This document applies to First Touch Banking , The Mobile app is developed & owned by The First MicroFinanceBank Ltd. (https://www.fmfb.pk) . We've tried to keep text simple, so we hope you will take a time to read it carefully.
Personal info
We made First Touch Banking Application with your privacy in mind, so we only require information that are required to verify your identity with the Bank so that only you can use your account for financial transactions. In this regard following information is required to verify your customer relation with the First MicroFinanceBank Ltd.
- Customer Mobile Number
- Customer National Identity Card Number (CNIC)
- Customer Bank Account Number
Privacy-relevant Android permissions requested by this Application
Following permissions are required to use First Touch Banking App
Internet
Allows applications to open network sockets so that the application can communicate with the online server.Read Phone State
Allows read only access to phone state, including the Mobile Device ID/Model and IMEI Number to secure your bank account against specific device.ACCESS NETWORK STATE
Allows applications to access information about networks.Read External Storage
This permission is required to access images/photos from phone gallery so that customer can upload his/her profile photo.Write External Storage
Profile Photo in First Touch Banking is required to be stored in the phone storage, that is why this permission is required.USE FINGERPRINT
The FINGERPRINT permission is required to allow the First Touch Banking Application customers to login with their Finger Print functionality.ACCESS FINE LOCATION
This permission is required so that Customer Location can be accessed during app usage for functionalities like Nearest ATM, Bank Branches and financial Transaction logs.ACCESS COARSE LOCATION
This permission is required to accurately locate that Customer Location during app usage for functionalities like Nearest ATM, Bank Branches and financial Transaction logs.SMS_RECEIVED permission
This permission may be required during some Financial Transaction so that customer authentication can be done with OTP (One-Time-Password).Information Collection & Usage
While using FMFB products and services, customers are required to provide certain type of information or documentation in compliance with the relevant product/ service program. Being a responsible and customer centric institution FMFB will ensure following:
- Collect all information/ documentation with lawful grounds and legitimate business purposes.
- Communicate the purpose of collecting the information/ documentation and potential use of the same to the customer.
- Use information/ documentation only for the purpose those have been obtained and will not use for anything else unless customer has been informed or permission has been obtained in this regard.
- Use information/ documentation within FMFB or its associates to facilitate customer’s banking needs and will not sell or transmit data/ documents to any other individual/ organization for cross selling.
- Not to ask any additional information/ documentation unless the same is required for the intended products/ services or in accordance with laws and practices.
- Take consent of customer to share personal information with external audience, including credit bureaus, insurance agents, collection companies, partners, associates, vendors, partners etc.
- Seek prior permission of the customer to use information, documentation or photos in promotions, marketing material or any other public information.
- No change in the customer’s existing information/ data will be made unless the appropriate documentary/ electronic evidence along with customer’s request/ consent have been received.
- The data obtained can be converted into electronic and electronic data may be converted into physical record for the intended use communicated to customer without seeking any consent of customer
Information/ Data Access & Security
The customer information/ documentation once obtained are required to be properly secured in order to avoid misuse or misappropriation of client information. In order to ensure security of data the, FMFB will ensure following:
- Implement appropriate Systems and controls over the customer information, data and documentation obtained during business relationship.
- Systems/ Application being used for acquisition/ storage/ transmission of data should be secured by using the appropriate data security tools in line with FMFB information systems security policies & procedures.
- Appropriate data backup and contingency plans will be implemented to ensure recovery of data if lost in any disaster.
- Restricted access of systems/ applications will be provided to the relevant staff members authorized to process/ access the information.
- The sensitive information may be masked in the reports or system view level if required to maintain security of customer information.
- The FMFB staff will not be allowed to download any data into their personal data storage devices neither they will be allowed to transmit any data out of FMFB Network by any mean unless they are authorized to do so.
- Proper logs should be maintained for the staff accessing customer information and same should be monitored to avoid any misuse of information.
Data Sharing with External Audience
The FMFB may disclose information that it has collected from users to affiliates, independent contractors and business partners who may use the information for the purpose of delivery of banking products & services. The FMFB will ensure following while sharing data with the external audience:
- Take consent from the customer regarding sharing of data with its associates, vendors, sub-contractors service providers etc.
- Enter into Non-Disclosure of information agreement with the respective parties before sharing any customer related data.
- Conduct due diligence of external parties to check the have in place appropriate security measures for protection of data provided by FMFB.
- Only share the specific data required for the provision of services and avoid sharing of any additional data not required for performance of required services.
- Data transmission with the vendors should be under secured data transfer protocols to avoid leakage of the same.
Data Sharing with Governmental Agencies & Regulatory Bodies
FMFB is lawfully liable to share customer data with government agencies & regulatory bodies as and when required in either form, electronic or physical. FMFB will be reporting required information of customers either directly or indirectly banking with FMFB, to these Government Agencies & Regulatory Bodies upon their request or in form of interim reporting.
Any individual or an entity, either banking directly or indirectly with FMFB cannot challenge the bank in case of any actions or what so ever being charged by governmental agencies or their allies.
Data sharing with Affinity Partnerships
To facilitate customers, bundled services are being offered by alliance partners of the FMFB in shape of specialized services. These specialized services are offered exclusively to customers of FMFB. These services range from free of cost products and services at FMFB alliance partner as well as special discounts and privileges.
To design these service offerings and signing alliances, FMFB is subject to share customer basic information such as high level spending habits, general demographical locations, slab based income & expenditure habits and other related information. This information may and may not be shared with prior customer consent. But sharing of this information by FMFB with alliance partners is subject to confidentiality signed under non-disclosure agreement.
Data Retention & Disposal
FMFB will ensure the retention of information or data collected either electronically or physically by ensuring appropriate level of security over the custody at minimum for the period required by the SBP Prudential Regulations. After completion of required data retention period FMFB may dispose of data/ record in such a way that it has been completely destroyed and no part of the same can be used by anyone by any mean.
Communications with Customer
FMFB may use customer personal information to contact them with marketing or promotional materials, product awareness and other information. FMFB may contact users via email, notification sent on mobile by mobile application, SMS or by any mean including digital and physical.
Disclosure of Information
FMFB may disclose information that it has collected from users without seeking prior consent from customer under following special circumstances:
- When FMFB is required to submit in the court of law information or documentation related to customer relationships
- When FMFB is required to disclose information under the compulsion of law
- When it is in interest of Public at large or Nation to disclose any of the information related to specific customer(s)
- When it is in the better interest of FMFB to disclose information related to any specific customer(s)
- When FMFB have obtained expressed or implied consent of the customer regarding disclosure of customer affair