Paytm Payments Bank Privacy Policy

We collect and generate various data points about you.

Data by which you are identified is termed as “Personal Data”. Personal Data does not include any information that is freely available or accessible in public domain.

Your Privacy is of utmost importance to us and protection of your Personal Data is a key commitment for us.

We are also governed by the Banking Codes and Standards Board of India and Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 to maintain the privacy of your Personal Data.

I. Personal Data

Personal Data we may collect from you are as under:

1. Personal details (e.g. name, contact details, residential address, date of birth, documents such as identity card / passport details / Aadhaar details / PAN / Voter ID / driving license, and/or education details) needed to open bank account with us and/or avail other services from us.
2. Your bank account details including transaction history, balances, payment details, for effecting transfer of monies through various payment channels provided by us.
3. financial details (e.g. income, expenses, and/or credit history) needed as part of application request for some of our services;
4. images of documents/ photos required to open and maintain bank account with us and/or avail our services from us.
5. voice recordings of our conversations with our customer care agent with you to address your queries/grievances;
6. employment details (e.g. occupation, positions held, employment history, salary and/or benefits) as part of our record retention for Central KYC Records Registry (CKYCR) purposes under Prevention of Money Laundering (Maintenance of Records) Rules, 2005
7. specimen signature(s) for processing of your instructions received by us through our various payment channels;
8. opinions provided by you to us by way of feedback or responses to surveys;
9. information obtained from your mobile device by way of using our app like device location, communication information including contacts and call logs, device information (including storage, model, mobile network), transactional and promotional SMS/app notifications.

II. Storage of Personal Data

We store and process your Personal Data only in India, in accordance with RBI circular in respect of the Storage of Payment System Data dated 6th April 2018.

Our data center and systems also maintain backup and disaster recovery systems in India.

III. Sharing of your Personal Data

Any Personal Data that we have access to shall never be shared without your consent.

In various processes / submission of applications / availment of product offerings, we even seek your explicit consent to use / share your Personal Data.

In our business and operational processes, we only share the data on a partial and “need-to-know” basis to designated personnel or partners or service providers.

We will share your data with competent/ legal/statutory/regulatory agencies / authorities or partners/service providers acting on our behalf (as the case may be) in following cases:

1. only for enabling the provision of the banking services availed by you, strictly on a “need to know” basis and subject to applicable laws.
2. it is directed or required by legal/regulatory / statutory / governmental authorities under applicable laws/regulations though a legally obligated request.
3. it is required by banks/financial institutions to verify, mitigate or prevent fraud or to manage risk or recover funds in accordance with applicable laws/regulations.

IV. Usage of Your Personal Data

We use your Personal Data in our business/banking activities for providing our or our partners’ products/services and to perform, among other actions, the following:

1. to facilitate the banking transactions or report on these transactions;
2. to undertake research and analytics for offering or improving our banking services and their security and service quality;
3. to check and process your applications submitted to us for banking services and/or instructions or requests received from you in respect of these services;
4. to share with you, updates on changes to the banking services and their terms and conditions;
5. to take up or investigate any complaints/claims/disputes;
6. to respond to your queries or feedback submitted by you;
7. to verify your identity for us to provide banking services to you;
8. to carry credit checks, screenings or due diligence checks as lawfully required by us;
9. to monitor and review banking services from time to time;
10. to undertake financial/regulatory/management reporting, and create and maintain various risk management models;
11. for conducting audits and for record keeping purposes;
12. for selective offers and promotions.

We also use your Personal Data to fulfill the requirements of applicable laws/regulations and/or court orders/regulatory directives received by us.

V. Purging of your Personal Data

1. We retain your Personal Data as long as the purpose for its usage exists, after which the same is disposed off by us except for any record retention required as per Master Direction on Issuance and Operation of Prepaid Payment Instruments (https://rbi.org.in/ScriptS/BS_ViewMasDirections.aspx?id=11142), Banking Companies (period of preservation of records) rules, 1985 (https://financialservices.gov.in/sites/default/files/Banking Companies %28Period of Preservation of Records0 Rules%291985.pdf) and the Prevention of Money-Laundering (Maintenance of Records) Rules, 2005 (https://dea.gov.in/sites/default/files/moneylaunderingrule.pdf).
2. The PMLA (Prevention of Money Laundering Act 2002) guidelines i.e. section 12, sub-clause nos. 3 and 4 (https://fiuindia.gov.in/files/AML_Legislation/PMLA_2002/Section%2012%20-%20Obligations-Reporting%20Entity%20to%20maintain%20records.html) and PPI guidelines -para 6, sub-clause no. 6.3 (https://rbi.org.in/ScriptS/BS_ViewMasDirections.aspx?id=11142) require your transaction logs to be stored for a period of up to 10 years post the deletion of an account. In the event of the pendency of any legal/regulatory proceeding or receipt of any legal and/or regulatory direction to that effect, we may be suggested by the law of the land to retain your Personal Data for longer periods.

VI. Cookie Policy

1. Please note that a "cookie" is a small piece of information stored by a web server on a web browser so it can be later read back from that browser.
2. We may use cookie and tracking technology depending on the features offered.
3. No Personal Data will be collected via cookies and other tracking technology; however, if you previously provided Personal Data, cookies may be tied to such information.

VII. Links to other websites

Our website may contain links to other websites which are not maintained by us. This privacy policy only applies to us. You are requested to read the other websites’ privacy policies when visiting these websites.

VIII. Reasonable Security Practices and Procedures

We take various steps and measures to protect the security of your Personal Data from misuse, loss, unauthorised access, modification or disclosure. We use latest secure server layers encryption and access control on our systems. Our safety and security processes are audited by a third party cyber security audit agency from time to time.

We have provided multiple levels of security to safeguard your app by Login/Logout option and AppLock feature that can be enabled by you. We also ensure the device binding so that the same login can not be used on different device without any additional authentication/OTP. Please do not share your Paytm login, password and OTP details with anybody.

IX. Contact us

You may contact us on any aspect of this policy or for any discrepancies/grievances with respect to your Personal Data, by writing to our Nodal Officer at nodalofficer@paytmbank.com.

X. Policy Review & Updates

This policy will be reviewed by us as and when required and the same may change at any time. The latest & most updated policy can always be found at https://www.paytmbank.com/PrivacyPolicy.html.

In this policy, the words “we”, “ours” and/or “us” refer to Paytm Payments Bank Limited and “you” and/or “your” refer to our customers.