JSC "Silk Bank" (hereinafter - the „Bank“ or „Us“) is committed to protecting your confidentiality and personal data.
This Personal Data Protection Policy (hereinafter - „Policy“) is developed in compliance with the current legislation of Georgia and explains how we process and use the data of registered users (hereinafter - „User“ or „You“) of SILK APP (hereinafter - „Application“). The policy also describes the principles that guide us in processing your data and provides information on how the law protects you. In addition, the Policy sets out the choices you have regarding the use, access, correction and deletion of your personal data.
By using this Application you will be deemed to have read, understood and accepted the methods and rules outlined in this policy and agree to it.
After reading this document, you hereby consent to the collection, processing and disclosure of your personal data as described in this Policy.
1. Who we are
JSC "Silk Bank" is a licensed commercial bank, a company registered in accordance with the legislation of Georgia and that can act as a data controller. Company identification code is: 201955027; Legal address: 2 Saarbrucken Square, Tbilisi, Georgia.
For more information see: www.silkbank.ge.
2. Processing of personal data
The Application, with Your consent, or in order to provide You with the Services, or to fulfil obligations defined by the applicable legislation of Georgia and/or to protect the legal interests of the bank, processes personal data necessary to open a bank account and provide you with banking services, to easily and smoothly use the application and to meet Your needs. In addition, data may be processed for statistical analysis and business research only in aggregated or depersonalized form.
Principles. We respect Your data protection rights and accordingly, the personal data are:
• processed lawfully, fairly and in a transparent manner, without impinging on the dignity;
• collected for explicit, specified and legitimate purposes and in accordance with these purposes;
• processed only to the extent necessary to achieve the relevant legitimate purpose, is proportionate to the purposes for which it is processed;
• accurate and, where necessary, kept up to date;
• stored for the period necessary for the purposes for which this data is processed (based on actual needs and/or obligation(s) determined by the applicable legislation of Georgia).
Processed data. The information We collect/process from you may include the following:
For the purpose of registering in the Application, and creating an Application profile (user):
• Application user name (user ID)
• Telephone number
• Email address
When registering in the Application a user may have limited access to certain banking services provided therein, unless she/he performs remote identification/verification, which in turn will allow him to open a bank account and freely use various services.
In order for the User to use all the functions and advantages of the application, first of all, he must submit his identification document (identity card or passport or other permitted identification document) and undergo remote identification/verification according to the steps defined by the Application. Accordingly, for the purposes of use of banking services, opening a bank account and remote identification/verification of an individual following data are processed:
• information provided by You for the provision of a service to You (both with your consent and to fulfil obligations stipulated by law. eg data defined by law for opening an account; KYC questionnaire, etc.);
• information collected during the identification/verification session (including biometric data);
• information requested from Public Service Development Agency;
• Results of remote identification process steps and other session characteristics (start/end time, status, etc.).
3. Data processor and data recipient(s).
The Bank takes every necessary precaution to protect the confidentiality of its client’s information, including the confidentiality of personal data. However, We are entitled to disclose the personal data of our client to those listed below, if it: a) is necessary for performing the service properly, b) is permitted by the legislation and/or c) serves the commercial purpose of the Bank. Data may be shared with the following:
• The Bank's parent and/or subsidiary company, its affiliated and/or group members, the Bank's contractors, suppliers, providers and/or other persons who, on the basis of the law of Georgia on Personal Data Protection, process personal data and other information received from the Bank (on behalf and for the purposes of the Bank, as its authorised persons/data processors, as well on their own names and purposes – independently) and/or provide the Bank with personal data and other information about them and/or the Bank’s clients.
• Supervisory, controlling and/or registration bodies, state or local self-governing bodies and legal entities created by them;
• In order to provide services to users, the Bank is authorized to provide information to those contractors who work on behalf of the Bank or together with it for the proper functioning of the application;
• Auditors, legal advisors, consultants.
4. Confidentiality Guarantees
• The Bank ensures maximum protection of confidential information provided to it in compliance with the law.
• Whereas the Bank uses its best efforts to protect your privacy and confidentiality of Your personal information, given that your data are not encrypted during the remote transfer, the Bank shall not be held accountable for a third party's unauthorized access to the information when it is being transferred to the Bank.
• You are responsible for maintaining the accuracy of the information you submit to Us. If Your personal data changes, you may correct, delete inaccuracies, or amend information. We will take reasonable steps to make the requested changes to Our then-active databases as soon as possible. If you provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), and/or the Bank reasonably suspects that the information provided by You is untrue, inaccurate, out of date or incomplete, We may discontinue the provision of the services to You.
• If You wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the services, please send Us a letter to the following e-mail address: info@silkbank.ge or contact us at the contact details specified in this policy.
• This policy applies to the Application (APP) and the products and services of the Bank. In addition, your use of and access to banking services is subject to the "SilkApp Terms and Conditions" and the "Agreement on Conducting Banking Operations for Individuals and Banking Products and Service Terms" and other existing policies.
• The Bank does not exercise control over the websites displayed as search results or links from within its services. These other websites may place their own short information files (so-called cookies) or other files on the User's device, collect data or solicit personal information from the User, for which the Bank is not responsible or liable and fully disclaims responsibility for such. Accordingly, the Bank does not make any representations concerning the data protection practices, nor do we guarantee the accuracy, integrity, or quality of the information, data, text, software, sound, photographs, graphics, videos, messages or other materials available on such websites. If you decide to visit a third-party website linked, you do so entirely at your own risk. The Bank encourages the customer to read/examine the data protection policies of third parties.
• The Bank implements reasonable/appropriate security practices/measures and procedures to protect the personal data under its control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss. The Bank is not held liable for any damage/loss of data due to unauthorised access to the User’s electronic devices through which the user avails the services.
• The Bank implements reasonable security practices/measures and procedures and has a comprehensively documented information security program and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of our business.
• We respect Your right to confidentiality and data protection, and other than as specifically set forth in this policy, we only disclose Your personal information in the event it is required to do so by law, a supervisory body or law enforcement agency, or when the Bank in its sole discretion, deems it necessary in order to protect its rights or the rights of others, to prevent harm to individuals or property, to prevent fraud or mitigation of the risks or to enforce or apply the "Agreement on conducting Banking Operations for Individuals and Banking Products and Service Terms".
5. You enjoy the following data protection rights:
• To the extent possible, at any time from the settings section of your account you may access, update or request deletion of Your personal data. If you are unable to perform these actions yourself, please contact Us to assist You.
• To rectify, update and/or complete your information if it is not correct or complete or contact Us to provide You with appropriate assistance.
• Request to restrict processing, erasure or destruction of Your data. However, please note that we have the right to refuse to comply with this request if there is another legal basis for the processing of Your data or we are processing the data to justify a legal claim or objection, the processing of the data is necessary for the exercise of the right of freedom of expression or information or information and/or the processing is required by law provided for archiving purposes in the public interest, or for statistical purposes, and/or the exercise of this right makes it impossible or significantly impairs the achievement of the specified objectives.
• Request blocking of data and/or their transfer in accordance with the rules established by the current legislation of Georgia.
• Withdraw Your consent at any time where the Application relied solely on your consent to process your personal information. In case you no longer wish the Bank to process your personal information in the application, please contact us at the following address: info@silkbank.ge. Such withdrawal of consent may result in the cancellation of your application profile (user).
Please note that before responding to such a request, we have the right to ask you to confirm your identity/verify your identity.
• You also have the right to file a complaint about Our collection and use of your personal data with the Personal Data Protection Service of Georgia (for more information see: https://personaldata.ge) or in court.
6. Changes to the Data Protection Policy
We reserve the right to update this policy at any time. In the event there are significant changes in the way We treat user’s personal information or in the policy itself, you will have the opportunity to familiarize yourself with the information on the changed terms. Unless stated otherwise, Our current Policy applies to all information that the Bank has about you and your Application account.
7. How to contact us:
In case You wish to exercise your rights (data correction, update, addition, blocking, deletion, destruction, etc.), you may contact us through Internet and/or mobile banking or write to us at the e-mails given below. Also, you may visit any branch of the Bank.
Personal data protection officer: dpo@silkbank.ge
Protection of consumer rights: info@silkbank.ge
Additionally, you may contact us via phone number: + (995 32) 24 22 42
You may also contact the consultant through online chat.