Private Policy for the mobile application BELAPB Business

APPROVED
Order of the Deputy Chairman
of the Board
JSC Belagroprombank
09/30/2022 No. 778

1.    The Privacy Policy for the mobile application "Belagroprombank" and the mobile children's application " FinTeam " (hereinafter referred to as the Privacy Policy) is a document that defines the processing of user data obtained when the user uses the mobile application of JSC "Belagroprombank" (hereinafter referred to as the bank).
2.    Mobile application – mobile application “ Belagroprombank ” for mobile devices with Android, iOS platform and/or children’s application “ FinTeam ” for mobile devices with Android platform developed by 1M Solutions LLC, intended for the user to perform transactions via the Internet using a mobile device within the framework of available functionality.
3.    User – an individual who uses or has stated a willingness to use a mobile application.
4.    This Privacy Policy has been developed to define the list of data that may be requested from the user in connection with the use of the mobile application.
5.    The user information processed by the bank within the framework of this Privacy Policy includes personal data, financial data, data on physical activity and other data, including automatically transmitted data during the use of the mobile application, including, but not limited to: IP address, information about the mobile device from which access is made, information about the platform and others.
6.    When using the mobile application, the user may be asked and receive the following information:
6.1.    personal data of the user. When creating an account and/or performing banking transactions or providing services, the bank requests the user's personal data: full name, gender, date of birth (age), details of the identity document, registration address, residential address, email address, mobile phone number, details of the place of work, as well as details of bank payment cards (hereinafter referred to as BPC), current (settlement) bank accounts;
6.2.    information about the mobile device and file system. Data about the user's mobile device, such as the manufacturer and model of the mobile device, the version and language settings of the operating system, unique identifiers of the mobile device, data about the mobile network operator, mobile phone number;
6.3.    information about the transactions performed. When performing transactions for payment of goods and services, money transfers and other things, the bank collects data on the place, time and amount of the transactions performed, the type of payment method, information about the seller and/or service provider, descriptions of the reason for the transaction, if any, as well as other information related to the above transactions. When the user performs a transaction on behalf of another person, the user must ensure that the person whose personal data is provided by the user is aware of this, understands and agrees that the bank will use their data within the framework of this Privacy Policy;
6.4.    information about the use of the mobile application. When the user uses the mobile application, the bank receives information about the start and end of the use of the mobile application, the duration of use of the mobile application, transitions between screens of the mobile application, as well as errors that occur during the use of the mobile application;
6.5.    additionally, the bank may request additional information in order to provide services to the user (data on property, family composition, etc.).
7.    Upon receipt of additional consent from the user, the bank may request and receive the following information as part of the provision of services:

information about the user’s contact details (phone and/or address book, contacts on a mobile device, call history, content of SMS messages);
information about physical activity;
access to photos, videos and other user files on a mobile device;
information about the location of the user and his mobile device.

8.    The Bank processes user data, including for the purpose of sending informational notifications to the user.
9.    When using user information, the bank is guided by this Privacy Policy, the terms of concluded agreements, and the legislation of the Republic of Belarus.
10.    The fact of acceptance of the terms of this Privacy Policy by the user is the successful login of the user to the mobile application.
11.    Until the user reaches the age of 16, the bank processes information with the consent of one of his legal representatives, unless otherwise provided by the legislation of the Republic of Belarus.
12.    The Bank shall not publish or disclose the information provided by the user without the user's consent, except in cases specified in this Privacy Policy. The Bank has the right to provide the user's information to its affiliates and business partners without the user's consent. At the same time, the affiliates and business partners of the Bank are obliged to adhere to the standards set out in this Privacy Policy.
13.    The Bank does not provide user information to other organizations and/or individuals, except in the cases listed below:
13.1.    the user has given his consent to this. For the bank to provide user information to legal entities and (or) individuals, not affiliated with the bank, additional consent from users is requested;
13.2.    as required by current legislation. Bank provides user information in the event that receipt, the use and disclosure of such information is necessary for the purpose of compliance with the requirements of the legislation of the Republic of Belarus and (or) detection, prevention or other obstruction of fraud, and also eliminating technical failures or security issues, if this does not contradict the legislation of the Republic of Belarus.
14.    The Bank may provide aggregated, anonymized user data to partners such as publishers, advertisers and others (e.g. for the purpose of conducting statistical , marketing and other research). In the event of anonymization of personal data, which does not allow direct or indirect identification of the user, subsequent use and disclosure of such data to third parties is permitted and the rules of this Privacy Policy no longer apply to them.
15.    The Bank stores user data in accordance with internal regulations and rules for secure data processing.
16.    The Bank takes all possible measures to ensure the security and protection of user information from unauthorized attempts to access, modify, disclose or destroy, as well as other types of improper use.
17.    The User must ensure the safety and confidentiality of secret parameters and other information necessary for access and execution of transactions using the mobile application, in secret from third parties.
18.    The User undertakes to immediately notify the Bank of any suspected unauthorized use of his/her account.
Compliance with the bank's recommendations by the user will ensure maximum security of the information provided to the bank.
19.    The Bank has the right to unilaterally amend this Privacy Policy at any time.
Changes accepted to the Privacy Policy come into force from the moment they are posted on the Internet, unless otherwise specified by the changes made.
All issues not reflected in this Privacy Policy are governed by the legislation of the Republic of Belarus.

Department of Payment Infrastructure
and e-commerce