This Privacy Statement relates to the collection, use and disclosure of personal data, including special or sensitive personal data, by any of our member and or staff ( “we” or “our”). Personal Data is information relating to an individual (“you” or “your”). The Data Controller of your personal data is our entity you have or may have a relationship with or with whom an account is maintained that you are a security provider for. Our Head Office functions may also be the controller of your personal data. Personal Data comprises all the details we holds or collects about you, directly or indirectly, your transactions, transactions you effect, financial information, interactions and dealings with us, including information received from third parties, the public domain, collected through use of our website, cookies, and our electronic banking services.
If you have or are party to more than one account with us, or to a Corporate and Institutional Banking relationship, we will link all your Personal Data to enable us to have an overall picture of your relationship with us. If you do not provide us with personal data we need to meet our legal and regulatory obligations or to enter into an agreement with you we may not be able to provide you with the products or services you have requested.
For some purposes in connection with the service you have requested, we have a legal or regulatory obligation to process your personal data. These purposes include:
the prevention, detection, investigation and prosecution of crime in any jurisdiction (including, without limitation, money laundering, terrorism, fraud and other financial crime); identity verification, government sanctions screening and due diligence checks; to comply with: local or foreign law, regulations, directives, judgments or court orders, government sanctions or embargoes, reporting requirements under financial transactions legislation, and demands of any authority, regulator, tribunal, enforcement agency, or exchange body. We may also process your personal data in line with any voluntary codes; to effect agreements between any of our member and any authority, regulator, or enforcement agency; to comply with policies (including our policies) and good practice standards where it is in our legitimate interest to do so. We may also process your personal data where it is in our legitimate interests to seek professional advice, including, in connection with any legal proceedings (including any prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights.
Any of our member, including our officers, employees, agents and advisers, may disclose your Personal Data to any of the following parties for any of the purposes specified above: any of our member anywhere in the world, including any officer, employee, agent or director; professional advisers (including auditors), third party service providers, agents or independent contractors providing services to support our business; our business alliance partners who may provide their product or service to you; a merchant or a member of a card association where the disclosure is in connection with use of a card; upon your death or mental incapacity, your legal representative and their legal advisers, and a member of your immediate family for the purpose of allowing him/her to make payment on your account; any security provider or any person authorised to operate your account and to act on your behalf in giving instructions, to perform any other acts under our banking agreement or use any product; any person to whom disclosure is allowed or required by local or foreign law, regulation or any other applicable instrument; any court, tribunal, regulator, enforcement agency, exchange body, tax authority, or any other authority (including any authority investigating an offence) or their agents; any debt collection agency, credit bureau or credit reference agency, rating agency correspondents, insurer or insurance broker, direct or indirect provider of credit protection and fraud prevention agencies; any financial institution to conduct credit checks, anti-money laundering related checks, for fraud prevention and detection of crime purposes; anyone we consider necessary to facilitate requests for services or applications for products with any of our member; anyone we consider necessary in order to provide services in connection with a product; enabling an actual or potential assignee of all or any part of the business and/or asset belonging to us or participant or sub-participant of our rights in respect of any product agreement, to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation; located in any jurisdiction.
Personal data may be transferred to, or stored at, a location outside of your country of residence, which may not have data protection law. The security of your personal data is important to us. We have technical and organisational security measures in place to safeguard your personal data. When using external service providers, we require that they adhere to security standards mandated by SCB. We may do this through contractual provisions, including any approved by a privacy regulator, and oversight of the service provider. Regardless of where personal data is transferred, we take all steps reasonably necessary to ensure that personal data is kept securely. You should be aware that the Internet is not a secure form of communication and you must not send us any personal data over the Internet as this carries with it risks including the risk of access and interference by unauthorised third parties. Information passing over the Internet may be transmitted internationally (even when sender and recipient are located in the same country) via countries with weaker privacy and data protection laws than in your country of residence.