“Altyn-i” (“Altyn Bank” JSC (Joint stock company) (SB (Subsidiary bank) of China CITIC Bank Corporation Ltd (Limited))), hereinafter referred to as the “Bank”, thanks you for your interest in the Products and Services provided by the Bank, hereinafter referred to as the “Bank services”. The protection of your personal information is very important to the Bank, therefore we take special care in protecting the data that is collected and processed when using the Bank services.
The Bank services are a mobile application and website that allow users of the Bank services, hereinafter referred to as “Users”, to interact with the Bank within the framework of the concluded Banking services agreement, and without concluding such agreements, as well as to interact with the Bank’s partners under agreements signed between the Bank and such partners, including the information sharing and the performance of individual transactions via the Internet or via special application of a mobile device (smartphone, tablet computer, etc.), as well as an electronic payment system (e-payment system) that allows users of mobile devices to pay for services, make money transfers between individuals through social networks and also to shopping online.
1. Received and used information of the Users, as well as the purpose of its use
2. Terms and conditions of information processing
3. Providing User information to third parties
The Bank shall not to provide user information to companies and individuals unrelated to the Bank, except for the following cases:
– The user has given its consent. To provide the Bank with information of Users to companies and individuals unrelated to the Bank, including other Users, additional consent of the User is requested.
– In accordance with the current legislation of the Republic of Kazakhstan. The Bank may provide summarized anonymized (de-identified) data of the Users of the Bank services to partners (for example, for the purpose of conducting statistical studies and other studies).
When transferring User information abroad, the Bank ensures compliance with the current legislation of the Republic of Kazakhstan with respect to information of Users, including by entering into agreements, in which it will be guaranteed that the recipients of information adhere to the appropriate level of protection.
4. Security measures used to keep information confidential
The Bank takes all possible measures to ensure the safety and protection of Users’ personal information from unauthorized access (hacking attack), modification, disclosure or destruction, as well as other types of improper use. In particular, the Bank is constantly improving the methods of collecting, storing and processing data, including physical security measures, to counteract unauthorized access to the systems of the Bank for the purpose of theft of property, phishing (fishing) and other types of fraud. The bank also restricts access to Users personal information by employees, contractors and agents, providing for strict contractual obligations in the field of confidentiality, for violation of which, strict liability and penalties are established.
The security of using the Bank services also depends on the User’s compliance with the recommendations, which can be found in the official website of the Bank. The User must keep account data, such as login and password, secret from third parties. The User undertakes to immediately notify the Bank of any case of suspicion of unauthorized use of its account.
Compliance by the User with the Bank’s recommendations will ensure the maximum safety of the information provided to the Bank, including the details of the User’s plastic card (or other electronic payment instrument), and other data, as well as mitigate possible risks when performing transactions using the details of the plastic card (or other electronic payment instrument) for non-cash payment for goods and services, including online (the Internet) payments.