This policy applies to the following Deutsche Bank Group entities in India (“Deutsche”).
- Deutsche Bank AG, India
- Deutsche Investor Services Private Limited
- Deutsche Investments India Private Limited
- Deutsche Equities India Private Limited
- Deutsche Securities (India) Private Limited
- Deutsche Trustee Services (India) Private Limited
- Deutsche Asset Management (India) Private Limited
- DBOI Global Services Private Limited
- Deutsche CIB Centre Private Limited
Statements of Practices and Policies
At Deutsche in India, we recognize that one of Deutsche’s fundamental responsibilities is to ensure that Deutsche protects personal information entrusted to Deutsche by its customers. This is critical for the maintenance of Deutsche’s reputation and for complying with its legal and regulatory obligations to protect Deutsche’s customer information. Deutsche also follows a transparent policy to handle personal information of its customers.
Type of Personal or Sensitive Personal Data or Information Collected by Deutsche
Deutsche only collects personal information of its customers as may be required by law or that is reasonably essential to conduct Deutsche’s business.
As part of providing services to its customers, Deutsche may collect personal information including sensitive personal data or information that may consist of or relate to the following:
- Names, contact details, personal details, business details and personal preferences of its customers
- Information relating to its Know Your Clients (KYC) obligations
- Information that may help to provide, improve and maintain its products and services
- Financial information that may include, but might not be limited to, details related to customer bank accounts, credit or debit card, or other payment instrument details
- Biometric information that measures and analyses human body characteristics (such as fingerprints or facial patterns) for authentication purposes
Deutsche may also collect sensitive personal data or information in relation to health for superannuation products. Such sensitive information may include information about race, religious beliefs, sexual preferences, criminal record, medical records and history, physical, physiological and mental health condition.
Collection and Use of Personal Information (Including Sensitive Personal data or Information)
The personal information, including sensitive personal data or information, that Deutsche collects is used for the purposes for which it is collected or for related purposes that would reasonably be expected.
Deutsche may collect such personal information either itself or through its Third Parties. For the purpose of this policy “Third Party
” includes any service provider or any Deutsche group entity associated with Deutsche in collecting, handling, storing, dealing, transmitting or processing personal information of Deutsche customers, in India or abroad.
Deutsche may use the information provided by customers for one or more of the following purposes:
- To process, confirm and fulfill customer requests regarding Deutsche products and services or transactions made using Deutsche online services
- To contact customers regarding their enquiries and requests
- To identify customers for login
- To comply with the rules relating to Know Your Customer (KYC) obligations and under Prevention of Money Laundering Act (PMLA)
- For Deutsche marketing purposes and partner promotions, such as sending updates to customers on Deutsche’s latest offers and promotions
- For identification, verification and background screening purposes
- To conform to legal requirements or comply with legal processesTo protect and defend Deutsche’s or its affiliates' rights, interests or property
- To enforce the terms and conditions of the products or services offered by Deutsche or such other purposes expressly specified in the data entry forms or other relevant sections of the web resources of Deutsche
If a customer does not wish to provide consent for usage of its sensitive personal data or information or later withdraws the consent, Deutsche has the right not to provide services or to withdraw the services for which the information was sought from the customer.
Disclosure of Personal Information (Including Sensitive Personal Data or Information)
Deutsche shall not disclose personal information of its customers without their prior consent unless such disclosure has been agreed to in a contract between the body corporate and customer, or where the disclosure is necessary for compliance of a legal obligation. In-case Deutsche discloses the personal information to Third Parties Such Third Parties will be bound contractually to ensure that they protect customer personal information in accordance with applicable laws.
The above obligations relating to sharing of sensitive personal data or information will not apply to information shared with government mandated under the law to obtain such information or by an order under law for the time being in force. Further, if any sensitive personal data or information is freely available or accessible in the public domain, Deutsche will not have any obligations regarding the same.
Deutsche retains information about customers for as long as necessary to fulfill the purpose for which such information was collected or as is otherwise required under any other law for the time being in force. However, this is subject to Deutsche’s rights and obligations under applicable laws to ensure retention of records which may contain sensitive personal data or information.
Reasonable Security Practices and Procedures
Deutsche uses appropriate techniques and processes to protect personal information including sensitive personal data or information.
Deutsche is committed to implement physical, electronic, and procedural safeguards to protect customer information against loss, misuse, damage and unauthorized access, modifications or disclosures. Deutsche continuously reviews and enhances Deutsche’s security policies and security measures to consistently maintain a high level of security.
A few key features of our information security program include:
- Use of firewalls, encryption, and other specialized technology
- Deployment of information security professionals that design, test, implement, and provide oversight to our information security and risk management programs
- Assurance that only employees of Deutsche and/ or its Third Parties will have access to sensitive personal data or information
- Continuous monitoring of Deutsche’s technical environment for vulnerabilities and potential intrusions
- Logical and physical controls to identify, authenticate and authorize access to Deutsche’s applications and building facilities
Notification of Changes in Policy
Grievance Redressal Officer
If customer wishes Deutsche to address any discrepancies and grievances in relation to the sensitive personal data or information, the customer may write to Deutsche’s Grievance Officer and Deutsche will respond on the request in a time bound manner in accordance with applicable laws.
The contact details of Deutsche’s Grievance Officers are as under:
Entity : Deutsche Bank AG, India
Name : Manoj-S Naik
Contact no : +91 22 71803692
Email : email@example.com
Entity : Deutsche Investor Services Private Limited
Name : Mr. Swadhin Sengupta
Contact no : +91(22)7180-6141
Email : firstname.lastname@example.org
Entity : Deutsche Investments India Private Limited
Name : Mr. Avanish Srivastava
Contact no : +91(22)7180-3957
Email : email@example.com
Entity : Deutsche Equities India Private Limited
Name : Mr. Sanjiv Nagar
Contact no : +91(022)6658-4578
Email : firstname.lastname@example.org
Entity : Deutsche Securities (India) Private Limited
Name : Mr. Mandar Ponkshe
Contact no : +91(22)22078718/20
Email : email@example.com
Entity : Deutsche Asset Management (India) Private Limited & Deutsche Trustee Services (India) Private Limited
Name : Mr. Kiran Deshpande
Contact no : +91(22) 66584320
Email : firstname.lastname@example.org