Ecobank

Procedure for personal data protection

General

Procedure for personal data protection (hereinafter referred to as the "Procedure") defines the interactions between JSB “UKRGASBANK”, Unified State Register of Enterprises and Organizations of Ukraine Code 23697280, (hereinafter referred to as the "Bank") and individuals visiting the site https://www.ukrgasbank.com/ (hereinafter referred to as the "Site"), including those who use the Site's services (hereinafter referred to as "users") regarding the processing of users' personal data.

The Bank emphasizes that the Site is not designed for minor users.

Collection and use of Site user personal data

The Bank is the holder and controller of the Site user personal data.

When the user uses the Site services, the Bank processes the user's data (data provided by the user both when filling out registration forms and during the use of services), including but not limited to:

  • last name, first name, patronymic;
  • taxpayer identification number (identification number);
  • actual place of residence and state registration, living conditions;
  • education, occupation, specialty, work experience and information about the place of work and position;
  • personal information about age, marital and family status, relatives;
  • data and copies of documents issued in the name of an individual or on his/her behalf;
  • financial condition, income, types of accruals and deductions;
  • e-mail address, telephone numbers and other electronic identification data;
  • voice recordings, images (photos and videos);
  • credit history and any information on the status of execution of obligations under agreements concluded with the Bank and other deeds by an individual;
  • information on the actions of an individual and their results that took place within execution of agreements concluded with the Bank;
  • other information that became known to the Bank due to implementation of legal relations with an individual, in compliance with the requirements of the legislation of Ukraine and internal documents of the Bank;
  • cookies;
  • IP address;                                                             
  • parameters and settings of Internet browsers (user-agent).

The Bank processes personal data only to the extent necessary for the purposes for which it was collected. The user agrees that the provision of personal data for processing by the Bank in accordance with this Procedure is done with the user's full understanding, knowingly and voluntarily. The user confirms that he/she has provided his/her consent to the Bank to process his/her personal data in accordance with the Law of Ukraine "On Personal Data Protection" and that such processing of personal data is a measure preceding the conclusion of a transaction with the Bank.  

The user has the right:

  • to know about the sources of collection, location of their personal data, the purpose of their processing, location or place of residence (stay) of the personal data holder or controller or give a corresponding order to obtain this information to authorized persons, except as provided by the law;
  • to receive information about the conditions for granting access to personal data, namely, information about the third parties to whom his/her personal data is transferred;
  • to access his/her personal data;
  • to receive an answer as to whether his/her personal data is processed, as well as to receive the content of such personal data no later than thirty calendar days from the date of request receipt, except as provided by the law;    
  • to make a reasoned request to the personal data holder with an objection to his/her personal data processing;
  • to make a reasoned request to change or destroy his/her personal data by any personal data holder and controller, if this data is processed illegally or is inaccurate;
  • to protect his/her personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, non-provision or untimely provision, as well as to protect against provision of information that is unreliable or discredits the honor, dignity and business reputation of an individual;
  • to file claims against the processing of his/her personal data to the Commissioner for Human Rights of the Verkhovna Rada of Ukraine or to a court; 
  • to apply legal remedies in case of violation of the legislation on personal data protection;
  • to make reservations regarding the restriction of the right to process his/her personal data within the consent granting; 
  • to withdraw consent to the personal data processing;
  • to know the mechanism of automatic personal data processing;
  • to obtain protection against an automated decision that has legal consequences for him/her.

When visiting the Site, all system logining is recorded. Other user traffic information is not processed or stored. The Bank collects data on statistics of Site visits. The information may include information about the connection, traffic, user's browser, as well as the date, time, duration of work on the Internet and stay on the Site.    

The Bank is limited to collecting the minimum scope of information required solely to fulfill the personal data subject request. In any case, when optional information is requested, the user will be notified at the time of such information collection.       

The Bank does not collect any information the processing of which is limited with some requirements of the law, such as information about racial or ethnic origin, political, religious or ideological beliefs, membership in political parties and trade unions, criminal convictions for committing a crime, or conviction, as well as data related to health, sexual life, biometric or genetic data (according to Article 7 of the Law of Ukraine "On Personal Data Protection").         

Personal data processing

The processing and storage of the provided personal data are carried out by the Bank in data centers created following the requirements of the legislation of Ukraine.

Purpose of processing personal data

Your personal data is used to ensure provision of banking, financial and other services, Internet services of the Site, exchange of information, news, relations in the field of advertising and communication, respectively, and to comply with the laws of Ukraine, including, but not limited to: "On Banks and Banking". "On Personal Data Protection", "On Ratification of the Convention for Protection of Individuals with regard to Automatic Processing of Personal Data and the Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data concerning Supervisors and Cross-Border Data Flows", "About Information", "About Advertising ".

Specifics of personal data processing in the Bank's mobile applications

The Bank processes information in mobile applications in accordance with the legislation of Ukraine, regulations of the National Bank of Ukraine, agreements (contracts) between clients and the Bank, the consent given by the Bank's clients, as well as in accordance with this Procedure.

This Procedure applies to the Bank's mobile applications (hereinafter referred to as "Mobile Apps") regardless of how the Bank's client accesses the Mobile Apps (via computer, mobile phone, tablet, or other device).

In order to process payments made by the Bank's clients using the Mobile Apps and allow clients to perform other operation, the Bank collects information specified in: agreements (contracts) between clients and the Bank; in the consent provided by the Bank's clients, on the Bank's Site, in this Procedure. The Bank collects, namely, the following information about the clients:

  • credit and/or debit card numbers, their current balance and expiration dates of cards;
  • bank account numbers, their current balance and expiration dates;
  • date of birth, taxpayer identification number (TIN) or any other identification number recognized by the state.

In case it is necessary to register the Bank's client and/or his/her electronic device in the Bank's Mobile Apps, the Bank also collects:

  • device information, such as operating system version, hardware model, IMEI, and other unique device identifiers. The Bank does not collect information about call history, contact lists, or other such data;
  • information about the Bank client's actions within the Mobile Apps, such as: time and duration of using the Mobile Apps, actions performed by the Bank's client while using the Mobile Apps and any other information that may be stored in cookies used by the Bank on some devices;
  • other information — about the Bank's client use of the service using the Mobile Apps, for example, how the Bank's client uses the content provided by the Mobile Apps.

When using the Mobile Apps to process a transaction, the Bank uses information about the transaction, including: date, time and amount of the transaction, location and description of the seller (merchant), description provided by the seller of the goods or services for which payment is made, the method of payment used, the purpose of payment and any other information that may be added to the transaction by the seller and/or buyer (the Bank's client).    

In order to provide the Bank's clients with the opportunity to confirm their actions in the Mobile Apps with a one-time temporary password (OTP), the Bank requests access to SMS services. The one-time temporary password can be requested within registration or certain actions when using the Mobile Apps (financial transactions, card unlocking, and etc.). In order to carry out the client's financial operation, the Bank uses the mobile phone number of such Bank's client. The Bank does not collect information on the Bank's client SMS history. The Bank may also register the device in the relevant services provided by Google or Apple in order to enable the Bank's client to confirm his/her actions in the Service (system) by PUSH-messages.   

The Bank also collects and stores information provided by the Bank's client directly to the Bank, as well as data of the Bank's client as a user used for his/her registration and/or registration of his/her device in the Mobile Apps for processing these Bank’s client payments.         

Any personal information provided by the Bank's clients directly to the third party: the seller of goods, services (merchant), website or program is not covered by this Procedure. The Bank shall not be responsible for confidentiality of the information and security of the sellers (merchants) or third parties to whom the Bank's client directly transmits its personal information. The Bank recommends to the Bank's clients to get acquainted with the privacy policy of the third parties to whom the Bank's clients transmit their personal information.

The Bank will not disclose/transmit the Bank's client information to anyone outside the Bank, except as provided by the legislation of Ukraine, the terms of agreements (contracts) between the clients and the Bank, the terms of the consent provided by the Bank's clients. 

The security of the Bank's client's account in the Mobile Apps depends on how the Bank's client stores a computer, mobile phone, tablet or other device, password(s), PIN or other information that allows access to the Bank's client's accounts in the respective Mobile Apps, and whether the Bank's client distributes this information to the third parties. If the Bank's client voluntarily provides the third parties with its computer, mobile phone, tablet or other device and/or the above information, the third party will have access to the Bank's client's account in the Mobile Apps and personal information of this Bank's client, the Bank shall not be responsible for such cases.   

The Bank's client shall be directly responsible for controlling access to his/her computer, mobile phone, tablet, or other mobile device, mobile application that may be installed on his/her computer, mobile phone, tablet, or other mobile device, the Bank's client shall also be responsible for storing his/her passwords and/or PINs and for distribution (dissemination) of this information to the third parties.   

The Bank's client shall also be obliged to immediately notify the Bank if he/she believes that his/her personal information in the Mobile Apps has been compromised.

Use of cookies

Cookie is (are) a text file(s) that contain(s) a small amount of information that is (are) sent to a web browser and stored on the user's device. Such devices may include a computer, mobile phone or other device through which the user visits the Site.

Cookies can be perpetual (they are called persistent cookies) and stored on the computer until the user deletes them or temporary (such cookies are called session cookies), i.e. stored only until the browser is closed. In addition, cookies are divided into primary (they are set directly by the site visited) and third-party (set by other websites).

It is important:

  • when the user visits the Site again, the cookie data is updated;
  • in most cases, the default web browser allows automatic storage of cookies on the user's device;
  • disabling cookies may lead to restriction of access to published materials and/or malfunction of the Site services.

The Bank cares about its users and tries to make their stay on the Site as comfortable as possible, for this purpose the Bank needs to analyze the behavior, preferences and interests of the user via cookies. This analysis will help the Bank to improve the experience of interaction with the Site, determine the most user-friendly interface and navigation of the Service.

According to the classification of the International Chamber of Commerce, the Bank uses the following categories of cookies:

Strictly necessary cookies are required for the user to navigate on the web page and when using certain services, for example, to access secure pages, registration and authorization, search the Site. Also, remember the previous actions of the user when going to the previous page in the same session.

Operational cookies aggregate information about how the Site is used. This data is stored on the user's device between web browser sessions. Examples of such data are the following metrics: time spent on the Site, the most frequently visited pages, understanding which sections and services of the Site were most interesting to the user, how effective the advertising and/or marketing campaign was, and etc.

All information collected through operational cookies is designed for statistical and analytical purposes. Some cookie data may be provided to the third parties who have permission from the website and for the above purposes only.

Functional cookies are used to store parameters or configurations that are stored on the user's device between web browser sessions. Examples of such data are the following metrics: username, profile photo, information on comments left, Site language version, location, information on whether the user has been provided with any information or selected preferences previously, as well as other Site setting parameters.

These cookies also allow users to watch videos, participate in interactions (polls, voting) and interact with social networks.

To make the experience more pleasant after visiting the resource, these cookies remember the information provided by the user, increasing the efficiency of interaction with the Site.

Some cookie data may be provided to the third parties who have permission from the website and for the above purposes only.

Target cookies are used to provide content that may be interesting to the user. This data is stored on the user's device between web browser sessions. Examples of such data include the following metrics: tracking the recommended text, graphics, audio, and video to avoid reruns, managing the targeted advertising, evaluating the effectiveness of advertising campaigns, information about user visits to other resources within conversions, and other Site setting parameters.

The Site may share this information with other parties, including media customers, advertisers, agencies, and related business partners, in order to provide qualitative targeted advertising.

Cookies of third-party services and analytics services

For prompt delivery, better display and detailed analysis of content on the Site, the Bank uses services that are owned by other third parties, such as Facebook, Twitter, Instagram, Alphabet Inc., Gemius and etc.

As example, the Banks may use cookies on the user's device while working on the Site.

Please note that the Site may not affect the operation of cookies used by these services. All the necessary information about their use can be found by visiting the appropriate resource.

Cookie management

Major web browsers (listed below) are set to automatically accept cookies. To disable them, use the help function in your browser. Help can be called up via the menu or using F1 key.

Microsoft Edge — https://privacy.microsoft.com/ru-ru/privacystatement

Mozilla Firefox — https://www.mozilla.org/ru/privacy/websites/#cookies

Google Chrome — https://support.google.com/chrome/answer/95647?hl=ru

Opera — http://help.opera.com/Windows/11.50/ru/cookies.html

Safari for macOS — https://support.apple.com/kb/PH21411?locale=en_US

It is important:

  • the configuration of cookie settings for mobile web browsers may differ;
  • it shall be noted that full-fledged work with the Site is available only when using cookies;
  • disabling cookies may restrict access to the content and malfunction of the Site services.

If the user does not enable the use of cookies or intentionally deletes all cookies from his/her web browser, then upon further visit to the Site, the user will be re-offered to enable and use cookies.

Information about users obtained via cookies is not sold or disseminated in the public domain, and is also the property of the Bank that owns the resource.

Site interaction with other resources

When the user uses the services, the pages of the Site may contain codes of other Internet resources and third parties, as a result of which such Internet resources and third parties receive your data. Therefore, these online resources may receive and process information that you have visited these pages, as well as other information transmitted by the user's browser.

Use of these services of the Bank is necessary for the operational analysis of Site visits, internal and external assessment of site traffic, depth of views, user activity. The Bank does not store or process the data received from these services.

Accordingly, if the user for any reason does not want these services to access his/her personal data, the user can voluntarily log out of his/her account or profile and clear cookies (through his/her browser).

Print view
Ми використовуемо cookie-файли на нашому сайті, для надання більш комфортного сервісу.
Банк використовує файли cookie, щоб забезпечити коректне функціонування сторінок сайту, поліпшити взаємодію з користувачем і пропонувати вам більш клієнтоорієнтовану рекламу. Ознайомтесь з Порядком та процедурою захисту персональних даних для отримання додаткової інформації стосовно файлів cookie. Натискаючи на кнопку «ОК», ви підтверджуєте ознайомлення з Порядком та процедурою захисту персональних даних.
Мы используем cookies на этом сайте, для предоставления более комфортного сервиса.
Банк использует файлы cookie, чтобы обеспечить корректное функционирование страниц сайта, улучшить взаимодействие с пользователем и предлагать вам более клиентоориентированную рекламу. Ознакомьтесь с Порядком и процедурой защиты персональных данных для получения дополнительной информации касательно файлов cookie. Нажимая на кнопку «ОК», вы подтверждаете ознакомление с Порядком и процедурой защиты персональных данных.
We use cookies on this site to provide you with the best experience.
Bank uses cookies to ensure the correct functioning of the website pages, to improve interaction with the user and to offer you more customer-oriented advertising. Please review the Privacy Policy for more information about cookies. By clicking the "OK" button, you confirm that you have read the Privacy Policy.