To access the old website
Click Here
Privacy Policy for EU Region
a. Axis Bank Limited recognizes the expectations of its customers with regard to privacy, confidentiality and security of their personal information that resides with the Bank. Keeping personal information of customers secure, using it solely for activities related to the Bank and preventing any misuse of that information are top priorities for the Bank.
b. This privacy policy (“Privacy Policy”) applies to any processing of your personal data by Bank whether in physical or electronic mode and outlines the Bank’s approach to data protection to fulfill its obligations under the EU General Data Protection Regulation 2016/679 ("GDPR") and other applicable data protection laws in the United Kingdom. The Privacy Policy governs the way in which the Bank collects, uses, discloses, stores, secures and disposes of personal information and sensitive personal data or information. (This privacy policy (“Privacy Policy”) applies to any processing of your personal data by us whether in physical or electronic mode and outlines the Bank’s approach to data protection to fulfill its obligations under the applicable privacy laws of the country where our services are being provided . The Privacy Policy governs the way in which the Bank collects, uses, discloses, stores, secures and disposes of personal information and sensitive personal data or information.)
c. In this Privacy Policy “we”, “us”, “our”, “ours” or “Bank” refers to Axis Bank Limited, which is a company within the meaning of the Companies Act, 2013 and a banking company having license as such from the Reserve Bank of India under the provisions of the Banking Regulation Act, 1949, and having its registered office at: Axis Bank Limited, ‘Trishul’, 3rd Floor, Opp. Samartheshwar Temple, Near Law Garden, Ellisbridge, Ahmedabad - 380 006 and website at Axisbank.com.
d. We act as a controller of the personal data you provide to us. We reserve the right to amend this Privacy Policy at any time. Our processing of your personal data will be governed by the practices set out in that new version of the Privacy Policy from its effective date onwards. Any changes we may make to this Privacy Policy in the future will be communicated to you by email.
The categories of personal data collected are as follows:
i. Identity information such as name, date of birth, PAN, TIN, GSTIN, Aadhaar number or Aadhaar enrolment number, passport details, photograph and voter id.
ii. Contact details such as email address, contact number, postal address.
iii. Socio-Demographic details such as nationality, marital status, education and qualification.
iv. Social Relationships details such as your father’s name, mother’s name, spouse’s name.
v. Occupation/ employment details such as your work, profession or occupation and salary or income.
vi. Financial details such as your financial statements, tax return documents, credit score, credit/ debit card details, passbook, bank account details, etc.
vii. Geographical or location details such as IP address, CCTV data, etc.
viii. Device details such as IMEI number, make and model of your mobile phone, apps used and contacts.
ix. Behavioral and usage details such as how you use certain products and services.
x. Communications details such as communication done through letters, emails, live chats, SMS, instant messages, conversations between us.
xi. Special categories of personal data such as religion, bio-metric data, health related data.
a. Personal data that you provide us by means of website/application/visiting our branch, e.g.: When you apply for our products and services
i. When you talk to us on the phone or in branch, including recorded calls and notes we make
ii. When you use our websites, Net Banking, mobile device apps, web chat, products and services
iii. In emails, SMS and letters
iv. In financial reviews and interviews
v. In customer surveys
vi. If you take part in our competitions or promotions
vii. As part of contracts including loan, security and other relevant documents
b. Personal data we collect when you use our services:
i. Payment and transaction data: This includes the amount, frequency, type, location, origin &recipients.
ii. If you borrow money, it also includes details of repayments and whether they are made on time and in full and of any defaults. This may include your data received where we are part of any transaction/ payments/ settlement processing involving you, even in cases where we do not interface with you directly
iii. Profile and usage data: This includes the security details you create and use to connect to our services. It also includes your settings and marketing choices. We also gather data from the devices you use (such as computers and mobile phones) to connect to our internet, mobile and telephone banking services.
iv. We also use cookies to collect data while you are using our websites or mobile apps
v. We also use other internet tracking software to collect data while you are using our websites or mobile apps
vi. Data from your digital and electronic devices (including IP address device type, operating system, screen resolution, and the way you interact with us)
vii. Personal data we collect from other sources:
viii. Entities/ persons that introduce you to us
ix. Credit reference agencies/ credit information companies/bureaus
x. Social media networks
x. Social media networks
xi. Other financial services companies
xii. Employers
xiii. Valuation and other service providers
xiv. Public information sources such as the Electoral Register or registrar of Companies
xv. Agents, suppliers, sub-contractors, and advisers
xvi. Government and law enforcement agencies as part of performance of their duties e.g. garnishee orders
xvii. Third party providers such as public databases, joint marketing partners, social media platforms, email service providers
xviii. Fraud prevention agencies
xix. Entities where we are a part of a transaction, though we may not be directly interfacing with you
a. The table below sets out the purposes for which we use your personal data and our legal basis for doing so. Where we indicate that we will rely on your consent, we will provide a separate consent document for you to consider and to notify us of your consent where you are happy to give this. Where we are relying on a legitimate interest, these are also set out below:
PURPOSE LEGAL BASIS:
To provide our products and services to you including but not limited to your payments processing, account management, providing account statements, handle queries and complaints, contact you, and establish your eligibility for the same including running credit checks run business on a day to day basis;
- Necessary to perform the agreement we have with you or to take steps to enter into an agreement with you
To process your application for credit or financial services
- Necessary to perform the agreement we have with you or to take steps to enter into an agreement with you; and/or
To keep you informed about products and services you hold with us and to send you information about products or services (including those of other companies) which may be of interest to you including making personalised offers to you
- Where we have your consent. (for email, SMS or telephone marketing)
To meet our regulatory and reporting obligations and to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes
- Necessary for the purposes of a Legitimate Interest pursued by us.
To share your information with the local government, tax authorities, Reserve Bank of India, credit reference agencies, credit information companies, databases authorised under law, fraud prevention and detection agencies, and Indian and overseas regulators and law enforcement authorities
- Necessary for the purposes of a Legitimate Interest pursued by us.
For assessment and analysis (including credit scoring), statistical, market and product analysis and market research
- Where we have your consent.;
To evaluate, develop and improve our services
- Necessary for the purposes of a Legitimate Interest pursued by us.
To protect our business interests and to develop our business strategies including for authenticity, testing, security, to protect our business, reputation, resources and equipment, manage network and information security practices and manage our business for our legitimate interest etc,
- Necessary for the purposes of a Legitimate Interest pursued by us.
To collect any debts owing to us
- Necessary to perform the agreement we have with you or to take steps to enter into an agreement with you; and/or
For authentication, verification of data and to assess and process any application you make, including for detection or prevention of fraud, money laundering, checks as to identity, sanctions screening, regulatory checks
- Necessary for the purposes of a Legitimate Interest pursued by us.
To run loyalty/ reward programmes you have signed up for
- Necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
To conduct marketing activities, for example, running competitions, promotions and direct marketing (provided that you have not objected to us using your details in this way), and research, including customer surveys, analytics and related activities
- Where we have your consent.
To use cookies in accordance with our Cookies policy
- Where we have your consent.
To use information you have made public and combine with this with the activities outlined above
- Where we have your consent.
The processing is necessary for the purposes of a legitimate interest pursued by us, such as (“Legitimate Interest”)
b. DIRECT MARKETING : We may also use your information to provide you with details about our products and services, or to evaluate, develop or improve our products as well as the experiences of users of our services. Where permitted, we may send you marketing messages by post, email, telephone, SMS, Mobile/Web Push Notification, Social Media, automated voice calls, and secure text messages using external service providers. You can change your options on how you receive marketing messages or choose to stop receiving them at any time. Where you have requested details and offers about the products and services of our business partners or other Axis businesses, either from us or directly from them, we will use your personal data for these purposes.
We will keep the personal data we collect about you on our systems or with third parties for as long as required for the purposes set out above basis our retention policies or even beyond the expiry of our transactional or account-based relationship with you:
i. as required to comply with any legal and regulatory obligations to which we are subject; or
ii. for the establishment, exercise or defense of legal claims.
We are committed to protecting your personal data. We implement appropriate physical, technical and managerial safeguards to protect your personal data from unauthorized access, alteration, transmission and deletion. In addition to our own servers and systems, we may also use servers and systems of third party vendors to store your personal data. These entities/ companies provide services to us under suitable confidentiality agreements.
a. We only share your personal data with the following persons and/or in the following circumstances, and only as may be necessary:
b. Statutory and regulatory bodies and authorities (including central and local government) and law enforcement authorities, investigating agencies and entities or persons, to whom or before whom it is mandatory to disclose the personal data as per the applicable law, courts, judicial and quasi-judicial authorities and tribunals, arbitrators and arbitration tribunals.
c. Processors and service providers of the Bank, engaged for its various activities and services including postal services and couriers and cloud service providers.
d. Credit information companies, identity and address verification organizations who may record and use your information and disclose it to other lenders, financial services organizations and insurers. Your information may be used by those third parties to make assessments in relation to your creditworthiness.
e. Other banks and financial institutions where required in terms of contract or legal requirements including financial institutions, lenders and holders of security over any property you charge to us.
f. Transferees and assignees and potential transferees and assignees of the Bank.
g. Any other person or organization after a restructure, sale or acquisition, as long as that person uses your information for the same purposes as it was originally given to us or used by us or both.
h. The Bank’s affiliates and group entities, sub-contractors, agents or service providers who work for us or provide services to us or other group companies (including their employees, sub-contractors, service providers, directors and officers).
i. Any joint account holders, trustees, beneficiaries or executors.
j. Anyone who provides instructions or operates any of your accounts on your behalf, e.g. Power of Attorney, solicitors, intermediaries, etc.
k. Third parties we need to share your personal data with, in order to facilitate payments you have requested (for example, SWIFT, credit card issuers and merchant banks) and those you ask us to share your personal data with.
l. We may transfer your personal data both within the Bank and to other parties who may be based in countries outside your residential country and outside the EEA, for any of the purposes described in this Privacy Policy. These countries include India, [?].
m. These countries may have differing (and potentially less stringent) laws relating to the degree of protection afforded to personal data. If we transfer your information outside the EEA to a jurisdiction that is not considered to provide adequate protection for personal data by the European Commission, we will put in place appropriate safeguards to ensure that your information remains adequately protected. You can request information on the specific safeguards we use by reaching out to us at the details provided in the ‘Contact Us’ section of this notice.
- Right to object - You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which processing is based on necessity for the purposes of legitimate interests pursued by us or third party, including profiling. Upon such exercise of your right, we shall no longer process the personal data unless we demonstrate legitimate grounds: (a) for the processing which override your rights or (b) for the establishment, exercise or defence of legal claims.
- Right to withdraw consent - Where the processing is based on your consent you have a right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before such withdrawal. Consequences of withdrawal will be communicated to you on contacting us and on your agreement, your request for withdrawal will be processed.
- Additionally, under the provisions of the GDPR, you also have the right to request from the controller, the access to, rectification and erasure of your personal data, right to restriction of processing concerning your personal data, a right to receive a machine-readable copy of your personal data, and a right to lodge a complaint with a data protection Supervisory Authority.
- For exercising your rights and getting information about any limitations which apply to them, you can reach out to us using the contact details provided in the ‘Contact Us’ section of this notice.
AUTOMATED DECISION MAKING
You have the right under the GDPR to object to a decision being made about you by automated means, including the use of profiling. We may use automated decision-making processes in the following ways:
- Credit checks: If you apply to us for a product, your application may be processed by an automated decision-making process which may carry out credit and affordability assessment checks to determine whether your application will be accepted. Where these automated processes suggest that your application should be rejected, we may manually review your application before making a final decision.
- Credit limits: We may also use automated processes to decide credit limits.
- Anti-money laundering and sanctions checks: We may also carry out automated anti-money laundering and sanctions checks. This means that we may automatically decide that you pose a fraud or money laundering risk if the processing reveals your behavior to be consistent with that of known fraudsters or money launderers, is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk: (i) we may refuse to provide the services you have requested, or we may stop providing existing services to you; and (ii) a record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services or employment to you.
If you want to know more about our automated decision making processes, please contact us using the details provided in the ‘Contact Us’ section of this notice.
For any further queries and complaints related to privacy, or exercising your rights under GDPR, you can reach us at : https://www.axisbank.com/contact-us
Copyright@ 2025 Axis Bank