How we use your personal information Our main purpose is to introduce you to how your personal information is processed and used by TBC Bank JSC. The notice explains the principles we follow while processing your personal data and how the law protects you. It covers the data which the Bank obtains when having you as a customer, which is also used for direct marketing purposes in line with the legislation of Georgia. Our privacy promise We, TBC Bank promise: · To keep your data safe and private; · Not to use your data unlawfully; · In case you request, to provide you with complete and exhaustive information with respect to the processing of your personal information.
Who we are JSC "TBC Bank" is a commercial bank licensed under the Georgian legislation. Identification number: 204854595 Legal address: Marjanishvili str. №7, Chugureti region, Tbilisi, Georgia. You can find out more about us here.
How the law protects you As well as our Privacy Promise, your privacy is protected by the Law of Georgia on the Protection of Personal Data. Pursuant to the law, you are authorized to request of us the information with regard to the use of your personal data. The Bank shall be obliged to supply this information if requested by you. We are authorized to use the personal data only in case specific contractual and/or relevant legal basis exist. The Bank has a legal basis for using your data, which implies also the existence of business-related and/or commercial purpose. It is important that the information processing by the Bank does not aim at harming your interests either in this case. The processing of personal data of a minor is allowed only in accordance with the legislation of Georgia and taking into account the best interests of the minor. Find below the list of goals and legal basis against which we process your personal data. We are presenting the goals of using your data and our legal basis in each particular case:
Personal Information Groups We use various types of personal information and classify them as follows:
The security of your information in Mobile and Internet Banking In order to improve the quality of service, TBC Bank is authorized to control the behavior of customers in the bank's digital channels (Mobile and Internet Banking). This monitoring does not include the collection of personal / confidential / commercial data or any other form of processing. The purpose of the monitoring process is not to analyze the identified user behavior, but to study user activity in general. By using TBC Mobile and Internet Banking your data about Device ID, Device Model, Device Brand, Device Name, OS Version, TBC Application Version will be accessed by following applications: Google analytics, Xtremepush.com, WVO Facebook Pixel and Firebase. While using Mobile Banking, in order to improve the quality of service, the bank is authorized to process information about phone numbers in your mobile device and selected by you. Furthermore, phone numbers will be used only with your consent and only for a specific purpose.
Sources from which we obtain personal information We can collect personal information about you from the sources provided by you and listed below: You provide us with the data in the following cases:
Cookies We employ Cookies and monitor our visitor behavior on our website to ensure that we provide the best practice to our users while they visit our website and are able to continuously improve the quality of our service. Cookies are small computer files that get sent down to your PC, tablet or mobile phone by websites when you visit them. They stay on your device and get sent back to the website they came from, when you go there again. To find out more about how we use cookies, please see our cookies policy which is published on our website.
Your rights You can receive the following information:
You can request a copy of the information processed by us. Under the law, you are authorized to require adjustment, update, addition, blockage, deletion or destruction of your personal data if it appears to be incomplete, incorrect, out-of-date or if the process of information gathering and processing is carried out illegally. We observe the requirements of the Georgian legislation, which may prevent us from an immediate deletion of your personal data. Such obligations may be stemming from the laws on anti-money laundering, tax, activities of commercial banks consumer rights protection and other.
Information from third parties We are authorized to request and obtain information from third parties as well, e.g. from TBC Bank Group PLC member companies or Credit Info Bureau, both positive as well as negative information stored in their electronic databases, also from that of LEPL State Service Development Agency. This is carried out pursuant to the Privacy Law of Georgia, based on your prior approval, if necessary.
Who we share your personal information with We may have to share your personal data in the cases defined by the law of Georgia or with other companies, which are supposed to provide you with the product or service chosen by you, e.g. · If you have a debit, credit or charge card with us, we will share transaction details with companies which help us provide this service (such as Visa and MasterCard); · If you apply for insurance through us, we may pass your personal or business details to the insurance company, and onto any reinsurers; When we use other service providers or other third parties to carry out certain activities in the normal course of business, we may have to share personal data required for a particular task. Service providers support us with activities like:
We may also share your personal information if the corporate structure of the Bank changes in the future: · We may choose to sell, transfer, or merge parts of our business, or assets. · If any of the above discussed processes occur, we may share your data with other parties. However, before sharing such information, the mentioned parties shall mandatorily agree to keep your data safe and confidential.
Whenever we share your personal data with third parties we ensure the necessary safeguards are in place to protect it.
How we use your information to make automated decisions For making automated decisions, including profiling, we sometimes use the personal data we have, or are allowed to collect from other entities based on the legislation, the contract signed with you or consent given by you. This helps us ensure that our decisions are quick, fair and efficient. These automated decisions can affect the quality of products and services offered by us now or to be offered in the future. If there is no grounds (legislative, contractual, consent) you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal, financial or other significant effect on you. Here are the types of automated decision we make:
We may decide on the price of some products and services based on the information available to us.
We assign our clients to relevant groups which we call customer segments. We use these groups to study our customers' needs and based on what we learn, make decisions that will be useful and favorable for you. This helps us to design products and services for different customer segments and to manage our relationships with them.
We use your personal information to help decide if your accounts can be used for fraud or money-laundering. We may detect that an account is being used in a wrongful way. If we identify the risk of fraud, we reserve the right to suspend transactions of doubtful accounts for your security or refuse access to them/deny a respective service.
When you open an account with us, we check that the product or service is relevant for you, based on the information available to us. We also check that you or your business meets the conditions needed to open the account.
We use a system to decide whether to approve or not your credit application, whether for a loan or a credit card. This is called credit scoring. It uses past data to predict how you are likely to act while paying back the credit. Credit scoring uses data from three sources: · Your application form · Credit reference agencies · Data available to us.
In purpose to offer and provide banking and related services.
Credit Info Georgia (hereinafter "The Credit Reference Agency") When you apply for a product or a service, we check your credit data and can contact a Credit Reference Agency. If you are our client, we can use the databases of the Credit reference Agency to facilitate the approval of the credit product you have applied for. We will share your personal information with the Credit Reference Agency during the period you will be using our services. These data include information about closed and overdue loans. If you are a borrower, we will also share information on how you make payments – fully and in due time or with a delay. The Credit Reference Agency can share this information with other credit institutions which are interested in your credit status. We will also let the Credit Reference Agency know if you have fully settled your liability. For more information about the Credit Reference Agency, please visit https://ge.creditinfo.com/ We reserve the right to allow law enforcement agencies to access your personal information in cases strictly defined by the law. This is to support their duty to detect, investigate and prevent crime. If you choose not to share your personal information with us, it may delay or prevent us from meeting our obligations towards you, including performance of services to run your accounts or implementation of relevant procedures. Personal data processing for direct marketing purposes We may use your personal information to tell you about relevant products and offers. We gather your personal information from what you share with us and what we collect from the sources available to us when you use our services. We study your data to form a view on what you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. We can only use your personal information to send you marketing messages if we have either your consent or a legitimate interest. We promise that our activities will not be unfair, incorrect or running counter your interests. You can ask us to stop sending you marketing messages by contacting us at any time. We respect your wishes and will stop using your data for marketing purposes immediately, but not later within 3 days. Your security is important to us. Therefore, you will continue to receive statements regarding the changes in the facilities proposed to you and in terms of service.
How long we keep personal data We keep your personal data throughout the whole term of service provided to you and for 15 years from the completion of the service for the following reasons: · To respond to any questions and complaints · To show that we treated you fairly · To maintain records according to the regulations that apply to us We may keep your personal information for over 15 years if we cannot delete it for legal or regulatory reasons.
How to withdraw your consent You can withdraw your consent at any time, in case there are no other legislative requirements. Please contact us if you want to do so. This will only affect the way we use information when our reason for doing so is that we have your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. Changes to this Privacy Statement We may amend this Privacy Statement to remain compliant with any changes in law and/or to reflect how our business processes personal data. This version was created on January 6, 2022 How to contact us In case of questions regarding the Privacy Policy, our common rights and responsibilities and data processing, you can reach us in either way provided below:
You can talk to our Online Consultant, Online Chat You can contact us via Mobile and Internet Banking, also on the official Facebook page of TBC Bank You can call 24 hours a day 7 days a week + (995 32) 227 27 27 You can visit our branch during bank working hours
If you are located in the EEA or the United Kingdom and have questions about your personal data or would like to request to access, update, or delete it, you may contact our representative at: Bird & Bird GDPR Representative Services SRL Avenue Louise 235 1050 Bruxelles Belgium EUrepresentative.TBCBank@twobirds.com
Key Contact: Vincent Rezzouk-Hammachi
Bird & Bird GDPR Representative Services UK 12 New Fetter Lane London EC4A 1JP United Kingdom UKrepresentative.TBCBank@twobirds.com
Key Contact: Vincent Rezzouk-Hammachi
|
|