For the purposes of this Notice, “DBS Group” means DBS Bank Ltd and its branches, holding company, representative offices, subsidiaries and affiliates (including branches or offices of such subsidiary or affiliate).
References to “data subjects” in this Notice means the customers of the Company and various other persons, including without limitation, applicants for banking/financial services and facilities, sureties and persons providing security or guarantee or any form of support for obligations owed to a Company, shareholders, directors, corporate officers and managers, sole proprietors, partners, suppliers, contractors, service providers and other contractual counterparties supplying data (including personal data as defined in the Personal Data (Privacy) Ordinance (the “Ordinance”)) to the Company.
From time to time, it is necessary for data subjects to supply the Company with data in connection with various matters such as the opening or continuation of accounts, the establishment or continuation of banking facilities, the provision of banking and other financial services, or the provision of supplies or services to the Company and data subjects.
Failure to supply such data may result in the Company being unable to open or continue accounts or establish or continue banking facilities or provide banking or other financial services, or accept or continue with the provision of supplies or services.
It is also the case that data are collected from data subjects in the ordinary course of the continuation of the relationships with them, for example, when data subjects write cheques, deposit money, give instructions or otherwise carry out transactions as part of the Company's services. The Company will also collect data relating to the data subjects from third parties, including third party service providers with whom the data subjects interact in connection with the marketing of the Company's products and services and in connection with the data subjects’ application for the Company's products and services (including receiving personal data from credit reference agencies approved for participation in the Multiple Credit Reference Agencies Model (hereinafter referred to as “credit reference agencies”)).
any law binding or applying to it within or outside Hong Kong existing currently and in the future (e.g. the Inland Revenue Ordinance and its provisions including those concerning automatic exchange of financial account information);
any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside Hong Kong existing currently and in the future (e.g. guidelines or guidance given or issued by the Inland Revenue Department including those concerning automatic exchange of financial account information); and
When the Company accesses consumer credit data about a data subject held with credit reference agencies, it must comply with the Code of Practice on Consumer Credit Data approved and issued under the Ordinance (the “Code”) and other relevant regulatory requirements.
Such mortgage account general data means the following data of the data subject: full name, capacity in respect of each mortgage (as borrower, mortgagor or guarantor), Hong Kong Identity Card or travel document number, date of birth, address, mortgage account number in respect of each mortgage, type of facility in respect of each mortgage, mortgage account status in respect of each mortgage (e.g. active, closed, write-off), (if any) mortgage account closed date in respect of each mortgage.
Credit reference agencies will use the mortgage account general data supplied by the Company for the purposes of compiling a count of the number of mortgages from time to time held by a data subject, as borrower, mortgagor or guarantor respectively, for sharing in the consumer credit databases of credit reference agencies by credit providers (subject to the requirements of the Code).
the following classes of services, products and subjects may be marketed:
If a data subject does not wish the Company to use or provide to other persons his/her data for use in direct marketing as described above, the data subject may exercise his/her opt-out right by notifying the Company at any time and without charge. (To opt-out, please complete and return to us an opt-out form available on our website: www.dbs.com.hk or from any of our branches.)
Transfer of personal data to data subject’s third party service providers using the Company application programming interfaces (“API”)
The Company may, in accordance with the data subject’s instructions to the Company or third party service providers engaged by the data subject, transfer the data subject’s data to third party service providers using the Company’s API for the purposes notified to the data subject by the Company or third party service providers and/or as consented to by the data subject in accordance with the Ordinance.
In the event of any default of payment relating to an account, unless the amount in default is fully repaid or written off (other than due to a bankruptcy order) before the expiry of 60 days from the date such default occurred, the account repayment data may be retained by credit reference agencies until expiry of 5 years from the date of final settlement of the amount in default. Account repayment data includes amount last due, amount of payment made during the last reporting period (being a period not exceeding 31 days immediately preceding the last contribution of account data by the Company to the credit reference agency), remaining available credit or outstanding balance, and default data (being amount past due and number of days past due, date of settlement of amount past due, and date of final settlement of amount in default lasting in excess of 60 days (if any)).
In the event any amount in an account is written off due to a bankruptcy order being made against the data subject, the account repayment data (as defined in paragraph (k) above) may be retained by credit reference agencies, regardless of whether the account repayment data reveal any default of payment lasting in excess of 60 days, until expiry of 5 years from the date of final settlement of the amount in default or expiry of 5 years from the date of discharge from bankruptcy as notified by the data subject with evidence to the credit reference agency(ies), whichever is earlier.
DBS Bank (China) Limited(only applicable to customers whose Mainland China Remittance Account is with DBS Bank (China) Limited)
The Data Protection OfficerDBS Bank (Hong Kong) Limited10/F One Island East18 Westlands RoadIsland East Hong KongFacsimile: 852-2536 4307
Postal Savings Bank of China Co., Ltd.
(only applicable to customers whose Mainland China Remittance Account is with Postal Savings Bank of China Co., Ltd.)
Shenzhen Rural Commercial Bank Corporation Limited
(only applicable to customers whose Mainland China Remittance Account is with Shenzhen Rural Commercial Bank Corporation Limited)
DBS Bank (Hong Kong) Limited
DBS Bank Ltd