Privacy Notice
 

This Privacy Notice outlines Kotak Mahindra Bank Limited's approach to data protection to fulfil its obligations under the EU General Data Protection Regulation 2016/679 ("GDPR"). This Privacy Notice applies to your personal data which is processed by or for us as a controller, whether in physical or electronic mode. In this Privacy Notice, the expressions 'personal data', 'data subject', 'controller', 'processor' and 'processing' shall have the meanings given to them in the GDPR. However, this notice shall apply to you only if the GDPR applies to the processing of your personal data by us. We are committed to treating data privacy seriously. It is important that you know exactly what we do with your personal data you and others provide to us, why we process it and what it means to you. Please read this Privacy Notice carefully to understand our views and practices regarding your personal data and how we will process it. Throughout this document, "we", "us", "our", "ours" or "Bank" refer to Kotak Mahindra Bank Ltd.

Wherever we've said 'you' or 'your', this means you, any authorised person on your account, any authorised person who does your banking or deals with us for you.


WHO WE ARE

We are Kotak Mahindra Bank Limited, a company incorporated in India under the provisions of the Companies Act, 1956 and a banking company licensed by Reserve Bank of India under the provisions of the Banking Regulation Act, 1949.


OUR COMMITMENT

Our information handling practices are continually reviewed to ensure that they comply with applicable laws in the jurisdictions and fields in which the Bank provides its services.


PERSONAL DATA, COLLECTION & PURPOSE -

Categories of personal data collected are as follows;

  • Contact details such as Name, Email Address, Contact Number, Physical Address
  • Financial details such as your financial statements, tax return documents, Credit Rating Scores details, income, history in relation to these details, credit/ debit card details, bank account details, passbook
  • Socio-Demographic details such as your work or profession, nationality, marital status, gender, occupation, education, qualification
  • Transactional details such as about payments to and from your accounts with us, and insurance claims you make
  • Contractual details such as products or services we provide to you, contract copy
  • Locational details such as Data we get about your location, IP address, Latitude, Longitude logs, CCTV data, IMEI of your mobile phone or where you connect a computer to the internet. It can also include shops where you buy something with your card
  • Behavioural details such as how you use products and services including within our domain
  • Technical details of the mobile and other devices and technology you use
  • Communications details such as communication done through letters, emails, live chats, SMS, instant messages, from social media platforms, voice calls, video communications, conversations between us
  • Social Relationships details such as your father's name/Spouse Name, mother's name, Marriage Anniversary Date
  • Open Data and Public Records such as information about you that is openly available on the internet
  • Usage Data details such as data about how you use our products and services
  • Documentary Data details such as your Address proofs, Identity proofs, passport details, Visa details, PAN details, Aadhaar details, permanent residency details, residency permits, ration card, government id (SSN/Green Card/ PIO card/ OCI card), company id, utility bill (electricity/gas/phone/water), registered purchase/ sale deed or agreement, appointment letter stating the address, certificate from Indian Diplomatic mission stating the contact address, employers certificate indicating the address, company id card indicating the address, driving license, letter from university stating the address.
  • Identifiers details such as a number or code given to you by a government to identify who you are, such as a National Insurance number or social security number, or Tax Identification Number (TIN), GSTIN
  • Photograph
  • Data in relation to litigations, if any
  • Personal data from online activities
  • Personal data you provide us about others or others provide us about you.
  • Special Category Data: We will only collect and use these types of data if the law allows us to do so:
    • Religion (in case of credit products)
    • Bio-metric data
    • Health data

 

PURPOSE, USAGE & LEGAL BASIS FOR USING YOUR INFORMATION  

  • To provide our products and services to you
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest (defined below) pursued by us.
  • To provide and manage your account(s) and our relationship with you.
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To give you statements and other information about your account or our relationship
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To keep you informed about products and services you hold with us and to send you information about products or services (including those of other companies) which may be of interest to you
    Legal basis –
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us; and/or
    • Where we have your consent.
  • To handle enquiries and complaints
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To contact you
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To meet our regulatory and reporting obligations,
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • For assessment and analysis (including credit scoring), statistical, market and product analysis and market research.
    Legal basis –
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us; and/or
    • Where we have your consent.
  • To evaluate, develop and improve our services
    Legal basis –
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To protect our business interests and to develop our business strategies including for authenticity, testing, security etc.
    Legal basis –
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To collect any debts owing to us
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To meet our regulatory compliance and reporting obligations and to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes. We may record your image on CCTV when you visit our premises.
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • For authentication, verification of data and to assess and process any application you make, including for detection or prevention of fraud, money laundering, checks as to identity, sanctions screening, regulatory checks.
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have;
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us; and/or
    • Where we have your consent.
  • To run loyalty/ reward programmes you have signed up for.
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us; and/or
    • Where we have your consent.
  • Carry out credit scoring/ credit management.
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To monitor, record and analyse any communications between you and us, including phone calls
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us.
  • To transfer your information to or share it with any third party to whom your account has been or may be transferred, assigned following a restructure, sale or acquisition.
    Legal basis –
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for compliance with a legal obligation we have;
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us; and/or
    • Where we have your consent.
  • To share your information with the local government, tax authorities, Reserve Bank of India, credit reference agencies, credit information companies, databases authorised under law, fraud prevention and detection agencies, and Indian and overseas regulators and authorities
    Legal basis –
    • The processing is necessary for compliance with a legal obligation we have;
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us; and/or
    • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
  • To share your information with our vendors and service providers
    Legal basis –
    •  The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you;
    • The processing is necessary for the purposes of a Legitimate Interest pursued by us;
    • The processing is necessary for compliance with a legal obligation we have; and/or
    • Where we have your consent.

 


LAWFUL GROUNDS FOR USING YOUR INFORMATION

We are permitted to process your personal data in compliance with GDPR by relying on one or more of the following lawful grounds:

  • You have explicitly agreed to us processing such information for a specific reason.
  • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
  • The processing is necessary for compliance with a legal obligation we have.
  • The processing is necessary for the purposes of a legitimate interest pursued by us, such as ("Legitimate Interest"):
    • to provide products and services to you;
    • to ensure that our customer accounts and credit is well-managed;
    • to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes and to verify your identity in order to protect our business and to comply with laws that apply to us and/or where such processing is a contractual requirement of the services or financing you have requested;
    • to protect our business interests;
    • to ensure that complaints are investigated;
    • to evaluate, develop or improve our products and services; or
    • to keep our customers informed about relevant services, unless you have indicated at any time that you do not wish us to do so;
    • to market our products or services;
    • cross-selling of products, offers, promotions and services.

 

SOURCES OF INFORMATION COLLECTION: -

1. Information that you provide us by means of website/application/visiting our branch, e.g.:

  • When you apply for our products and services
  • When you talk to us on the phone or in branch, including recorded calls and notes we make
  • When you use our websites, Net Banking, mobile device apps, web chat, Chatbot, products and services
  • In emails, SMS, Voice Blast, click to call, videos and letters
  • Smart messaging tools like WhatsApp, Facebook messenger, etc.
  • In insurance claims or other documents where we are acting as corporate agents
  • In financial reviews and interviews
  • In customer surveys
  • If you take part in our competitions or promotions.
  • As part of contracts including loan, security and other relevant documents.

 

2. Data we collect when you use our services

  • Payment and transaction data: This includes the amount, frequency, type, location, origin and recipients. If you borrow money, it also includes details of repayments and whether they are made on time and in full, defaults.
    This may include your data received where we are part of any transaction/ payments/ settlement processing involving you, even in cases where we do not interface you directly.
  •  Profile and usage data: This includes the security details you create and use to connect to our services. It also includes your settings and marketing choices. We also gather data from the devices you use (such as computers and mobile phones) to connect to our internet, mobile and telephone banking services.
    We also use cookies to collect data while you are using our websites or mobile apps. You can find out more about this in our Cookie Information section.
  • We also use other internet tracking software to collect data while you are using our websites or mobile apps.
  • Data from your digital and electronic devices (including IP address device type, operating system, screen resolution, and the way you interact with us).

 

3. Information we collect from other sources:

  • Entities/ persons that introduce you to us
  • Credit reference agencies/ credit information companies/bureaus  
  • Insurers where we act as corporate agents
  • Comparison websites
  • Social media networks (for instance, when you click on one of our Facebook or Google ads or from your publicly available information)
  • Fraud detection services
  • Other financial services companies (to help prevent, detect and prosecute unlawful acts and fraudulent behavior)
  • Employers (for instance, to get a reference if you apply for a loan)
  • Payroll service provider
  • Valuation and other service providers (such as firms who do property valuations for mortgages)
  • Public information sources such as the Electoral Register or Registrar of Companies
  • Agents, suppliers, sub-contractors, and advisers.  These can be types of firm we use to help us run accounts and services. They can also be specialist companies who advise us on ways to develop and improve our business.
  • Market researchers (who combine data from many sources to produce market trend reports and advice.)
  • Medical professionals: For some insurance products, we may ask other medical practitioner to send us a report. We will only do this if we get your consent first. This is where we are corporate agents for insurance companies.
  • Government and law enforcement agencies as part of performance of their duties e.g. garnishee orders.
  • Consent based Data enrichment via third party platforms
  • Consent based social or derived score based data
  • Third party providers such as public databases, joint marketing partners, social media platforms, email & SMS service providers
  • Fraud prevention agencies.
  • Entities where we are a part of a transaction (though we may not be directly interfacing you)

 


DIRECT MARKETING

We may also use your information to provide you with details about Kotak products and services. Direct marketing is in our legitimate interests to market our products and services as also to evaluate, develop or improve our products as well as the experiences of users of our services, so that our customers are provided with a high standard of products and services. We may send you marketing messages by post, email, telephone, SMS, Mobile / Web Push Notification, Social Media, automated voice calls, videos, smart messaging like WhatsApp, FB messenger, etc. and secured text messages using external service providers. You can change your options on how you receive marketing messages or choose to stop receiving them at any time. We may also use your information to provide you with details and offers about products and services of our vendors/ service providers, affiliates and other relevant third parties, through us or by them, if you choose to receive this information or offers.

 

COOKIE INFORMATION - :

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website.

www.kotak.com/en uses cookies to capture following information -

  • Source of visit to the website
  • Time spent on the website
  • Pages viewed on the website

In addition to analysing visitor behaviour on www.Kotak.com/en, aforementioned data also allows us to pre-empt requirements of prospects and existing account holders & pitch relevant services through display advertising or tele calling.

Please note that the scope of this tracking is limited to the kotak.com domain. User activity on other third-party websites is not tracked by Kotak.com cookies.

Below is a list of cookies used on our website along with a description of what they are used for.

 

Category What they do

Strictly Necessary

These cookies are needed to run our website, to keep it secure if you are logged on and to obey regulations that apply to us.
If you are a customer, they help us know who you are so that you can log on and manage your accounts. They also help us keep your details safe and private.
Other important jobs they do are:

  • Help you move around the site
  • Tell us if you’ve been to it before and which pages you went to
  • Tell us how the site is working, so we can find and fix any problems.

Functional

These cookies are used for remembering things like:

  • Your user ID on the log on page
  • Your region or country
  • Your preferred language
  • Accessibility options like large font or high contrast pages.

Performance

These cookies tell us how you and our other customers use our website. We combine all this data together and study it. This helps us to:

  • Improve the performance of our services
  • Improve the products we provide.

Marketing

These cookies help us decide which of our products, services and offers may be relevant for you.
We may use this data to tailor the marketing ads you see on our own and other website and mobile apps, including social media. For instance, you may see our ads on other sites after you have been to our website.
If you turn off  cookies, you will still see ads online, but they will not be tailored to things that may interest you.

 

You can find more detailed information about cookies and adjusting your browser settings to refuse the use of cookies by visiting http://www.allaboutcookies.org/manage-cookies/ . However please note that this website does not belong to us and we do not authenticate any information available therein and your visit thereon will be subject to the terms and conditions and privacy policies of that website. However, please note disabling the cookies may cause certain parts of our website to remain inaccessible to you.

 

DISCLOSURE /INFORMATION SHARING

1. Reasons for sharing information with other parties:

We may share your information with others where it is lawful to do so including where we or they:

  • need to provide you with products or services
  • to archive, digitize and preserve our record
  • where you have initiated a payment
  • need to provide you with your insurance policy or to administer your claim, where we are acting as corporate agents;
  • have a legal obligation to do so, e.g. to assist with detecting and preventing fraud, tax evasion
  • need to prevent or investigate financial crime;
  • have requirement in connection with regulatory reporting, litigation or asserting or defending legal rights and interests;
  • have a legitimate business reason for doing so, e.g. to manage risk, verify your identity, assess your suitability for products, offers, promotions and services;
  • for storage of your data;
  • for outsourcing of our services;
  • for providing custodian services;
  • for cloud computing;
  • for recovery and/or enforcement of our rights;
  • for possession/ repossession of security;
  • as part of In Person Verification (IPV) and/or Contact Point Verification (CPV)
  • for enquiries;
  • have asked you for your permission to share it, and you've agreed.
  • to send communication through email, SMS & other direct marketing channels.


2. With whom your information may be shared:

We may share your information for the above purposes with other parties including:

  • Any sub-contractors, agents or service providers who work for us or provide services to us or other Kotak Group companies (including their employees, sub-contractors, service providers, directors and officers);
  • any joint account holders, trustees, beneficiaries or executors;
  • people who give guarantees or other security for any amounts you owe us;
  • people you make payments to and receive payments from your beneficiaries, intermediaries, correspondent and agent banks, clearing houses, clearing or settlement systems, market counterparties and any companies you hold securities in through us, e.g. stocks, bonds or options;
  • other financial institutions, lenders and holders of security over any property you charge to us, tax authorities,
  • trade associations, credit reference agencies, credit information companies, payment service providers and debt recovery agents;
  • any fund managers who provide asset management services to you and any brokers who introduce you to us or deal with us for you;
  • any entity that has an interest in the products or services that we provide to you, including if they take on the risks related to them;
  • any people or companies where required in connection with potential or actual corporate restructuring,
  • merger, acquisition or takeover, including any transfer or potential transfer or assignment of any of our rights or duties under our agreement with you;
  • law enforcement authorities, government authorities, courts, dispute resolution bodies, our regulators, auditors and any party appointed or requested by our regulators to carry out investigations or audits of our activities;
  • statutory and regulatory bodies and authorities (including central and local government) investigating agencies and entities or persons, to whom or before whom it is mandatory to disclose the personal data as per the applicable law, courts, judicial and quasi-judicial authorities and tribunals, arbitrators and arbitration tribunals;
  • overseas regulators;
  • other banks and financial institutions where required in terms of contract or legal requirements; other parties involved in any disputes, including disputed transactions;
  • fraud prevention agencies who'll also use it to detect and prevent fraud and other financial crime and to verify your identity;
  • anyone who provides instructions or operates any of your accounts on your behalf, e.g. Power of Attorney, solicitors, intermediaries, etc.;
  • anybody else that we've been instructed to share your information with by either you, a joint account holder or anybody else who provides instructions or operates any of your accounts on your behalf;
  • our card processing supplier(s) to carry out credit, fraud and risk checks, process your payments, issue and manage your card;
  • our data entry, digitization and storage vendors/ service providers;
  • If our relationship arises from an insurance policy or claim, we'll also share your information with:
    • other parties involved in providing your insurance policy, e.g. the intermediary or insurer who provides your policy;
    • third parties involved in the administration of the relevant insurance policy or claim including loss adjusters, claims handlers, private investigators, experts and our advisors;



DATA TRANSFER OUTSIDE EU

As we are a Bank established in India, information about you will be transferred to us and to other parties who may be based in countries outside your residential country (particularly to India) for any of the purposes described in this Privacy Notice.

You understand and accept that these countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar process. In addition, a number of countries have agreements with other countries providing for exchange of information for law enforcement, tax and other purposes.

If we transfer your information to third parties for purposes stated in this Privacy Notice, we will use best endeavors to put in place appropriate safeguards to ensure that your information remains adequately protected. You can request for information on safeguards provided by reaching out to us at the details provided in the 'Contact Us' section of this notice.

 

DATA SECURITY

We are committed to protecting your Personal Data in our custody. We take reasonable steps to ensure appropriate physical, technical and managerial safeguards are in place to protect your Personal Data from unauthorized access, alteration, transmission and deletion. In addition to our own servers and systems, we may also use servers and systems of third party vendors as well as services of Cloud Computing to store your Personal Data. These entities/ companies provide services to us under suitable confidentiality agreements.

 

RETENTION AND DISPOSAL OF DATA

We will keep the personal data we collect about you on our systems or with third parties for as long as required for the purposes set out above or even beyond the expiry of transactional or account based relationship with you: (a) as required to comply with any legal and regulatory obligations to which we are subject or (b) for establishment, exercise or defence of legal claims.

 

OUR PAGES ON OTHER WEBSITES/ PLATFORMS

Our Website has links that redirects you to our social networking pages of Facebook, Twitter, LinkedIn, Google + and other sites where we may have pages in future.  Your visits and activity thereon vis-à-vis us shall be governed by this privacy notice and vis-à-vis those websites shall be governed by their own privacy policies applicable for visiting their sites.

 

LINKS TO OTHER WEBSITES

Our website/ Mobile Banking/ Net Banking also has links to other websites like Goibibo, Flipkart, Shopclues, PVR , IRCTC and others. Please go through their privacy policies to get information on their privacy practices.

 

CHILDREN'S PRIVACY

Some of our services requires collection of minor's personal data. For such purposes we have parental consent system, which requires parent/guardian to provide consent for processing the personal data of children younger than the age of 16 (or such age as applicable for GDPR purposes in the respective EU Member States).  If you are a parent of a child under 16 (or such age as applicable for GDPR purposes in the respective EU Member States), you hereby give your consent and authorize the consent if you wish your child to access our services.

 

RIGHTS PROVIDED TO YOU UNDER GDPR

  • Right to object - You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which processing is based on necessity for the purposes of legitimate interests pursued by us or third party, including profiling. Upon such exercise of your right, we shall no longer process the personal data unless we demonstrate legitimate grounds:
    (a) for the processing which override your rights or
    (b) for the establishment, exercise or defence of legal claims.

The information provided by you can be used for direct marketing purposes. You can choose to stop receiving them at any time by contacting us.

  • Right to withdraw consent - Where the processing is based on your consent you have a right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before such withdrawal. Please however note that in case such processing is also pursuant to other legal basis like our legitimate interest or legal obligation or contractual performance or a necessity for entering into contract, and such legal basis continues to hold good, the processing will be continued despite such withdrawal of the consent. Subject to the above, consequences of withdrawal will be communicated to you on contacting us and on your agreement, your request for withdrawal will be processed.
  • AUTOMATED DECISION MAKING
    If you apply to us for a product, your application may be processed by an automated decision-making process which may carry out credit and affordability assessment checks to determine whether your application will be accepted. Where these automated processes suggest that your application should be rejected, we may manually review your application before making a final decision.
    We may also use automated processes to decide credit limits. We may also carry out automated anti-money laundering and sanctions checks. This means that we may automatically decide that you pose a fraud or money laundering risk if the processing reveals your behavior to be consistent with that of known fraudsters or money launderers, is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity.
    If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk: (i) we may refuse to provide the services you have requested, or we may stop providing existing services to you; and (ii) a record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services or employment to you.
    You expressly acknowledge that the automated decision is necessary for entering into or performance of contract and/or you explicitly consent to such automated decision making, hence you subject yourself to the decisions which are solely based on automated processing. You have rights in relation to automated decision making: if you want to know more please contact us using the details set out in the Contact Us section.
  • Additionally, under the provisions of the GDPR, you also have the right to request from the controller, the access to, rectification and erasure of personal data, right to restriction of processing concerning your personal data, right to data portability, and right to lodge a complaint with a Supervisory Authority as per the provisions thereof.  
  • We will verify your identity when you exercise these rights. For exercising your rights and getting information about any limitations which apply on them, you can reach out to us at the contact details given below.

 

CONTACT US

For any further queries and complaints related to privacy, or exercising your rights under GDPR, you could reach us at:

Contact Email Address: data.privacy@kotak.com

Your queries will be addressed within one month of receipt of such requests. In case of any delay in addressing such requests, the delay and the reason therefore will be communicated to you within a month of receipt of request.

 

NOTIFICATION OF CHANGES

We reserve the right to amend this Privacy Notice at any time. Our processing of your Personal Data will be governed by the practices set out in that new version of the Privacy Notice from its effective date onwards. Any changes we may make to this Privacy Notice in the future will be posted on this page. We recommend that you visit this page regularly.