“Baroda M-Connect + UG‟ is mobile banking application of Bank of Baroda (U) Ltd. This Application collects some Personal Data (including account related information) from its Users. Following data is accessed for the following purposes and using the following services:
|Data / Information||Purpose||Service|
|Bank account information||View account information and account debit authority||Mobile banking service|
|Phone book contacts||Fetch mobile number from the phone‟s contact list||Mobile recharge|
|Passwords (Default password provided by the system and password created by the user)||Mobile banking login / transactions. (application password is stored at handset level, mPIN is stored at server in encrypted form)||
Methods of Data processing :Data is controlled and processed in house by the bank. The in house Data centre processes the data of Users in a proper manner and appropriate security measures are taken to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and / or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data centre, in some cases, the Data may be accessible to bank officials, involved with the operation of the service (administration, sales, marketing, legal, system administration) or external parties (such as vendors, third party technical service providers, mail & SMS carriers) appointed, if necessary, as Data Processors by the business Owner. The updated list of these parties may be requested from the business owner at any time.
Place of data processing: The Data is processed at the bank’s Data centre and in any other places where the parties involved with the processing are located.
Retention time: The Data is kept for the time necessary to provide the mobile banking service, as requested by the User.
Legal action: The User's Personal Data may be used for legal purposes by the bank, in Court of Uganda or in the stages leading to possible legal action arising from improper use of this application or the related services. The User is aware of the fact that the Data Controller may be required to reveal personal data upon request of public authorities.
System Logs and Maintenance: For operation and maintenance purposes, this Application and any third party services may collect files that record interaction with this Application (System Logs).
Information not contained in this policy: More details concerning the collection or processing of Personal Data may be requested from the bank at any time. Please see the contact information at the beginning of this document.
The rights of Users: Users have the right, at any time, to know whether their Personal Data has been stored and can consult the bank to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the bank at the contact information set out above. This Application does not support “Do Not Track” requests. To determine whether any of the third party services it uses honor the “Do Not Track” requests, please read their privacy policies.
Definitions and legal references
Personal Data (or Data): Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Usage Data: Information collected automatically from this Application (or third party services employed in this Application ), which can include: the mobile number and SIM serial number of the Users who use this Application, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
User: The individual (registered customer) using this Application, which must coincide with or be authorized by the bank Subject, to whom the Personal Data refer.
Data Subject: The legal or natural person to whom the Personal Data refers to Data Processor (or Data Supervisor) The natural person, legal person, public administration or
Bank (or Owner): Bank of Baroda (U) Ltd is the Owner of this Application.
This Application: The hardware or software tool by which the Personal Data of the User is collected.
Cookie: Small piece of data stored in the User's device.