Privacy statement
View the National Pension and Provident fund's Privacy Statement
NPPF Privacy Statement
1. INTRODUCTION
This privacy policy for National Pension and Provident Fund (“Company”,”we”,”us”, or “our”), describes how and why we might collect, store, use, and/or shall (“process”) your information when you use our services (“Services”), such as when you:
- Visit our website at https://www.nppf.org.bt, or any website portal of ours that linked to this privacy policy
- Download and use our mobile application, or any other application of ours that links to this privacy notice
- Engage with us in another related ways, including any walk-in clients, marketing or events.
Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our privacy policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at karma.dorjiIT@nppf-ngawang
2. WHAT INFORMATION DO WE COLLECT?
2.1 Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
2.1.1 Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
- names
- date of births
- national id number
- phone numbers
- email addresses
- mailing addresses
- job titles
- usernames
- payment details
- Leave/ Studies details
- Organization you work
- Spousal details
- Children details
- Nomination information
2.1.2 Sensitive Information. We do not process sensitive information.
2.1.3 Payment Data. We may collect data necessary to process your payment if you use our Services, such as your saving account number and nppf no.
2.2 Application Data. If you use our application(s), we also may collect the following information if you choose to provide us with access or permission:
- Mobile Device Data. We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server). If you are using our application(s), we may also collect information about the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID, and information about the features of our application(s) you accessed.
- Push Notifications. We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device’s settings.
This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
2.3 Information collected from other sources
To enhance our ability to provide correct data and services to you and update our records, we may obtain information about you from other sources, such as Department of Civil Registration and Census, Royal Civil Service Commission, respective Companies, and from other third parties.
3. HOW DO WE PROCESS YOUR INFORMATION?
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To facilitate loan and PF account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
- To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
- To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
In Short: We may share information in specific situations described in this section and/or with the following categories of third parties.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents (“third parties“) who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will also not share your personal information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct. The categories of third parties we may share personal information with are as follows:
- Government Entities
- Actuarial Evaluation Team
- Finance & Accounting Tools
- Payment Processors (RMA and other Banks)
5. HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We aim to protect your personal information through a system of organizational and technical security measures.
With the certification if ISO 27001:2013 since 2021-07-08. We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
6. DO WE MAKE UPDATES TO THIS NOTICE?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
7. Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
8. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO), Karma Dorji, by email at karma.dorjiIT@nppf.org.bt
9. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
Based on the applicable laws of our country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please visit: https://www.nppf.org.bt or National Pension and Provident Fund Office.