaining, processing personal data about you will be one or more of the following:
What we use your personal data for | The legal basis for doing so (one of more under each sub-heading) |
---|---|
|
|
|
|
|
|
|
|
|
|
When we process personal data to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and before collecting, we ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.
We will send you messages by post, telephone, text, email and other digital methods, including for example via our ATMs, mobile applications, push notifications, or online banking services (and new methods that may become available in the future). These messages may be:
Automated processing
The way we analyse personal information in relation to our products and services including applications, credit decisions, determining your eligibility for the products or services, may involve automated profiling and decision making, this means that we may process your personal data using software that is able to evaluate your personal aspects and predict risks or outcomes as also where the decision making may be automated.
We may also carry out automated anti-money laundering and sanctions checks. This means that we may automatically decide that you pose a fraud or money laundering risk if the processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk:
You expressly acknowledge that the automated decision is necessary for entering into or performance of contract and/or you explicitly consent to such automated decision making, hence you subject to even the decisions which are solely based on automated processing. You have rights in relation to automated decision making: if you want to know more please contact us using the details set out in the Contact Us section.
Cookies
We may use cookies and similar technologies on our websites, mobile apps, and in our emails. Cookies are text files that
get small amounts of information, which your computer or mobile device stores when you visit a website or use
a mobile app. When you return to the websites or mobile apps – or visit websites and mobile apps that use the
same cookies – they recognise these cookies and therefore your device.
We use cookies to do many different jobs, like letting you navigate between pages efficiently, remembering your
preferences and generally improving your online experience. They can also help ensure that the advertisements
and marketing material(“ads”) you see online are more relevant to you and your interests. We also use similar
technologies such as pixel tags and JavaScript to undertake these tasks. We also use cookies in some of our emails
to help us to understand a little about how you interact with our emails, and to help us improve our future email
communications. These cookies also help ensure that the ads you see online are more relevant to you and your
interests.
Our respective websites and mobile app terms and conditions give you more information on these technologies, how and where we use them and how you can control them.
How to manage and disable cookies?
For instructions on blocking and deleting cookies, see the privacy settings and help documentation of your specific browser’s website. If you use more devices and/or browsers, you will need to disable cookies on each device and on each browser separately. Here are the locations of the cookie settings for all major web browsers:
If you limit the ability of our websites to set cookies, this may prevent you from using certain features of our
website properly and your user experience – which will no longer be personalised for you – may deteriorate. You
may also be able to opt out from certain cookies through third party cookie management sites. Disabling cookies
may prevent you from using certain parts of our website. If you delete your cookies from the browser, you may
need to remember to re-install opt-out cookies.
In the past we would have dropped the cookies in your device when you accessed our online platforms. For removing
these cookies, you will need to go to your respective browser settings in your devices and remove them.
Recipients: Who we share your personal data with:
We only share your personal data with the following persons and/or in the following circumstances, and only as may be necessary:
For further information, please refer to our product specific terms and conditions and application form.
Period of storage of your personal data
We will keep the personal data we collect about you on our systems or with third parties for as long as required for the purposes set out above or even beyond the expiry of transactional or account based relationship with you: (a) as required to comply with any legal and regulatory obligations to which we are subject or (b) for establishment, exercise or defence of legal claims.
Implications of not providing personal data or Withdrawing Consent
Sharing personal data with us is in both your interest and ours.
We need your personal data in order to:
When we request personal data, we will inform you if providing it is a contractual requirement, a statutory requirement or not, and whether or not we need it to comply with our legal obligations.
You may choose not to share personal data or withdraw consent, but doing so may limit the services we are able to provide to you (unless consent is not the only legal basis for processing and there are other legal basis as well), particularly as under.
However, if you withdraw your consent, it will not affect the lawfulness of processing based on your consent before its withdrawal or the other legal basis which we may have for such processing.
Processing your personal data outside the EEA
HDFC Bank is incorporated and regulated in India, its overseas branches are regulated by host country regulations and subsidiaries are governed under applicable laws. As such, your personal data is stored on secure systems within HDFC Bank premises within India and with providers of secure information storage in India. Further, we may transfer or allow the transfer of personal data about you and your products and services with us to our service providers and other organisations outside the European Economic Area (EEA), with adequate safeguards to ensure your personal data remains adequately protected.If you need copy of safeguards provided to transferred personal data, please notify us in accordance with the “How to contact us?” section below. These jurisdictions and countries outside EEA may have different and less stringent laws relating to the degree of confidentiality afforded to the personal data and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar process. In addition, a number of countries have agreements with other countries providing for exchange of information for law enforcement, tax and other purposes.
For example, we may process payments using third parties (including other financial institutions such as banks and the worldwide payments system operated by the SWIFT organisation)
How do we secure your Personal data?
HDFC Bank is ISO 27001:13 compliant. We seek to use reasonable organizational, technical and administrative measures to protect Personal data within our organization. However, if you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “How to contact us?” section below.
How to exercise your information rights (including the right to object)?
You have the following rights, in accordance with and subject to the qualifications and provisions under GDPR:
Right to object
You shall have the right to object, on grounds relating to your particular situation, at any time to processing
of personal data concerning you which processing is based on necessity for the purposes of legitimate interests
pursued by us or third party, including profiling. Upon such exercise of your right, we shall no longer process
the personal data unless we demonstrate compelling legitimate grounds: (a) for the processing which override
your interests, rights and freedoms or (b) for the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing purposes, you shall have the right to object at any time
to processing of personal data concerning you for such marketing, which includes profiling to the extent that
it is related to such direct marketing. If you object to this use, we will stop using your information for direct
marketing purposes.
If you exercise any of the aforesaid rights, in most instances, we will respond within one calendar month. If
we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests),
we may extend this period by a further two calendar months. Should this be necessary, we will explain the reasons.However,
where we have reasonable doubts concerning your identity, we may request the provisions of additional information
necessary to confirm your identity. Ordinarily, we will not charge a fee for the exercise by you of any rights
as above. However, we may charge a reasonable fee if your request for access is found to be excessive or unfounded.
Alternatively, we may refuse to comply with the request in such circumstances.
If you make your request electronically, we will, where possible, provide the relevant information electronically
unless you ask us otherwise.
Links to Other Websites
From time to time, our website may contain links to and from websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites may have their own privacy notices and that we do not accept any responsibility or liability for any such notices. Please check these notices, where available, before you submit any personal data to these websites
Children
If you are a parent of a child under 16 (or such age as applicable for GDPR purposes in the respective EU Member States), you give your consent or authorise the consent if you wish your child to access HDFC Bank Services.
In How to contact us
If you have any questions about how your personal data is gathered, stored, shared or used, or if you wish to exercise any
of your information rights, please contact our Privacy Contact at
privacy@hdfcbank.com
Phone Banking:
+91 22 67606161
Changes to this notice
We will update this Data Privacy Notice from time to time. Any changes will be communicated to you and made available on this page and, where appropriate, notified to you by SMS, e-mail or when you log onto website or start one of our mobile apps. Dated: 12th June 2018