Privacy Policy

This Privacy Policy (hereinafter — Policy) of the Garantbank mobile application for servicing individuals (hereinafter – Appendix)

"Garant Bank" JSC (hereinafter referred to as the Bank) was formed in accordance with the Law of the Republic of Uzbekistan dated July 2, 2019. No. ZRU-547 “On personal data” and determines the procedure and conditions for the processing of Clients’ personal data, which the Bank may receive in the process of their use of the Application. The Client’s consent to the provision of personal data, given by him in accordance with this Policy, applies to all persons affiliated with the Bank.

Use of the Application means the Client’s unconditional consent to this Policy and the terms of processing of his personal data specified therein. In case of disagreement with these terms and conditions, the Client must refrain from using this Application.

The following terms are used in this Policy:

Personal data — information recorded on electronic, paper and (or) other tangible media relating to a specific individual or making it possible to identify him;

Personal data subject (Client) — the individual to whom the personal data relates;

Personal data database — a database in the form of an information system containing personal data;

Processing of personal data — implementation of one or a set of actions to collect, systematize, store, change, supplement, use, provide, distribute, transfer, depersonalize and destroy personal data;

Mobile application "Garantbank" – specialized software created on the basis of mobile technologies, designed to carry out banking operations, obtain information about the status of accounts and other information, as well as perform other actions provided for by the functionality of the Garant bank mobile application online.

Third party — any person who is not the subject, owner and (or) operator, but is related to them by circumstances or relationships for the processing of personal data.

2.1. When using the Mobile Application, the Client provides and the following types of information are collected by the Mobile Application:

2.1.1. Personal information:

- Last name, first name and patronymic of the Client;
- Gender of the client (male/female);
- Nationality and citizenship of the client;
- Date of birth;< br />- personal identification number of an individual;
- Data of an identity document (including series and number, date of issue and validity period of the document);
- Client’s TIN;
- Address of permanent and /or temporary registration;
- Place of birth;
- Phone number;
- Email address;
- Client photo.

2.1.2. Financial information for performing financial transactions:

- Data on bank accounts;
- Information on transactions;
- Data on credit history and other financial data;
- Data on deposits;
- Data on purchases using the application;
- Data on balances and transactions on cards of other banks added to the application.

2.1 .3. Information about the device and use of the application:

The Bank automatically collects the following information about the device on which the Application is installed:

- Model, operating system, unique identifier, device screen resolution;
- Application version;
- IP address;
- Information about telephone contacts and SMS on the Client’s device;
- Unique identifier of the Client in the application (user ID);
- Data about the user's actions in the application (transitions between screens, pressing individual buttons, etc.) and web addresses on which the advertisement was placed, through which the Client made the transition.

2.1.4. Location Information:

The Bank may collect Customer location information using GPS and other technologies to provide the Customer with content related to the current location, as well as to provide security and location control for banking transactions.

2.2. The Policy applies only to this Garant bank Mobile Application. The Bank does not control and is not responsible for websites and mobile applications of third parties, to which the Client can go through links available in the Application, including in search results. On such sites and applications, other personal data may be collected or requested from the Client, and other actions may be performed.

2.3. In general, the Bank does not verify the accuracy of the personal data provided by Clients in the Application and does not monitor their legal capacity. The Bank assumes that the Client provides reliable and sufficient personal data in the Application on the questions proposed in the registration form, and maintains this data up to date.

Customer data is processed by the Bank for the following purposes:

- technical management of the Application;
- analysis and improvement of the Application;
- providing Customers with information about the services provided by the Bank and offered Bank products, as well as the collection of analytical and statistical data regarding their use of the Application;
- for marketing purposes;
- for other purposes specified in this Policy or the terms of use of the Mobile Application (Offer).

4.1. The Bank does not provide Customer data to companies and individuals not related to the Bank, except for the cases listed below:

4.1.1. The client agreed to this. For the Bank to provide Client data to companies and individuals not associated with the Bank, including other Clients, additional consent of the Client is requested.

4.1.2. As required by applicable law. The Bank provides Customer data if the receipt, use and disclosure of such data is necessary for the purpose of:

- implementation and compliance with current legislation, court decisions or fulfillment of legal requirements of government bodies;
- identification, suppression or other obstruction of fraud, as well as elimination of technical failures or security problems;
- protection of the rights, property or safety of the Bank, Clients of the Bank's Mobile Application within the framework permitted by current legislation.

4.2. The Bank may provide generalized anonymized data of Clients of the Bank's Mobile Application to partners (for example, for the purpose of conducting statistical and other research).

4.3. When transferring Client information abroad, the Bank ensures compliance with current legislation and these Regulations in relation to Client data by concluding agreements that will ensure that data recipients adhere to an appropriate level of protection.

5.1. The client may at any time change (update, supplement) the personal data provided by him or part of it.

5.2. The Bank ensures the protection of the Client’s data during its processing, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data , and does not allow violation of the confidentiality of the received data.

5.1. The client can change (update, supplement) the personal data provided by him or part of it at any time.

5.2. The Bank ensures the protection of the Client’s data during its processing, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), retrieval, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data , and does not allow violation of the confidentiality of the received data.

6.1. The Bank has the right to make changes to this Policy at any time, indicating the date of such changes.

6.2. The new edition of the Policy comes into force from the moment it is posted in the application and on the Bank's website, unless otherwise provided by the new edition of the Policy.

6.3. The Bank recommends that Clients regularly refer to this Policy in order to familiarize themselves with the most current version.

5.4. The law of the Republic of Uzbekistan applies to the Policy and the relationship between the Client and the Bank that may arise from the Policy or in connection with it.