The purpose of this document (Data Protection Policy) is to inform you of how Bank of Singapore Limited and Bank of Singapore Nominees Pte Ltd manage Personal Data (as defined below) which is subject to the Singapore Personal Data Protection Act (No. 26 of 2012) (the Act). Please take a moment to read this Data Protection Policy so that you know and understand the purposes for which we collect, use and disclose your Personal Data.
By interacting with us, submitting information to us, or signing up for any products or services offered by us, you agree and consent to Bank of Singapore Limited and Bank of Singapore Nominees Pte Ltd (including their related corporations and overseas branches and offices) (collectively, the 'Companies'), as well as their respective representatives and/or agents ('Representatives') (the Companies and Representatives collectively referred to herein as 'BOS', 'us', 'we' or 'our') collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Companies' authorised service providers and relevant third parties in the manner set forth in this Data Protection Policy.
This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to BOS in respect of your Personal Data, and your consents herein are additional to any rights which any of the Companies may have at law to collect, use or disclose your Personal Data.
BOS may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of the Data Protection Policy as updated from time to time on our website. Please check back regularly for updated information on the handling of your Personal Data.
In this Data Protection Policy, "Personal Data" refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address, transactional data and any other information relating to any individuals which you have provided us in any forms you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you.
Generally, we collect Personal Data in the following ways:
When you browse our website and platforms, you generally do so anonymously but please see the section below on cookies. We do not, at our website and platforms, automatically collect Personal Data, including your email address unless you provide such information or login with your account credentials.
If you provide us with any Personal Data relating to a third party (for example, information of your spouse, children, parents, or a Connected Person), by submitting such information to us, you represent to us that you have obtained the consent of the third party to you providing us with his/her Personal Data for the respective purposes.
"Connected Person" may include but is not limited to any beneficial owner, authorised signatory, director, shareholder, officer of a company, partner or member of a partnership, settlor, trustee, beneficial owner, protector or grantor of trust, mandate holder, power of attorney holder, surety, third party security provider, provider of funds, founder and/or employee, payee of designated payment, representatives, agents or nominees.
You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with products and services you have requested. You agree to inform BOS immediately of any change of facts or circumstances which may render any information or Personal Data previously provided inaccurate, untrue or incorrect and provide any information or documentation as BOS may reasonably require for the purposes of verifying the accuracy of the updated information or Personal Data.
Generally, BOS collects, uses and discloses your Personal Data for the following purposes:
These purposes may also apply even if you do not maintain any account(s) with us, or have terminated these account(s).
In addition, BOS collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:
In addition, where permitted under the Act, BOS may also collect, use and disclose your Personal Data for the following purposes (which we may describe in our documents and agreements as "Additional Purposes" for the handling of Personal Data):
If you have provided your Singapore telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Singapore telephone number(s), then from time to time, BOS may contact you using such Singapore telephone number(s) (including via voice calls, text , fax or other means) with information about our products and services (including discounts and special offers).
In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
BOS will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be provided, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Singapore:
Our websites and platforms use cookies and other technologies. Cookies are small text files stored in your computing or other electronic devices when you visit our website and platforms for record keeping purposes. Cookies are stored in your browser’s file directory, and the next time you visit the website or platform, your browser will read the cookie and relay the information back to the website, platform or element that originally set the cookie. Depending on the type of cookie it is, cookies may store user preferences and other information.
Web beacons (also known as pixel tags and clear GIFs) involve graphics that are not apparent to the user. Tracking links and/or similar technologies consist of a few lines of programming code and can be embedded in our websites or platforms. Web beacons are usually used in conjunction with cookies and primarily used for statistical analysis purposes. This technology can also be used for tracking traffic patterns on websites and platforms, as well as finding out if an e-mail has been received and opened and to see if there has been any response.
We may employ cookies and other technologies as follows:
Some cookies we use are from third party companies to provide us with web analytics and intelligence about our websites and platforms. These companies collect information about your interaction with our websites and platforms. We use such information to compile statistics about visitors who interact with the websites, platforms and other OCBC online content, to gauge the effectiveness of our communications, and to provide more pertinent information to our visitors.
If you do not agree to such use of cookies, you can adjust your browser settings. Unless you have adjusted your browser settings to block cookies, our system will issue cookies as soon as you visit our site or click on a link in a targeted email that we have sent you, even if you have previously deleted our cookies
The way which cookies can be managed depends on your browser. The following links provide information on how to configure or disable cookies in each browser:
If you do not agree to our use of cookies and other technologies as set out in this Data Protection Policy, you should delete or disable the cookies associated with our websites and platforms by changing the settings on your browser accordingly. However, you may not be able to enter certain part(s) of our websites or platforms. This may also impact your user experience while on our websites or platforms.
BOS will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that for example no harmful code will enter our website (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites and take any necessary precautions.
While we strive to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet or electronic communication or when you use our electronic services, and we urge you to take every precaution to protect your Personal Data when you use such platforms. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
If you:
Email: | dpo@bankofsingapore.com |
---|---|
Call: | +65 6559 8000 |
Write in: | Data Protection Officer Bank of Singapore Limited 63 Market Street #22-00 Bank of Singapore Centre Singapore 048942 |
Please note that if your Personal Data has been provided to us by a third party (for example, The Central Depository Pte Ltd), you should contact that such party directly to make any queries, feedback and access and correction requests to BOS on your behalf.
If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, BOS or any of the Companies may not be in a position to continue to provide its products or services to you, administer any contractual relationship in place, may also result in the termination of any agreements you have entered into with BOS or any of the Companies, and your being in breach of your contractual obligations or undertakings, and BOS’s or the Company’s legal rights and remedies in such event are expressly reserved.
From time to time, it may be necessary for the Bank to collect data of clients and other individuals (for example, persons giving or proposing to give guarantees or third party security for obligations owed to the Bank, persons linked to a client that is not an individual, including the beneficial owners and officers of that client, or in the case of a trust, the trustees, settlors, protectors and beneficiaries of the trust and other persons who are relevant to a client’s relationship with the Bank) in connection with the purposes set out in this Statement. Clients and other individuals are collectively, referred to as “you” and/or ‘data subject’ in this Statement.
Failure to supply such data may result in the Bank being unable to open, provide or continue to provide banking services, banking/credit facilities or investment related services to you or being unable to comply with any laws or guidelines issued by regulatory or other authorities.
It is also the case that data are collected from data subjects in the ordinary course of the continuation of the banking relationship, for example, when data subjects write cheques, deposit money, apply for credit, give instructions or otherwise carry out transactions as part of the Bank’s services. This includes information obtained from credit reference agencies. Data may be collected directly from you, or from someone acting on your behalf or from other sources (including credit reference agencies approved for participation in the Multiple Credit Reference Agencies Model (credit reference agencies)) and combined with other data available to the Bank Group (as defined below).
The purposes for which data relating to a data subject may be used are as follows:
With respect to data in connection with mortgages applied by a data subject (whether as borrower, mortgagor or guarantor and whether in the data subject’s sole name or in joint names with others) on or after 1 April 2011, the following data relating to you (including any updated data of any of the following data from time to time) may be provided by the Bank to credit reference agencies (collectively CRAs and each a CRA):
The CRAs will use the Mortgage Account General Data supplied by the Bank to generate the Mortgage Count (as defined below) for sharing in the consumer credit databases of CRAs by credit providers (subject to the requirements of the Code of Practice on Consumer Credit Data approved and issued under the Ordinance).
You can instruct the Bank to make a request to the relevant CRA to delete from its database any account data relating to any credit that has been terminated by full repayment provided that there has not been, within five (5) years immediately before such termination, a default in payment under the credit for a period in excess of sixty (60) days according to the Bank’s records.
If there is any default in payment, unless the amount in default is fully repaid or written off (other than due to bankruptcy order) before the expiry of sixty (60) days from the date of default, your account repayment data may be retained by the relevant CRA until the expiry of five (5) years from the date of final settlement of the amount in default.
In the event of any amount being written off due to a bankruptcy order being made against you, the relevant CRA may retain your account repayment data until the earlier of (i) the expiry of five (5) years from the date of final settlement of the amount in default, or (ii) the expiry of five (5) years from the date of your discharge from bankruptcy as notified to the CRA by you with evidence.
For the purposes of paragraphs (h) and (i) above, account repayment data are the amount last due, amount of payment made during the last reporting period, remaining available credit or outstanding balance and default data (being amount past due and number of days past due, date of settlement of amount past due, and date of final settlement of amount in material default (that is, default in payment for a period in excess of sixty (60) days) (if any)).
Mortgage Count refers to the total number of mortgages held by a data subject from time to time with credit providers in Hong Kong SAR (whether as a borrower, mortgagor or guarantor, and whether in the data subject’s sole name or in joint names with others).
USE OF DATA IN DIRECT MARKETING
Where the data subject is a client, the Bank intends to use the data subject’s data in direct marketing and the Bank requires the data subject’s consent (which includes an indication of no objection) for that purpose. In this connection, please note that:
Transfer of personal data to data subject’s third party service providers using bank Application Programming Interfaces (API)
Data Protection Officer
Bank of Singapore Limited (Hong Kong Branch)
34/F, One International Finance Centre
1 Harbour View Street,
Central, Hong Kong
Telephone: +852 2846 3800
Fax: +852 2295 3332
The Bank may have obtained a credit report on the data subject from a CRA in considering any application for credit. In the event the data subject wishes to access the credit report, the Bank will advise the contact details of the relevant CRA.
Nothing in this Statement shall limit the rights of data subjects under the Ordinance.
Capitalised terms used shall have the following meanings:
Authorities means judicial, regulatory, public, government agency authorities, Tax Authorities, securities or futures exchange, or law enforcement bodies having jurisdiction over any part of the Bank Group or any agents thereof;
Bank Group means collectively and individually, the head office of the Bank, parent bank and its subsidiaries and affiliates, and “any member of the Bank Group” has the same meaning; and
Tax Authorities means domestic or foreign tax, revenue, fiscal or monetary authorities.
In the event of discrepancies between the English and Chinese versions of this Statement, the English version shall apply and prevail.
BOS Wealth Management Europe S.A. (BOSWME) is committed to ensure that personal data is handled with responsibility, transparently and securely under the Regulation 2016/679 of 27 April 2016 (GDPR) and the Data Protection Act 2018 (UK).
BOSWME may act as either a controller or processor. The personal data we collect from data subjects (e.g., website users, clients or recruitees) and from different providers is used to facilitate compliance with applicable rules and regulations, and to ensure that our services comply with the highest business standards.
We provide each data subject with a Data Privacy Notice that explains the purposes for which personal data is collected and used, how the data is used and disclosed, how long it is kept, the controller's legal basis for processing and the contact details for its Data Protection Officer.
If you wish to exercise your data protection rights, please send us a written request by either:
UK branch - BOS Wealth Management S.A., UK Branch, Data Protection Officer, 62 Queen Street, The Rex Building, 3rd floor, London EC4R 1EB, United Kingdom.
The BOSWME Data Protection Policy is implemented as a statement that sets out how our firm protects personal data. It is a set of principles, rules and guidelines that informs how BOSWME will ensure ongoing compliance with data protection laws.
The BOSWME Website Privacy Policy is a document for users about how we collect and handle their personal data, who BOSWME shares it with, and any other relevant details.
BOSWME Website Privacy Policy
This Cookie Declaration aims to inform users about our use of cookies, what types of cookies are used, and why. We are committed to full transparency regarding user privacy while using our website. In the statements of this document, users will find all the essential information to ensure data protection and transparency.
BOSWME is committed to protecting the privacy of all job applicants by ensuring the highest level of security for personal data. This Recruitment Privacy Notice details what personal data we collect, how we handle such data and how we protect it. Also, the documents provides information about the data subject’s rights.
The purpose of this document ('Data Protection Policy') is to inform you of how Bank of Singapore Limited, DIFC branch ('BOS DIFC') manages Personal Data (as defined below) which is subject to the Dubai International Financial Centre ('DIFC') Data Protection Law (DIFC Law No. 5 of 2020) (the 'Law'). Please take a moment to read this Data Protection Policy so that you know and understand the purposes for which we collect, use and disclose your Personal Data.
By interacting with us, submitting information to us, or signing up for any products or services offered by us, you acknowledge that BOS DIFC(including its respective representatives and/or agents ("Representatives") (BOS DIFC and its Representatives collectively referred to herein as 'BOS DIFC', 'us', 'we' or 'our') may collect, use, disclose and share amongst themselves your Personal Data, and disclose such Personal Data to BOS DIFC’s authorised service providers and relevant third parties, including BOS DIFC’s related corporations, head office and overseas branches and offices and overseas branches and officers of BOS DIFC’s related corporations (the 'Companies' and each, a 'Company')in the manner set forth in this Data Protection Policy.
BOS DIFC may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. You acknowledge that you have reviewed and understood the terms of this Data Protection Policy as updated from time to time on our website http://www.bankofsingapore.com/Data-Protection-Policy.html. Please check back regularly for updated information on the handling of your Personal Data
In this Data Protection Policy, 'Personal Data' refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, national identity card, passport or other identification number, telephone number(s), mailing address, email address, transactional data and any other information relating to any individuals which you have provided us in any forms you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you.
Generally, we collect Personal Data in the following ways:
When you browse our website and platforms, you generally do so anonymously but please see the section below on cookies. We do not, at our website and platforms, automatically collect Personal Data, including your email address unless you provide such information or login with your account credentials.
If you provide us with any Personal Data relating to a third party (for example, information of your spouse, children, parents, or a Connected Person), by submitting such information to us, you represent to us that you have obtained the consent of the third party to you providing us with his/her Personal Data for the respective purposes.
'Connected Person' may include but is not limited to any beneficial owner, authorised signatory, director, shareholder, officer of a company, partner or member of a partnership, settlor, trustee, beneficial owner, protector or grantor of trust, mandate holder, power of attorney holder, surety, third party security provider, provider of funds, founder and/or employee, payee of designated payment, representatives, agents or nominees.
You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with products and services you have requested. You acknowledge that you should inform BOS DIFC immediately of any change of facts or circumstances which may render any information or Personal Data previously provided inaccurate, untrue or incorrect and provide any information or documentation as BOS DIFC may reasonably require for the purposes of verifying the accuracy of the updated information or Personal Data.
Generally, BOS DIFC collects, uses and discloses your Personal Data for the following purposes:
These purposes may also apply even if you do not maintain any account(s) with us, or have terminated these account(s) arranged by us.
In addition, BOS DIFC collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:
In addition, where permitted under the Law, BOS DIFC may also collect, use and disclose your Personal Data for the following purposes (which we may describe in our documents and agreements as "Additional Purposes" for the handling of Personal Data):
If you have provided your telephone number(s) you consent to receiving marketing or promotional information via your telephone number(s), then from time to time, BOS DIFC may contact you using such telephone number(s) (including via voice calls, text , fax or other means) with information about our products and services (including discounts and special offers). If you specifically instruct us in writing objecting to our use of personal data for direct marketing purposes we will stop using the data in such manner.
In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
BOS DIFC will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be provided, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas, including the United Arab Emirates outside the DIFC and Singapore, or in the DIFC:
Our websites and platforms use cookies and other technologies. Cookies are small text files stored in your computing or other electronic devices when you visit our website and platforms for record keeping purposes. Cookies are stored in your browser’s file directory, and the next time you visit the website or platform, your browser will read the cookie and relay the information back to the website, platform or element that originally set the cookie. Depending on the type of cookie it is, cookies may store user preferences and other information.
Web beacons (also known as pixel tags and clear GIFs) involve graphics that are not apparent to the user. Tracking links and/or similar technologies consist of a few lines of programming code and can be embedded in our websites or platforms. Web beacons are usually used in conjunction with cookies and primarily used for statistical analysis purposes. This technology can also be used for tracking traffic patterns on websites and platforms, as well as finding out if an e-mail has been received and opened and to see if there has been any response.
We may employ cookies and other technologies as follows:
Some cookies we use are from third party companies to provide us with web analytics and intelligence about our websites and platforms. These companies collect information about your interaction with our websites and platforms. We use such information to compile statistics about visitors who interact with the websites, platforms and other online content belonging to Oversea-Chinese Banking Corporation (“OCBC”), to gauge the effectiveness of our communications, and to provide more pertinent information to our visitors.
If you do not agree to such use of cookies, you can adjust your browser settings. Unless you have adjusted your browser settings to block cookies, our system will issue cookies as soon as you visit our site or click on a link in a targeted email that we have sent you, even if you have previously deleted our cookies.
The way which cookies can be managed depends on your browser. The following links provide information on how to configure or disable cookies in each browser:
If you do not agree to our use of cookies and other technologies as set out in this Data Protection Policy, you should delete or disable the cookies associated with our websites and platforms by changing the settings on your browser accordingly. However, you may not be able to enter certain part(s) of our websites or platforms. This may also impact your user experience while on our websites or platforms.
BOS DIFC will take appropriate efforts to protect Personal Data in our possession or our control by making appropriate security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. We have put in place procedures to deal with any suspected data security breach and will notify you and the data protection regulator, the DIFC Commissioner of Data Protection (the "Commissioner") of a suspected breach where we are legally required to do so or we consider it appropriate to do so. Although we will implement appropriate measures to keep your data secure, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that for example no harmful code will enter our website (for example viruses, bugs, trojan horses, spyware or adware). No communication over public internet can be guaranteed to be secure. You should be aware of the risks associated with using websites and the internet and take any necessary precautions.
While we strive to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet or other electronic communications or when you use our electronic services, and we urge you to take every precaution to protect your Personal Data when you transmit your Personal Data via the Internet or other electronic communications. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
If applicable, you acknowledge that you should keep your username and password secure and confidential and should not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place.
Our website may contain links to other websites operated by third parties. We do not control the privacy practices of websites operated by third parties that are linked to our website. We do not endorse or make any representations about third-party websites. We encourage you to learn about the privacy policies of such third party websites. Some of these third party websites may be co-branded with our logo or trademark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable privacy policy of the third party website to determine how they will handle any information they collect from you.
Under certain circumstances, you may exercise any of the following rights:
If you:
Email: | ae.difc.dpo@bankofsingapore.com |
---|---|
Call: | +971 4 4277100 |
Write in: | Data Protection Officer Bank of Singapore Limited, DIFC Branch P O Box 4296, Dubai – UAE |
If you feel that we do not comply with the Law, you may lodge a complaint with the Commissioner.
We confirm that we will not discriminate against you if you exercise any of your rights under this Data Protection Policy.
Please note that if your Personal Data has been provided to us by a third party, we recommend that you contact that party directly to make any queries, feedback and requests to BOS DIFC on your behalf.
If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, BOS DIFC may not be in a position to continue to provide its products or services to you, administer any contractual relationship in place, may also result in the termination of any agreements you have entered into with BOS DIFC, which could have adverse impacts on your financial situation.
In this privacy notice, ‘we’ us’ and ‘our’ means:
We are committed to protecting your privacy and ensuring the highest level of security for your personal information. This Privacy Notice explains the types of personal information we collect, how we use that information, who we share it with, and how we protect that information. It also provides information about your rights.
Please read the following carefully to understand our views and practices regarding your personal information.
Depending on which of our products and services you ask us about, buy or use, different companies within our organisation will process your information. Generally, the Bank provides private banking services, while the Trustee provides trustee and trust administration services to clients of the Bank.
This Privacy Notice applies to any individual located within the European Economic Area1 ('EEA', i.e. EU member states including Norway, Liechtenstein and Iceland) who enquire about, purchase or make use of our products and services provided by the Bank and/or Trustee.
1For the purposes of this Privacy Notice, the European Economic Area shall comprise the following countries: Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the UK, Iceland, Liechtenstein and Norway. (Iceland, Liechtenstein and Norway are not part of the EU, but are part of the European Economic Area, and the GDPR applies to them as well.)
We may collect information about you from the following sources:
We obtain personal information about you through your interactions with us generally, including by telephone calls (which may be recorded), by email, via our websites, via application or other forms or face to face (e.g. in meetings). We collect personal information (such as your name, contact details, financial details, employment and education details, nationality, date and place of birth, marital status, passport or other identification details and details of visits to our premises) that you provide to us when you:
We collect information about you by monitoring your access to our premises (e.g. CCTV). We also collect information about how you interact with our website, including IP addresses or other device information (you’ll find more information about this in our Cookie Statement).
We receive information about you from third parties (e.g. credit reference agencies).
We process two categories of personal information about you:
We process your personal information for the purposes set out in this notice. Different legal grounds apply depending on what category of personal information we process. Standard personal information is normally processed by us on the basis that it is necessary for the performance of a contract, our or a third parties’ legitimate interests or law. Further information about this and special category processing grounds is set out below.
We process the following information: |
For the following purpose(s): |
Based on the following justification: |
|
|
|
Name, ID Number, Nationality, Passport Information, Tax Details, Date of Birth, Place of Birth, Residential Address, Business Address, Occupation, Signature, Employment History, Education Background, Financial Details, Criminal Records |
To facilitate our account opening process, our trust and other entities establishment process, our customer due diligence process and our vendor due diligence process, as well as to prevent fraud and abuse of our services. |
Necessary to perform our contract, to comply with our regulatory requirements and more generally in order to pursue our legitimate interest (see below) of managing our administrative and business operations and complying with internal policies and procedures. |
Financial and Transactional (e.g. details about your accounts with us and payments to and from your accounts with us) |
To enable us to process your transactions. To fulfil our Regulatory Reporting processes and facilitate fraud case handling and reporting (where required) |
Necessary to perform our contract and to comply with our regulatory requirements and more generally in order to pursue our legitimate interests (See below). |
Telephone Calls |
Monitoring of regulated activities, training and development |
To comply with our regulatory requirements and to pursue our legitimate interest (see below) to enhance the quality of our service. |
Particulars of any complaints |
To facilitate complaints handling and reporting |
To comply with our regulatory requirements |
Legitimate interest is one of the legal reasons why we may process your personal information. We process your personal information for a number of legitimate interests, including managing all aspects of our relationship with you, for marketing, to help us improve our services and products, and in order to exercise our rights or handle claims.
Taking into account your interests, rights and freedoms, legitimate interests which allow us to process your personal information include:
With your permission, we may send you carefully selected information about our products and services. You have the right to opt out of receiving direct marketing at any time by contacting your Relationship Manager.
We share your information for the purposes set out in this privacy policy, with the following categories of recipients :
In the course of providing such services, these service providers may have access to your personal information. However, we will only provide our service providers with personal information which is necessary for them to perform their services, and we require them not to use your information for any other purpose. We will use our best efforts to ensure that all our service providers keep your personal information secure.
We may also disclose your personal information to third parties where disclosure is both legally permissible and necessary to protect or defend our rights, matters of national security, law enforcement, to enforce our contracts or protect your rights or those of the public.
We will not sell your personal information to third parties.
Please note our website may, from time to time, contain links to and from the websites of our partners or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we have no control over how they may use your personal information. You should check the privacy policies of third party websites before you submit any personal information to them.
We use global information systems. As a result, The Bank and Trustee transfers and processes your information to countries outside of the EEA to Singapore, Hong Kong, Dubai, and Philippines. This list of jurisdictions may be subject to change. We take steps to ensure that when your personal information is transferred internationally, it is subject to appropriate safeguards in accordance with applicable data protection laws. Often, these safeguards include contractual safeguards. More information about these safeguards can be obtained by contacting:
Email: dpo@bankofsingapore.com
Write in: Data Protection Officer, Bank of Singapore Limited, 63 Market Street, #22-00 bank of Singapore Centre, Singapore 048942.
The data protection laws in the EEA and in some other countries provide individuals with the following rights:
These rights may not apply in all cases. If we are not able to comply with your request, we will explain why. In response to a request, we will ask you to verify your identity if we need to, and to provide information that helps us to understand your request better. If you would like more information about your rights or to exercise any of your rights, please contact:
Email: dpo@bankofsingapore.com
Write in: Data Protection Officer, Bank of Singapore Limited, 63 Market Street, #22-00 bank of Singapore Centre, Singapore 048942.
You also have the right to lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. If you are based in, or the issue relates to, the UK, the Information Commissioner’s Office can be contacted as follows:
Telephone: +44 0303 123 1113
Email: casework@ico.org.uk
Website: www.ico.org.uk
Web-form: www.ico.org.uk/concerns/
Address: Water Lane, Wycliffe House, Wilmslow, Cheshire, SK9 5AF
If you are in the EEA, you can also lodge a complaint with another supervisory authority which is based in the country or territory where:
a. you are living,
b. you work, or
c. the alleged infringement took place.
A list of the EU data protection supervisory authorities is available here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm .
We have implemented technical and organisational security measures to safeguard the personal information in our custody and control. Such measures include, for example, limiting access to personal information only to employees and authorised service providers who need to know such information for the purposes described in this Privacy Notice; adopting security protocols on networks and systems; using email security settings when sending and/or receiving highly confidential emails; applying physical access controls such as marking confidential documents clearly and prominently, storing confidential documents in locked file cabinets; restricting access to confidential documents on a need-to-know basis; using privacy filters; disposal of confidential documents that are no longer needed, through shredding or similar means; using a mode of delivery or transmission of personal data that affords the appropriate level of security (e.g. registered post instead of normal post where appropriate); confirming the intended recipient of personal data as well as other administrative, technical and physical safeguards.
While we endeavour to protect our systems, sites, operations and information against unauthorised access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others, such as hackers.
We will only retain your personal data for as long as necessary for the purpose for which that data was collected and to the extent permitted by applicable laws. In general, we will keep your personal data for between seven (7) to twelve (12) years (depending on the type of information, and in accordance with our internal policies) after your relationship with us is terminated. However, there may be circumstances that mean we must retain your personal information for longer. In order to determine how long it is necessary to retain your personal information, we calculate retention periods in accordance with the following criteria:
Our services are not intended to be provided to children and we will never knowingly collect personal information from individuals under the age of thirteen (13) years without first obtaining verifiable parental consent. If you are under the age of 13 you should not provide information to us. If we become aware that a person under 13 has provided personal information to us without verifiable parental consent, we will remove such personal information from our files.
If there are any questions or concerns regarding this Privacy Notice, please contact us as follows:
Email: dpo@bankofsingapore.com
Write in: Data Protection Officer, Bank of Singapore Limited, 63 Market Street,#22-00 bank of Singapore Centre, Singapore 048942.
This Privacy Notice is written in English and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this notice, the English version shall prevail.
We reserve the right to change our Privacy Notice from time to time. If we decide to change our Privacy Notice we will notify you of these changes.
18th Oct 2019
In order to meet customer expectations and improve the services offered on our website, Bank of Singapore Limited, 63 Market Street, #22-00 Bank of Singapore Centre, Singapore 048942 may use cookies. If you want to learn more about what are cookies, how they're used and what your choices are, you can read more here.
Cookies are small text files stored in your computing or other electronic devices which allow us to remember you or other data about you. The cookies placed by our server are readable only by us, and cookies cannot access, read or modify any other data on an electronic device. All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
Cookies are used for different purposes. We may employ cookies in order for our server to recognise a return visitor as a unique user including, without limitation, monitoring information relating to how a visitor arrives at the website, what kind of browser a visitor is on, what operating system a visitor is using, a visitor's IP address, and a visitor's click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
Cookies can generally be put into one of the following four categories:
We use the following cookies on our website:
Cookie name |
Category |
Purpose |
First / Third Party |
JSESSIONID |
Strictly necessary cookies |
This is required to have client session stickiness with application server |
First Party |
WASSID & WSATAR |
Strictly necessary cookies |
Used to track and authenticate user login |
First Party |
AMCV_###@AdobeOrg |
Functionality and performance cookies |
This cookie is used by our analytics software, Adobe Analytics, to identify a unique visitor. |
First and Third Party |
gpv |
Functionality and performance cookies |
This cookie stores the quantity of pages you view when visiting the Websites |
First and Third Party |
s_cc |
Functionality and performance cookies |
This cookie allows Adobe Analytics to determine whether or not cookies are enabled in your browser. |
First and Third Party |
s_ppv |
Functionality and performance cookies |
Stores information on the percentage of the page displayed |
First and Third Party |
s_ppvl |
Functionality and performance cookies |
Stores information on the percentage of the page displayed to you |
First and Third Party |
s_sq |
Functionality and performance cookies |
This cookie is set and read by the JavaScript code when the ClickMap functionality and the Activity Map functionality are enabled; it contains information about the previous links that you clicked on the Websites. |
First Party |
_ga |
Functionality and performance cookies |
Google Analytics to determine that two distinct hits belong to the same user across sessions |
First and Third Party |
_gat |
Functionality and performance cookies |
Google analytics to measure how users interact with website content as a user journey between web pages |
Third Party |
_gid |
Functionality and performance cookies |
To store and update a unique value for each page visited for google analytics |
Third Party |
Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain parts of our website.
To learn more about cookies and how to manage or delete them, just visit allaboutcookies.org and the help section of your browser. In the settings for browsers like Internet Explorer, Safari, Firefox or Chrome, you can set which cookies to accept and which to reject. Where you find these settings depends on your browser – use the 'Help' function in your browser to locate the settings you need.
You can also find helpful information about cookies at http://www.youronlinechoices.eu and http://www.international-chamber.co.uk/our-expertise/digitaleconomy.
If you have any questions, suggestions, or comments about this Cookie Statement, send an email to dpo@bankofsingapore.com. Our Cookie Statement may also be amended from time to time – so visit this page regularly to stay up to date.
The purpose of this document ('Data Protection Policy') is to inform you of how BOS Trustee Limited manages Personal Data (as defined below) which is subject to the Singapore Personal Data Protection Act (No. 26 of 2012) (the Act). Please take a moment to read this Data Protection Policy so that you know and understand the purposes for which we collect, use and disclose your Personal Data.
By interacting with us, submitting information to us, or signing up for any Services (as defined in paragraph 2.1(a) below) offered by us, you agree and consent to BOS Trustee Limited (including its related corporations and business units) (collectively, the 'Companies'), as well as their respective representatives and/or agents ("Representatives") (the Companies and Representatives collectively referred to herein as 'BOSTL', 'us', "we" or 'our') collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Companies' authorised service providers and relevant third parties in the manner set forth in this Data Protection Policy.
This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to BOSTL in respect of your Personal Data, and your consents herein are additional to any rights which to any of the Companies may have at law to collect, use or disclose your Personal Data.
BOSTL may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of the Data Protection Policy as updated from time to time on our website. Please check back regularly for updated information on the handling of your Personal Data.
In this Data Protection Policy, 'Personal Data' refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address, transactional data and any other information relating to any individuals which you have provided us in any forms you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you.
Generally, we collect Personal Data in the following ways:
When you browse our website and platforms, you generally do so anonymously but please see the section below on cookies. We do not, at our website and platforms, automatically collect Personal Data, including your email address unless you provide such information or login with your account credentials.
If you provide us with any Personal Data relating to a third party (for example, information of your spouse, children, parents, or a Connected Person), by submitting such information to us, you represent to us that you have obtained the consent of the third party to you providing us with his/her Personal Data for the respective purposes.
'Connected Person' may include but is not limited to any beneficial owner, authorised signatory, director, shareholder, officer of a company, partner or member of a partnership, settlor, trustee, beneficial owner, protector or grantor of trust, mandate holder, power of attorney holder, surety, third party security provider, provider of funds, founder and/or employee, payee of designated payment, representatives, agents or nominees.
You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with products and services you have requested. You agree to inform BOS immediately of any change of facts or circumstances which may render any information or Personal Data previously provided inaccurate, untrue or incorrect and provide any information or documentation as BOS may reasonably require for the purposes of verifying the accuracy of the updated information or Personal Data.
Generally, BOS collects, uses and discloses your Personal Data for the following purposes:
These purposes may also apply even if you do not maintain any accounts with us, or have terminated these accounts.
In addition, BOS collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:
In addition, where permitted under the Act, BOS may also collect, use and disclose your Personal Data for the following purposes (which we may describe in our documents and agreements as 'Additional Purposes' for the handling of Personal Data):
If you have provided your Singapore telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Singapore telephone number(s), then from time to time, BOS may contact you using such Singapore telephone number(s) (including via voice calls, text , fax or other means) with information about our products and services (including discounts and special offers).
In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
BOS will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be provided, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Singapore:
If you:
Email: | dpo.sg@BOSTrustee.com |
---|---|
Call: | +65 6818 6478 |
Write in: | Data Protection Officer Data Protection & Governance Office BOS Trustee Limited 63 Market Street #14-00 Bank of Singapore Centre Singapore 048942 |
Please note that if your Personal Data has been provided to us by a third party (e.g. The Central Depository Pte Ltd), you should contact such party directly to make any queries, feedback, and access and correction requests to BOSTL on your behalf.
If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, BOSTL may not be in a position to continue to provide its Services to you, administer any contractual relationship in place, may also result in the termination of any agreements with BOSTL, and your being in breach of your contractual obligations or undertakings, and BOSTL’s legal rights and remedies in such event are expressly reserved.
This Data Protection Policy and your use of this website shall be governed in all respects by the laws of Singapore.
This NextGen Community Data Protection Notice (“Notice”) sets out the basis which Bank of Singapore Limited (“we”, “us”, or “our”) may collect, use, disclose or otherwise process personal data of our NextGen members in accordance with the Personal Data Protection Act (“PDPA”). This Notice applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.
PERSONAL DATA
“member” means an individual who (a) has contacted us through any means to find out more about any products or services we provide, or (b) may have, or has, entered into a contract with us for the supply of any products or services by us; and
“personal data” means data, whether true or not, about a member who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
WITHDRAWING YOUR CONSENT
ACCESS TO AND CORRECTION OF PERSONAL DATA
PROTECTION OF PERSONAL DATA
ACCURACY OF PERSONAL DATA
RETENTION OF PERSONAL DATA
TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE
DATA PROTECTION OFFICER
EFFECT OF NOTICE AND CHANGES TO NOTICE
Last updated on 07 June 2024.