Last Updated: June 5, 2025 | Effective Immediately
At NDCC Bank, your trust is our priority. We are committed to protecting your personal and financial information with the highest standards of security and confidentiality, in full compliance with Reserve Bank of India (RBI) regulations and applicable laws.
Here's our comprehensive privacy promise to you, outlining how we collect, use, and protect your information while ensuring transparency and control over your personal data.
Our Privacy Commitment: 8 Key Principles
-
Your Data is Collected Lawfully & Transparently
- We only collect information necessary for banking services, regulatory compliance (like KYC), risk management, and improving your experience.
- We clearly explain why we need your data and obtain your consent where required (especially for sensitive data).
-
Your Data is Used Responsibly
- Your information is used strictly for the purposes disclosed to you, including:
- Providing banking products/services you request.
- Meeting legal & regulatory obligations (RBI KYC, fraud prevention, AML/CFT).
- Enhancing security and operational efficiency.
- Offering relevant financial products (with your explicit consent for marketing).
We do not sell your personal data to third parties. - Your information is used strictly for the purposes disclosed to you, including:
-
Robust Security is Our Shield
- We implement stringent physical, electronic, and procedural safeguards (aligned with RBI's cybersecurity framework) to protect your data against unauthorized access, alteration, or destruction.
- Our security measures include encryption, firewalls, secure servers, access controls, and regular audits.
-
Third-Party Sharing is Minimized & Controlled
- We share your data only when essential and under strict confidentiality agreements with:
- Regulators (RBI, other statutory bodies as mandated).
- Credit bureaus (as per RBI guidelines).
- Carefully vetted service providers (e.g., payment networks, cloud services – adhering to RBI outsourcing norms).
- Potential assignees/transferees in business restructuring (as permitted by law).
- We ensure third parties maintain equivalent data protection standards.
- We share your data only when essential and under strict confidentiality agreements with:
-
Your Rights Matter (Aligned with Digital Personal Data Protection Act, 2023 DPDPA Principles)
- Access & Correction: You can request access to your personal data and seek correction of inaccuracies.
- Grievance Redressal: Concerns regarding your data privacy will be addressed promptly.
- Consent Withdrawal: You can withdraw consent for specific data uses (e.g., marketing), subject to legal/contractual obligations.
- Erase & Forget: You have the right to request erasure of your personal data, subject to RBI's data retention mandates and legal requirements.
-
Data Retention is Time-Bound
- We retain your information only as long as necessary for the purposes collected, to comply with RBI's record-keeping requirements (typically 5-10 years post-account closure), or as required by law.
-
Transparency in Changes
- We will notify you of significant updates to this Privacy Promise through our website, email, or SMS, as per regulatory requirements.
-
Your Vigilance is Key
- Protect your account credentials (User ID, PIN, Password, OTP) and never share them.
- NDCC Bank will NEVER ask for these via email/SMS/call.
NDCC BANK