The Belagavi District Co-operative Bank (BDCC) was founded in 1919. Belagavi was the first registered office of the bank.
Get In Touch
Near Central Bus Stand,
Old P B Road,
Belagavi, Karnataka 590016
0831-2466896
(As per RBI & NABARD Guidelines for DCC Bank)
This Privacy Policy is issued by The Belagavi District Central Cooperative Bank Ltd,. Belagavi a District Central Cooperative Bank regulated under the supervisory framework of the Reserve Bank of India (RBI) and National Bank for Agriculture and Rural Development (NABARD). This policy is designed in compliance with applicable RBI guidelines on cyber security, IT governance, and data protection for cooperative banks, including the RBI Cyber Security Framework for Banks (DBR.No.Leg.BC.78/09.07.005/2016-17) and NABARD Cyber Security Circular No. NB.DoS.Policy/…/2019-20.
The objective of this policy is to ensure protection of customer data, maintain confidentiality, and establish a secure digital banking environment.
This policy applies to all customers, employees, directors, vendors, service providers, and any third party interacting with the bank through physical branches, ATMs, internet banking, mobile banking, UPI services, and other digital platforms operated by the bank.
The Bank collects personal and financial information required for lawful banking operations. This may include name, address, date of birth, KYC documents, PAN/Aadhaar details, contact information, account details, transaction history, and other information submitted during account opening or service usage.
Additionally, the Bank may collect system-generated information such as IP address, device information, location data, and browsing activity when customers use digital banking services.
This collection is aligned with RBI’s Know Your Customer (KYC) and Anti-Money Laundering (AML) guidelines and IT governance requirements.
The Bank collects and processes customer information strictly for lawful and regulated banking purposes in accordance with RBI Master Direction on Know Your Customer (KYC) (RBI/DBR/2015-16/18), Anti-Money Laundering (AML) guidelines, and RBI IT Governance and Cyber Security Framework for Banks (DBR.No.Leg.BC.78/09.07.005/2016-17).
The primary purpose of data usage includes account opening, customer identification, verification of KYC documents, and maintenance of customer records as required under statutory obligations. The Bank also uses customer data for processing financial transactions such as deposits, withdrawals, fund transfers (NEFT/RTGS/UPI), loan processing, interest calculations, and other core banking services.
Additionally, customer information is utilized for credit appraisal, risk assessment, fraud monitoring, detection of suspicious transactions, and compliance reporting to RBI, NABARD, FIU-IND, and other regulatory bodies. The Bank may also use aggregated and anonymized data for analytical purposes to improve operational efficiency, enhance service delivery, and strengthen cybersecurity controls.
Under no circumstances is customer data used for unauthorized marketing, profiling, or any non-banking commercial activity without explicit consent.
The Bank maintains strict confidentiality of all customer data and does not sell, lease, or commercially exploit any personal or financial information.
However, data may be shared with third parties only under controlled and regulated circumstances. This includes regulatory authorities such as Reserve Bank of India (RBI), NABARD, Income Tax Department, Enforcement Agencies, and Financial Intelligence Unit – India (FIU-IND) for compliance with statutory obligations.
The Bank may also share data with Credit Information Companies (such as CIBIL, Experian, Equifax, CRIF High Mark) for credit reporting purposes as mandated under RBI Credit Information Companies (Regulation) Act.
In addition, limited data may be shared with outsourced service providers such as IT vendors, data centre providers, payment gateway operators, SMS/email service providers, and cloud infrastructure partners strictly for operational requirements. All such third-party entities are bound by Non-Disclosure Agreements (NDAs), RBI outsourcing guidelines (RBI/2015-16/497), and strict confidentiality clauses.
The Bank implements a comprehensive Information Security Management System (ISMS) aligned with RBI Cyber Security Framework and ISO/IEC 27001 standards to ensure confidentiality, integrity, and availability of customer data.
Appropriate security controls are deployed including multi-layer firewalls, intrusion detection and prevention systems (IDS/IPS), endpoint protection solutions, anti-malware systems, and secure network architecture with segmentation of critical banking systems.
All sensitive data is encrypted both in transit and at rest using industry-standard encryption protocols such as TLS 1.2/1.3 and AES-256 encryption. Access to critical systems is restricted through role-based access control (RBAC), multi-factor authentication (MFA), and periodic access reviews.
The Bank also maintains continuous monitoring through Security Operations Center (SOC) or managed security services to detect and respond to cyber threats in real time. Vulnerability Assessment and Penetration Testing (VAPT) is conducted periodically through CERT-In empanelled auditors as per NABARD circular NB.DoS.Policy/2020-21.
Security logs are retained and monitored for audit trails, and any suspicious activity is escalated as per the Bank’s Incident Response and Cyber Crisis Management Plan (CCMP).
The Bank retains customer and transaction data only for the period mandated under applicable banking laws, RBI Master Directions, Income Tax Act, and statutory audit requirements.
Account-related records are generally maintained for a minimum period as prescribed by RBI guidelines and statutory compliance requirements, even after account closure. Loan and credit-related records are retained for the entire loan tenure plus the applicable limitation period under legal statutes.
Once the retention period expires, data is securely destroyed or anonymized using approved data destruction methods such as secure wiping, shredding of physical documents, and cryptographic erasure for digital records.
The Bank follows a structured Data Lifecycle Management Policy ensuring proper classification, retention scheduling, archival, and secure disposal of information assets.
The Bank’s website and digital banking platforms may use cookies, web beacons, and similar tracking technologies to improve functionality, enhance user experience, and ensure secure authentication sessions.
Cookies are used to remember user preferences, maintain session integrity, prevent unauthorized access, and analyze website traffic patterns for improving service delivery. These technologies may also assist in detecting fraudulent login attempts and abnormal usage patterns.
Users are provided with the option to manage or disable cookies through their browser settings; however, disabling cookies may restrict access to certain secure features of internet banking and online services.
The Bank ensures that no sensitive banking credentials such as passwords or OTPs are stored in cookies or browser storage.
Customers have defined rights over their personal and financial data in accordance with applicable RBI guidelines and data protection principles.
Customers may request access to their personal data held by the Bank, along with details of how the information is being used. They may also request correction or updating of inaccurate or outdated information through prescribed KYC update processes.
Customers may, where applicable and subject to legal and regulatory limitations, request deletion or anonymization of their personal data. However, the Bank may retain certain information as required under RBI record retention rules and statutory obligations.
Customers also have the right to withdraw consent for optional services such as marketing communications. However, such withdrawal will not affect mandatory banking services required for account operation and compliance.
All such requests are processed through the Bank’s designated Grievance Redressal Mechanism in line with RBI Integrated Ombudsman Scheme and IT grievance handling framework.
The Bank’s website, mobile banking applications, or digital platforms may contain links to external websites, government portals, or third-party service providers for customer convenience.
These external websites are not under the control of the Bank, and therefore the Bank does not assume responsibility for the content, privacy practices, security controls, or accuracy of such third-party platforms.
Users are strongly advised to review the privacy policies and terms of use of such external websites before sharing any personal information.
The Bank ensures that any integration with third-party financial services or payment systems is carried out only with RBI-approved and security-compliant service providers.
The Bank does not knowingly collect or process personal data from individuals below the age of 18 years without appropriate guardian consent and compliance with KYC norms.
In cases where minor accounts are opened, the Bank ensures that such accounts are operated strictly under guardian supervision as per RBI guidelines on minor accounts.
If the Bank becomes aware that personal data of a minor has been collected without proper authorization, immediate corrective action is taken, including deletion or restriction of such data, subject to legal requirements.
The Bank maintains a structured grievance redressal mechanism to address privacy-related concerns, data protection issues, and cybersecurity complaints in a timely and transparent manner.
Customers may submit their complaints to the designated Grievance Redressal Officer, IT Security Officer, or Data Protection Officer (if appointed) through email, written communication, or official bank channels.
All complaints are acknowledged within a defined timeline and resolved as per RBI Integrated Ombudsman Scheme for Cooperative Banks and internal escalation matrix.
In case of cybersecurity incidents or data breaches, the Bank follows RBI and CERT-In incident reporting guidelines, including mandatory reporting timelines and escalation procedures.
The Bank ensures proper documentation, investigation, root cause analysis, and corrective action for all reported grievances to prevent recurrence.
This Privacy Policy is reviewed periodically or whenever there are significant changes in RBI guidelines, NABARD circulars, Information Technology laws, or cybersecurity frameworks.
Any updates or modifications to this policy are approved by the Bank’s Board of Directors or IT/Cyber Security Committee before implementation.
Revised versions of the policy are published on the official website with a clearly updated effective date to ensure transparency and regulatory compliance.
Employees and stakeholders are also informed of policy changes through internal circulars and training programs to ensure proper implementation across all branches and digital channels.
The Belagavi District Central Cooperative Bank Ltd,. Belagavi
Address: Old P.B Road, Near Central Bus Stand
Email: ho[at]belagavidccb[dot]bank[dot]in
Phone: 0831-2466896
Website: www[dot]belagavidccb[dot]bank[dot]in
🔹 Policy Acceptance Statement
By accessing, browsing, or using this website of The Belagavi District Central Cooperative Bank Ltd,. Belagavi the user acknowledges that they have read, understood, and agree to be bound by the terms of this Privacy Policy. Continued use of the website and digital banking services shall be considered as explicit consent to the collection, processing, and use of personal and financial information in accordance with applicable banking regulations.
Regulatory Compliance Declaration
This website and its data handling practices are governed in accordance with applicable guidelines issued by the Reserve Bank of India (RBI), National Bank for Agriculture and Rural Development (NABARD), and other statutory authorities from time to time.
The Bank ensures compliance with RBI Cyber Security Framework for Banks (DBR.No.Leg.BC.78/09.07.005/2016-17), RBI Master Direction on IT Governance and Data Security, and applicable provisions of the Information Technology Act, 2000 (as amended).
🔹 Data Usage Consent Confirmation
Users explicitly consent that the Bank may collect, store, process, and share their personal information strictly for legitimate banking purposes such as account management, transaction processing, regulatory reporting, fraud prevention, and service improvement.
Such data processing is carried out under lawful basis as defined under RBI KYC/AML guidelines and banking operational requirements.
🔹 Limitation of Liability Statement
The Bank shall not be held responsible for any loss or damage arising from unauthorized access, technical failure, cyber incidents, or disruption of website services beyond reasonable control, provided that the Bank has implemented reasonable security safeguards as per RBI cybersecurity standards.
🔹 Third-Party Disclaimer
The Bank may provide links to external websites or third-party services. The Bank does not endorse or assume responsibility for the content, privacy practices, or security of such external platforms.
Users are advised to exercise discretion and review respective third-party privacy policies before sharing any personal information.
🔹 Security Awareness Note
The Bank strongly advises users not to share sensitive information such as passwords, OTPs, PINs, or account credentials with anyone, including Bank employees. The Bank will never request such confidential information through email, SMS, or phone calls.
This is in line with RBI customer awareness guidelines on safe digital banking practices and cyber fraud prevention advisories.
🔹 Policy Update Clause
The Bank reserves the right to modify, update, or revise this Privacy Policy and footer declaration at any time without prior notice. All changes will be effective immediately upon publication on the official website.
Users are encouraged to review this page periodically to stay informed about updates.
🔹 Governing Law Statement
This Privacy Policy and all related practices shall be governed by and interpreted in accordance with the laws of India, including applicable RBI regulations, NABARD guidelines, and the Information Technology Act, 2000.
Any disputes shall be subject to the jurisdiction of competent courts within the Bank’s registered operational area.
The Belagavi District Co-operative Bank (BDCC) was founded in 1919. Belagavi was the first registered office of the bank.
Near Central Bus Stand,
Old P B Road,
Belagavi, Karnataka 590016
0831-2466896