Privacy Policy

Summary

“BOI BHIM UPI India Pay UPI” is a Unified Payment Interface application of Bank of India. By downloading this app Customer/ user agrees to terms and conditions of this Privacy Policy given by the application.
Bank of India (referred as ‘Bank’ herein after) will not be able to on-board the Customer/ user in case Customer/ user are not in agreement with the terms and condition. By mere use of BOI BHIM UPI, Customer/ user expressly consent to Bank to use and for disclosure of Customer / user's personal information in accordance with the Privacy Policy. This Privacy Policy is incorporated into and subject to terms and conditions.

Collection of Personally Identifiable Information and Other Information

When Customer/user use Bank's aforesaid application, Bank collects and stores Customer’s/user‘s personal information provided by Customer/user from time to time. Bank does so to ensure that Customer/user is provided a safe, efficient, smooth and seamless experience. This also allows Bank to understand Customer/ user‘s needs and provide for services and features that best suit them. Bank strives to provide for services and features that best suit them and to provide for customizations on Bank's application to ensure that Customer’s/user's experience is always safer and easier. This requires collection of personal information to the extent necessary for achieving this purpose and objective.

Customer/user may please note that it is mandatory to register themself in order to use the App and once Customer/user give Bank his/her personal information, Customer/user are not anonymous to Bank. Bank may automatically track certain information about Customer/ user based upon Customer/ user's behavior on Bank's App to the extent permitted by law.

If Customer/user choose to transact on the app, Bank collect information about Customer’s/user's transaction behavior.

Bank collect some additional information such as a billing address, details of recipient, payer of the transaction, location, etc. which may be used for providing better experience to Customer/ user while using the App. If Customer/ user choose to provide information by way of messages on Bank's message boards (as & when available) and/ or chat rooms and/ or any other message areas and/or if Customer/ user prefer to leave feedback, Bank will collect that information Customer/ user provides to Bank. Bank retain this information as necessary to resolve disputes in terms of transactions and otherwise, whenever needed, provide customer support and troubleshoot problems as permitted by law. Bank collect personally identifiable information (email address, Name, Phone number, Aadhar number etc.) from Customer/ user when Customer/ user register with Bank to create Customer/ user's unique identification in terms of Virtual Payment Address and/ or any other unique registration identification that is/ shall be made available to Bank's customer

Use of Demographic/ Profile Data/ Customer/ User's Information

Bank use Customer/ user's personal information to provide the services as per Customer/ user requests. Bank use Customer/ user's personal information to resolve disputes, troubleshoot problems, Send money, collect money, measure consumer interest in Bank's products and services and Bank may use the information to keep Customer/ user apprised on any online and offline offers, products, services and updates that shall be made available for use of our customers. Bank use the information thus obtained to customize Customer’s/user's experience; detect and protect the Bank against error, fraud and other criminal activity, enforce Bank's terms and conditions which are an integral part of the use of this application and as otherwise described to Customer/ user at the time of such collection.
Bank identifyanduseCustomer’s/user's IPaddresstohelpdiagnoseproblemswith Bank'sserver,andto administerourapp.
Customer/user'sIPaddressisalsoused toidentifyCustomer/ user andtogather broaddemographic information.

Sharing of personal information

Bank may disclose personal information of Customer/ user if required to do so by law and /or in the good faith and belief that such disclosure is required to respond to subpoenas, court orders, and /or other legal processes. Bank may disclose personal information to law enforcement offices upon such requests, third party right owners and /or others in the good faith and belief that such disclosure is required to:

• Enforce Bank's Terms and/or Privacy Policy; and/or
• Respond to claims that an advertisement, posting and/or other content violates the rights of a third party; and /or
• To protect the rights, property and/or personal safety of Bank's customers/ users and / or the general public.

Bank shall be within its right to share some or all of Customer’s/user's personal information with another business entity when Bank (or our assets) plan to merge with, or be acquired by that business entity, or re-organization, amalgamation, restructuring of business and in such case of merger or acquisition, all the rights and duties of the Bank under this Privacy shall be vested with the new entity.

Methods of Data processing

Data is controlled and processed in house by the bank. The in house Data Center processes the data of Customers/Users in a proper manner and appropriate security measures are taken to prevent unauthorizedaccess,disclosure, modification or unauthorized destruction of theData.TheData processing iscarried out using computers and / orIT enabled tools following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Center, in somecases,the Datamaybe accessible to bank officials, involved with the operation of the service (administration, sales, marketing, legal, system administration) or external parties (such as vendors, third party technical service providers, mail & SMS carriers) appointed, if required, as Data Processors by the business Owner. Theupdated list ofthese parties may be requested from the business owner at any time.

Place of data processing

The Data is processed at the bank's Data Center and in any other places where the parties involved with the processing are located.

Retention time

The Data is kept for the time necessary to provide the UPI services, and the extent permitted by law.

Legal action

The Customer/Users Personal Data may be used for legal purposes by the bank, in Court or in the stages leading to possible legal action arising from improper use of this application or the related services. The Customer/User is aware of the fact that the Data Controller may be required to reveal personal data upon request of public authorities.

System Logs and Maintenance

For operation and maintenance purposes this Application and any third party services may collect files that record interaction with this Application (System Logs). Information not contained in this policy: More details concerning the collection or processing of Personal Data may be requested from the bank at any time.

The rights of Users

Customer/Users have the right, at any time, to know whether their Personal Data has been stored and can consult the bank to learn about their contents and origin, to verify its accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the bank at the contact information set out above. This Application does not support “Do Not Track” requests. To determine whether any of the third party services it uses honor the “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy

The bank reserves the right to make changes to this privacy policy at any time by giving notice to its Customer/Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a Customer/User objects to any of the changes to the Policy, the Customer/ User must cease using this Application and can request that the bank to erase the Personal Data. Unless stated otherwise, the then-current privacy policy applies to all Personal Data the bank has about Users.

Security Precautions

Bank's App has stringent security measures in place to protect the loss, misuse, and alteration of the information under Bank's control and follows the best practices in the industry in this regard. Whenever Customer/ user changes or access Customer/ user account information, it is through secured channels. Once Customer/ user information is in Bank's possession Bank adhere to strict security guidelines, protecting it against unauthorized access.

Your consent

By using the App and/ or by providing Customer/ user's information, Customer/ user consents to the collection and use of the information Customer/ user disclose on the App in accordance with this Privacy Policy

Definitions and legal references

Personal Data (or Data): Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number

UsageData:Information collected automatically from this Application (or third party services employed in this Application), which can include: the mobile number and SIM serial number of the Customer/Users who use this Application, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the features of the browser and the operating system utilized by the customer/User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the Customer/ User's IT environment.

User: The individual (registered customer) using this Application, which must coincide with or be authorized by the bank subject, to whom the Personal Data refer.

Data Subject: The legal or natural person to whom the Personal Data refers to Data Processor (or Data Supervisor). It includes the natural person, legal person, public administration or any other body, association or organization authorized by the bank to process the Personal Data in compliance with this privacy policy

Bank (or Owner):Bank of India is the Owner of this Application.

This Application: The hardware or software tool by which the Personal Data of the Customer/User is collected.

Cookie: Small piece of data stored in the customer/User's device.