• JALGAON JANATA SAHAKARI BANK LTD., JALGAON
    (Scheduled Bank)

 

Website Privacy policy

Privacy Policy
Jalgaon Janata Sahakari Bank Ltd built the Jalgaon Janata Sahakari Bank Ltd app as a Free app. This SERVICE is provided by Jalgaon Janata Sahakari Bank Ltd at no cost and is intended for use as is.
This page is used to inform visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service.
If you choose to use our Service, then you agree to the collection and use of information in relation to this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy.
The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which are accessible at Jalgaon Janata Sahakari Bank Ltd unless otherwise defined in this Privacy Policy.

Information Collection and Use
For a better experience, while using our Service, we may require you to provide us with certain personally identifiable information. The information that we request will be retained by us and used as described in this privacy policy.
The app does use third-party services that may collect information used to identify you.
Link to the privacy policy of third-party service providers used by the app
• Google Play Services

Log Data
We want to inform you that whenever you use our Service, in a case of an error in the app we collect data and information (through third-party products) on your phone called Log Data. This Log Data may include information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, and other statistics.

Cookies
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device's internal memory.
This Service does not use these “cookies” explicitly. However, the app may use third-party code and libraries that use “cookies” to collect information and improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of this Service.

Service Providers
We may employ third-party companies and individuals due to the following reasons:
• To facilitate our Service;
• To provide the Service on our behalf;
• To perform Service-related services; or
• To assist us in analyzing how our Service is used.
We want to inform users of this Service that these third parties have access to their Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.

Security
We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

Links to Other Sites
This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children’s Privacy
These Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13 years of age. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do the necessary actions.

Changes to This Privacy Policy
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.
This policy is effective as of 2023-04-01

Contact Us
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at jjsbl_jal@jjsbl.co.in.


Data Privacy Policy

1. OBJECTIVE

a) To ensure the security and privacy of customers' sensitive personal data.
b) To comply with the Privacy Regulations viz. The information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules, 2011).
c) Follow good practice.
d) Protect Jalgaon Janata Sahakari Bank Ltd's Stake holders, staff and other individuals
e) Protect the organization from the consequences of a breach of its responsibilities
f) Securing Mobile Banking Applications including UPI ecosystem

2. SCOPE AND APPLICABILITY

This policy is applicable to all employees of the Jalgaon Janata Sahakari Bank Ltd, Jalgaon (hereinafter referred as Bank) Head office and its branches and its vendors.

3. POLICY

Bank customers’ sensitive personal data i.e. biometric data, passwords and financial information such as bank account details, credit and debit card details shall be protected by Bank by following reasonable security practices and procedures. For this, Bank has:
a) Adopted a comprehensive documented information security program and policies that contain managerial, technical, operational and physical control measures
b) Implemented the documented security practices
c) Information Systems audits of Bank’s Data Center and branches conducted every year

Bank shall always:
a) Comply with both the law and good practices
b) Respect individual’s rights of non disclosure, confidentiality.
c) Be open and honest with individuals whose data is held.
d) Provide training and support for staff and volunteers who handle personal data, so that they can act confidently and consistently
e) Recognize that its first priority is to avoid causing harm to individuals, which means:
- keeping information securely in the right hands, and
- holding good quality information.

3.1 Security and confidentiality of Customer Data

3.1.1
As per Information Systems security policies and procedures implemented in the Bank, Bank has implemented administrative, physical and technical safeguards to protect electronic personal data from loss, misuse and unauthorized access. Customers’ personal data shall be stored on a secured database.

3.1.2
Bank shall not sell personal data to any third party or anybody and shall remain fully compliant with confidentiality of the data as per law.

3.1.3
Bank shall share customers' personal data to third party if required for business purpose only after implementing adequate controls to ensure maintenance of confidentiality and security of the data by the concerned third party.

3.2  Data Usage

3.2.1
Bank shall use customers' personal data only for the purpose for which it is collected. Bank is committed to ensuring that personal data is kept strictly confidential. However, personal data may be disclosed to regulatory authorities for the purposes of obtaining regulatory approval in accordance with applicable legal requirements, or otherwise to comply with applicable legal requirements.

3.3  Data Retention

Customers data shall be retained as per Senior management Directives (circulars issued by Banks Head Office) and Regulatory Standards (RBI directives, Legal requirements).
 
3.4  Data modification

Bank shall update the customer data only after ensuring the authenticity of the change request. Adequate access controls and authorization controls shall be in place to monitor data modifications.

3.5  Data Quality

Bank shall continuously review and asses the quality and completeness of the data.

3.6  SECURITY AWARENESS AMONG USERS:

All staff handling personal data shall receive training in the requirements of data protection related laws and regulations. They shall also be educated about the legal consequences of intentional / unintentional disclosure /leakage of customers’ data.

3.7 Securing Mobile Banking Applications including UPI ecosystem

Bank shall implement below features in mobile applications,

  • Implementation of Auto-read OTP functionality
  • Implementation of multiple VMN Control for iOS devices
  • Ability to identify SMS forwarding apps to the extent possible (like in case of remote access apps) and prohibit login access to the mobile application, as a matter of precaution.
  • Further as per the CISITE RBI Advisory l4l2O22 of 26th Dec 2022, the bank shall implement the controls including "SMS delivery receipt check" strictly to securely complete the device binding process. Further bank shall implement any NPCI circulars regarding implementation of controls for Mobile Banking.
  • Auto Read OTP functionality: -It is recommended that each process of OTP validation shall have auto read facility of OTP in the Mobile application. Whenever the OTP send to the customer, mobile app shall auto populate the OTP in the required field instead of entering by keypad.
  • SMS forwarding App / Remote access App: It is recommended that; the Mobile Application can have an ability to identify the “SMS forwarding Apps” as well as “Remote Access Apps” installed on the User’s handset. Based on the “AppID” of these kind of Apps, Mobile App shall restrict the users to access the login to the application if user have installed the listed apps.
  • SMS Delivery status facility: SMS vendor should have Call back facility available to verify the status of SMS send from our end, also SMS vendor have “SMS Delivery receipt check” to know the delivery status of the SMS forwarded from our end.
  • Mobile banking Application shall have ability to read/detect Installed Application on user’s device and upload it on bank’s secure server for keeping safe track of existing applications. App shall prohibit/restrict Mobile Banking Application usage incase of any listed application with likes of remote access applications and sms forwarder applications is detected.
  • By agreeing to terms within Mobile banking application and written consent form undertaken from user during opting mobile banking feature it will be considered user have provided affirmative consent for all above mention disclosures.

4. Record of Revisions:

Rev. No. Date Changes Remarks
1 31st Dec 2017   Draft Approved
2 22nd  February 2019   Policy Revised
3 07th Jan 2023 Securing Mobile Banking Applications including UPI
ecosystem - RBI Advisory 1/2019 dated 10th Jan 2019
Policy Revised

 

5. Record of Approval: 

  Prepared By : Reviewed By : Approved By :
Name IT Dept Atul Naik BOD
Designation DGM DGM  
Date 31st Dec 2017 22nd  February 2019