Privacy Policy

Privacy Policy
Privacy Policy

Privacy Statement

The origins of State Bank of India date back to 1806 when the Bank of Calcutta (later called the Bank of Bengal) was established. In 1921, the Bank of Bengal and two other Presidency banks (Bank of Madras and Bank of Bombay) were amalgamated to form the Imperial Bank of India. In 1955, the controlling interest in the Imperial Bank of India was acquired by the Reserve Bank of India and the State Bank of India (SBI) came into existence by an act of Parliament as successor to the Imperial Bank of India. In the Indian Financial world, SBI is synonymous with trust and security.

In line with recognized International Practice and for the information of customers and others who visit the Bank's website we believe it is necessary to post a privacy statement. The information shared with the Bank will be treated as private. We also desire to say explicitly that adequate precautions have been taken to protect information relating to customers and their dealings with the Bank from the mischievous and the fraudsters.

Customer confidentiality and privacy is of utmost concern to SBI. Our employees treat the information we have concerning your accounts in the same responsible and confidential way that we want our own financial affairs treated.

Recognition of your expectation of privacy

We recognize that our customers expect privacy and security for their personal and financial affairs. We understand that, by selecting us for your banking needs, you have entrusted us to safeguard your personal financial information. We want you to be informed of our commitment to protect the privacy of your personal financial information with the following privacy principles and practices.


This Policy is applicable to personal information and sensitive personal data or information collected by the Bank or its affiliates directly from the customer or through the Bank’s online portals, mobile apps and electronic communications as also any information collected by the Bank’s server from the customer’s browser.

What personally identifiable information is collected from you?

We collect information from you regarding name, Account Number, addresses, email addresses, passport number, Income, PAN, details of nominees etc .

What is Personal Information:

Personal information means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.

Sensitive personal data or information of a person means such personal information which consists of information relating to:


Financial information such as Bank account or credit card or debit card or other payment instrument details;

Physical, physiological and mental health condition;

Sexual orientation;

Medical records and history;

Biometric information;

Provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for these purposes.

Disclosure of Personal Information

The personal information collected by the Bank shall not be disclosed to any other organization except:

where the disclosure has been agreed in a written contract or otherwise between the Bank and the customer;

where the Bank is required to disclose the personal information to a third party on a need-to-know basis, provided that in such case the Bank shall inform such third party of the confidential nature of the personal information and shall keep the same standards of information/ data security as that of the Bank.

How is personal information used

Bank may use Personal Information for below listed purposes:

To respond to customers inquiries and fulfill requests.

To inform customer about important information regarding the Site, products or services for which customer apply or may be interested in applying for, or in which customer is already enrolled, changes to terms, conditions, and policies and/or other administrative information.

To deliver marketing communications that bank believe may be of interest to customer, including, ads or offers tailored to customers.

To personalize customer experience on the Site.

To allow customer to apply for products or services (e.g., to prequalify for a mortgage, apply for a credit card, or to open a retirement account, investment account or other financial product) and evaluate customer’s eligibility for such products or services.

To verify customer’s identity and/or location (or the identity or location of customer’s representative or agent) in order to allow access to customer’s accounts, conduct online transactions and to maintain measures aimed at preventing fraud and protecting the security of account and Personal Information.

To allow customer to participate in surveys and other forms of market research, sweepstakes, contests and similar promotions and to administer these activities.

To allow customer to use some Site financial planning tools. Information that customer enters into one of these planning tools may be stored for future access and use. Customers have the option not to save the information.

For business purposes, including data analysis, audits, developing and improving products and services, enhancing the Site, identifying usage trends and determining the effectiveness of promotional campaigns.

For risk control, for fraud detection and prevention, to comply with laws and regulations, and to comply with other legal process and law enforcement requirements.

For Marketing and cross selling.

Use of Cookies

We do not use cookies for SBI Developer Portal website and SBI API Banking Developer Portals.

How other information is used and collected

State Bank of India and their third-party service providers may collect and use Other Information in a variety of ways, including:

Through customer’s browser or device: Certain information is collected by most browsers and/or through customer’s device, such as Media Access Control (MAC) address, device type, screen resolution, operating system version and internet browser type and version. Bank uses this information to ensure websites function properly, for fraud detection and prevention, and security purposes.

IP Address: IP Address is a number that is automatically assigned to the device that customer is by his Internet Service Provider (ISP). An IP Address is identified and logged automatically in Bank’s server log files whenever a user visits the Site, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many web sites. State Bank of India use IP Addresses for purposes such as calculating Site usage levels, helping diagnose server problems, for compliance and security purposes, for advertising, and administering the Site.

Aggregated and De-identified Data: Aggregated and De-identified Data is data that State Bank of India may create or compile from various sources, including but not limited to accounts and transactions. This information, which does not identify individual account holders, may be used for bank’s business purposes, which may include offering products or services, research, marketing or analysing market trends, and other purposes consistent with applicable laws.

Clearing existing cookies

To clear cookies that have previously been placed on your browser, you should select the option to clear your browsing history and ensure that the option to delete or clear cookies is included when you do so.

How we use, collect, and retain customer information

On our site we collect, retain, and use information about you only when we reasonably believe that it will help administer our business or provide products, services, and other opportunities to you. We collect and retain information about you only for specific business purposes.

We use information to :

Open and administer your accounts and to protect your records and funds.

Comply with all applicable laws and regulations.

Help us design or improve our products and services for your benefit.

Understand your financial needs so that we can provide you with quality products and superior service.

To comply with laws, guidelines and regulations that govern the financial services in the country.

To quote examples we need to obtain Passport number for NRI account & PAN for deposit accounts in respect of resident customers.

To cater the need for specific journey(s) designed for customer.

Privacy Policy for Digital Platform

State Bank of India is committed to protecting your privacy when you use SBI’s Digital Platforms. This Privacy Statement ("Statement") explains how we collect, use, share, and safeguard your information when you use our Digital Platforms.

State Bank of India or we or our = State Bank of India, its subsidiaries and service providers.

You or Your = Customers of the Bank and visitors of the Digital Platforms (including their representatives).

Digital Platform(s) = Our mobile applications, online services and other digital platforms such as Payment Gateways, Internet Banking Portals, Developer Portal.

Use of our Digital Platforms = Visiting any Digital Platforms owned and/or controlled by us including to access your accounts, use our developer portal, conduct online transactions, etc.; viewing or clicking on our ads on third-party sites that re-direct you to our Digital Platforms; interacting with us on third-party sites, etc.

When you use our Digital Platforms, you are expressly agreeing to and consenting to the terms of this Statement and by any use of our Digital Platforms you will deemed to have given your consent for the processing of your Personal Data as set out in this Statement.

Data we collect Personal data refers to data that identifies (whether directly or indirectly) a particular individual, such as information you provide on our forms, surveys, online applications or similar online fields. Examples may include your name, previous names, postal address, email address, telephone number, domicile, nationality, PAN number, date of birth or account information.

Anonymous information" means information that cannot reasonably be used to identify a particular individual. Examples may include information about your Internet browser, IP address, information collected through tracking technologies, demographic information that you provide to us and aggregated or de-identified data.

Location information" means information that may be collected by certain mobile applications that identifies your physical location. This information may be collected from your mobile device's location-aware features when you request certain services that are dependent on your physical location.

Device Information” means unique device identifier such as IMEI number, contact lists (in some cases), technical Data about your computer and mobile device including details regarding applications and usage details.

Biometric information” means information such as your fingerprint, etc. that you choose to provide to us for authentication and fraud prevention purposes. We will not collect your biometric information without your explicit consent.

Other information such as information relating to your occupation and financial situation such as employer’s name and address (if self-employed, type of account, and nature and volume of anticipated business dealings, with the conventional bank licensee, income proof, bank statements, income tax returns, salary slip, contract of employment, passbook, debit card/credit card details, expenditure, assets and liabilities, source of wealth, signature, as well as your other bank account details;

Generation and storing password or PIN in encrypted form based on your request on the Digital Platform;

Your photographs;

Social relationships detail such as your father’s name, spouse’s name and mother’s name;

Behavioural details as to how to utilise our products, services, offers etc., your browsing actions, patterns and online activity;

Records of correspondence and other communications between us, including email, telephone conversations, live chat, instant messages and social media communications containing information concerning your grievances, complaints and dispute.

Sensitive personal data such as gender, medical records and history;

Personal data you provide to us about others or others provide to us about you.

Purpose of collecting your personal data to personalize your Digital Platform experience;

To respond to your inquiries and address your requests;

To deliver marketing communications that we believe may be of interest to you;

To inform you about important information regarding our Digital Platforms, changes to terms, conditions, and policies and/or other administrative information;

To offer you our products or services which you may have applied for or shown interest in;

To allow you to apply for our products or services (e.g., to prequalify for a loan, apply for a credit card, or to open an account, investment account, insurance or other financial product),

To evaluate your eligibility for our products or services;

To provide you with products or services you’ve requested, e.g. fulfilling a payment request or any other transaction

To perform our obligations under KYC norms (e.g. sharing your information with third parties to verify details you have provided to us like your identity, to authenticate you and verify your information;

To allow you to participate in surveys and other forms of market research, contests and similar promotions and to administer these activities. Some of these activities have additional rules, which may contain additional information about how Personal Data is used and shared;

To perform activities such as data analysis, audits, usage trends to determine the effectiveness of our campaigns and as input into improving products and services and enhancing our Digital Platforms;

To improve risk control for fraud detection and prevention, to comply with laws and regulations, and to comply with other legal processes and law enforcement requirements;

To allow you to utilize Digital Platform features by granting us access to information from your device such as contact lists, or geo-location when you request certain services;

To use it in other ways as required or permitted by law or with your consent;

To manage our relationship with you;

To prevent or detect crime including fraud and financial crime, e.g. financing for terrorism and human trafficking;

For security and business continuity and risk management;

To protect our legal rights and comply with our legal obligations;

For system or product development and planning, audit and administrative purposes;

To enter into a contract with you or to take steps pursuant to your request prior to entering into a contract.

To meet the legitimate interests to be pursued by us or by a third party.

Who do we share your information with? With subsidiaries and/or affiliates in an effort to bring you improved services across our family of products and services, when permissible under relevant laws and regulations;

With third-party service providers, vendors, data processors and/or agents who perform services for us and help us operate our business;

Other companies to bring you co-branded services, products or programs;

Other third parties to comply with legal requirements such as the demands of applicable warrants, court orders; to verify or enforce our terms of use, our other rights, or other applicable policies; to address fraud, security or technical issues; to respond to an emergency; or otherwise to protect the rights, property or security of our customers or third parties.

Statutory and regulatory bodies and authorities including but not limited to the Reserve Bank of India or the Securities and Exchange Board of India (including central and local government) and law enforcement authorities and entities or persons, to whom or before whom it is mandatory to disclose the Personal Data as per the applicable law, courts, judicial and quasi-judicial authorities and tribunals, arbitrators and arbitration tribunal.

By using our Digital Platform or by agreeing to transact with us, you agree to the above sharing of information during your relationship with us.

How do we collect your personal data? We use information about the devices you use to interact with State Bank of India such as Device information and location information.

When you provide your details in forms, surveys, online applications or similar online fields.

We may record details of your interaction with us including telephone conversations with our call centres and other kinds of communication. We may use these recordings to check your instructions to use, assess, analyse and improve our service, train our people, manage risk and or to prevent fraud and other crimes.

Retention of Personal Data We may retain your Personal Data for as long as required to provide you with services such as managing your account and dealing with any concerns that may arise or otherwise if required for any legal or regulatory requirements or for establishment, exercise or defence of legal claims.

We may need to retain your information for a longer period where we need the information for our legitimate purposes for e.g. to help us respond to queries or complaints, fighting fraud and financial crime, responding to requests from regulators, etc. If we don’t need to retain information for this period of time, we may destroy, delete or anonymise it more promptly

Third-Party Links Clicking on certain links within our Digital Platforms may take you to other websites, or may display information on your computer screen or device from other sites, which may not be maintained by State Bank of India. Such sites may contain terms and conditions, privacy provisions, confidentiality provisions, or other provisions that differ from the terms and conditions applicable to our Digital Platforms. Links to other Internet services and websites are provided solely for the convenience of users. A link to any service or site is not an endorsement of any kind of the service or site, its content, or its sponsoring organization.

The Bank assume no responsibility or liability whatsoever for the content, accuracy, reliability or opinions expressed in a website, to which our digital platforms are linked (a "linked site") and such linked sites are not monitored, investigated, or checked for accuracy or completeness by the Bank. It is the responsibility of the user to evaluate the accuracy, reliability, timeliness and completeness of any information available on a linked site. All products, services and content obtained from a linked site are provided "as is" without warranty of any kind, express or implied, including, but not limited to, implied warranties of merchantability, fitness for a particular purpose, title, non-infringement, security, or accuracy.

Security We take our responsibility to protect your information very seriously. We use physical, technical, and procedural safeguards that comply with applicable legal standards to secure your information from unauthorized access and use, alteration, and destruction.

We seek to use reasonable organizational, technical and administrative measures to protect Personal data within our organization. We require our staff and any third parties who carry out any work on our behalf to comply with appropriate compliance standards including obligations to protect any information and applying appropriate measures for the use and transfer of information.

Social Media State Bank of India may provide an experience on social media platforms including, but not limited to, Facebook, Twitter, YouTube and LinkedIn that may enable online sharing and collaboration among users who have registered to use them. Please note that when visiting any official State Bank of India’s social media site, you are subject to this Online Privacy Statement as well as the social media platform's own terms and conditions.

Updating Your Information Keeping your account information up-to-date is very important. If you believe that your account information is incomplete or inaccurate, please contact us through your nearest home branch .

Updates If we make updates to our privacy practices, we will update this Statement with the changes. Any updates to the Statement become effective when we post the updates on this site. Your use of our Digital Platforms following any update to the Statement means that you accept the updated Statement and consent to the use and sharing provisions identified in the Statement.

How we keep customer information accurate

It is in your interest, and it is our objective, for us to have accurate, current, and complete information concerning you and your accounts. We have strict procedures that our employees abide by to meet this objective. While some procedures are required by Central, State laws or RBI regulations, we have implemented additional procedures to maintain accurate, current, and complete financial information, including processes to update information and remove outdated information. If you believe that we have incorrect information about you or your accounts, please email us through the feedback mechanism provided on the website or modify the profile information on the site as permissible. We will correct any erroneous information as quickly as possible.

How we limit access to customer information by our employees

We have procedures that limit access to personally identifiable information to those employees with a business reason for knowing such information about you. We educate our employees on their responsibility to protect the confidentiality of customer information, and hold them accountable if they violate this privacy policy.

Our security procedures to protect customer information

We follow best security practices to help prevent unauthorized access to confidential information about you.

How we restrict the disclosure of customer information

SBI does not release customer information except as directed by law or as per your mandate. We do not share specific information about customer accounts or other personally identifiable data with nonaffiliated third parties for their independent use unless:

1) The information is provided to help complete a transaction initiated by you;

2) You request or authorize it;

3) The disclosure is required by/or directed by law; or

4) You have been informed about the possibility of such disclosure for marketing or similar purposes through a prior communication and have been given the opportunity to decline.

By formulating and disclosing our privacy policy to you, we want you to understand our commitment to personal privacy.

1) A potential customer who inquires about our products and services or who would like a copy of our privacy policy

2) A customer who has established a relationship with us.

3) A potential customer who has applied for a loan

4) A visitor to SBI's web site

If you have any questions or concerns about this privacy policy, please send an e-mail to us at or write to us at State Bank of India, SBI Bhavan, Corporate Center, Madam Cama Road, Mumbai, INDIA Pin Code 400 021.

Change in policy

Privacy policy is subject to change periodically.

© State Bank of India