This Privacy Policy Effective Date: 2026/06/13.
This Policy was released on 2026/06/12.
Standard Chartered Bank (China) Limited (“we”, “us” or “SCB China”) is fully aware of the importance of personal information to you and strives at all times to respect and protect your privacy. We therefore formulate this Standard Chartered Bank (China) Limited Online Banking Privacy Policy (this “Policy”) to better explain how we collect, store, protect, use and disclose personal information and to help you understand the rights you have.
This Policy applies only to the “Standard Chartered Bank China – Online Banking” services (including Mobile Web services) operated by us via https://www.sc.com/cn/en (“Online Banking”, which excludes SC Mobile Banking, the mobile banking services provided through SCB China’s “Mobile Banking App”). We will collect, store, use and disclose your personal information (including sensitive personal information) in accordance with this Policy when you use Online Banking to, among others, manage your bank accounts, manage your credit card accounts and repayments, make payments and fund transfers, trade in foreign exchange, make time deposits, purchase structured deposits (save for services subject to a separate privacy policy or governed by any user agreement that provides otherwise). This Policy is closely related to your use of our Online Banking. We advise you to carefully read and understand this Policy in full. The provisions in this Policy which have a material bearing on your rights and interests and the sensitive personal information are IN BOLD for your special attention. Please do not use our Online Banking if you do not understand or accept this Policy in full.
In addition to this Policy, we will separately provide you with a <Consent Letter for Sensitive Personal Information>, a <Consent Letter for – Disclosure of Personal Information to Third Parties> and a <Consent Letter for Personal Information Cross-border Transfer>to make further disclosure as to how we process your sensitive personal information and how we disclose personal information to third parties. The <Consent Letter for Sensitive Personal Information> , the <Consent Letter for – Disclosure of Personal Information to Third Parties> and the <Consent Letter for Personal Information Cross-border Transfer>are in addition to this Policy and, together with this Policy, form a complete set of rules for us to process your personal information.
Should you have any question, comment or suggestion, please contact us at:
Our official website: https://www.sc.com/cn/en/contact-us/
Our customer service hotline: 956083
This Policy will help you to understand:
I. How we collect and use your personal information
II. Cookies and similar technologies
III. How we have third parties to process, and how we share, transfer and publicly disclose, your personal information
IV. Exceptions to obtaining consent
V. How we store your personal information
VI. How we protect your personal information
VII. How you could manage your personal information
VIII. How we protect the personal information of minors
IX. How we update this Policy
X. How to contact us
XI. Other provisions
I. How we collect and use your personal information
Personal information refers to any kind of information whether recorded in an electronic or other form that is associated with an identified or identifiable natural person, excluding information that has been anonymized.
(A) How we collect your personal information
When you use Online Banking, we will collect the information that you voluntarily provide in the process of using our services or that derives from your use of our services on a lawful, just and need-to basis if by doing so it allows us to provide you with the products and services in accordance with applicable laws and regulations, to improve the quality of our services, to maintain the safety of your accounts and funds, and to fulfill our legal obligations. We will collect your information under the following circumstances:
- If you are a debit card user with SCB China, when you register an Online Banking account, we will first verify your registered mobile phone number with us that is used to receive one time SMS password, the card number and the transaction password of your debit card (also required to retrieve your Online Banking username and password), and the initial Online Banking username and password. After that, you need to set up a new Online Banking username and password of your own to complete the registration; we collect such personal information to verify your identity, complete the user registration process and meet our anti-money laundering obligations under laws, regulations and regulatory requirements.
- In the process of your use of our Online Banking, we will collect the following information of yours on a lawful, just, and need-to basis to the extent necessary for us to provide you with the relevant Online Banking services. Please note that if you do not provide the information below, you would not be able to access and use the relevant Online Banking services.
(1) You are required to provide your Online Banking username and password and the one-time SMS password received with your registered mobile phone number to log in to Online Banking,and we will collect your Unique Device ID, IP address.
(2) When you activate your debit card through our Online Banking, we will collect the card number and expiration date of your debit card.
(3) When you need to use the basic Online Banking functions, you are required to provide certain personal information, which mainly includes:
- Setting up and using the mobile phone funds transfer service: your mobile phone number, the number of the account linked to the mobile phone funds transfer service, customer name, transaction details (including the amount transferred) and the payee’s mobile phone number and the name of the receiving bank;
- Making global account inquiry: details of your account(s) in any other country as provided by a Standard Chartered Bank in the relevant country;
- Making internal funds transfers between your own accounts within the bank: the receiving account number, the transaction amount, the transaction currency, the time of transfer, and the agreed frequency of transfer;
- Making intra-bank or inter-bank funds transfers, or international funds transfers (including international transfers, transfers via Global Link or Cross-boundary Wealth Management Connect): your account details and the account details of the payee (including the payee’s name, account number, branch or sub-branch of the bank, SWIFTCODE, the payee’s address and any other information that may be necessary pursuant to local laws and regulatory requirements of the relevant jurisdiction). Meanwhile, we will record the details of the funds transfer transaction (including the payer’s name, the payee’s name, the payer’s account number, the name of the paying bank, the banking office of the paying bank, the payee’s account number, the name of the receiving bank, the banking office of the receiving bank, the method of transfer, the amount transferred and the currency used, the time of transfer, the agreed frequency of transfer, the transaction notes, and the status, date and time of the transaction) for your inquiry. In order to confirm a fund transfer transaction, we will collect your debit card password to complete the verification. When you add a Global Link account, we need to record the country/jurisdiction in which you hold the account, your ID number in certain jurisdiction (Taiwan), and your Online Banking username and password for that particular country/jurisdiction’s account. If you choose to delete a Global Link account, you must provide the country/market in which you hold the account, and the type and number of the account;
- Managing the bank cards bound to a Type II/III account: your name, the Type II/III account number and type, the issuer of the bound bank card, the number of the debit card bound to Type I account to which the Type II/III account will also be bound, your ID number and mobile phone number;
- Opening a Renminbi savings account (Type II/III): the type of the account, your name, date of birth, country/jurisdiction of birth, city/town of birth, nationality (jurisdiction)/citizenship, ethnicity information, current residential address, mailing address, FATCA U.S. Person information and CRS tax residency information, and the debit card number;
- Opening a foreign currency savings account: your identity information (including name, date of birth, country/jurisdiction of birth, city or town of birth, nationality (jurisdiction) and residential address), transaction details (including account currency and transaction account number), FATCA U.S. Person information and CRS tax residency information (Country/Jurisdiction of Tax Residence and Taxpayer Identification Number);
- Using the function of managing third party payments: the number of your SCB debit card;
- Activating the virtual debit card service: the number of the Type II/III account opened with us, and the number of the virtual debit card;
- Making credit card repayments through Online Banking: your SCB payer’s account number, credit card number, type of repayment, amount of repayment, transaction notes, date of repayment;
- Having or updating a client investment profile: your employment status, age, level of education, financial status, investment objectives, knowledge of the investment products and investment experience, and results of your risk appetite assessment based on such information;
- Purchasing structured deposit and featured deposit products or creating Fixed Deposits, Certificates of Deposit, and other financial products: your identity information (including type of ID, ID number, name, gender, mobile phone number, residential address, annual household income, source of income, occupation, account number, transaction details (including transaction amount, transaction account number, interest, frequency of interest payment, maturity instruction), FATCA U.S. Person information and CRS tax residency information (Country/Jurisdiction of Tax Residence and Taxpayer Identification Number). When you withdraw money from Fixed Deposits or Call Deposit 2.0, we will collect the number of the account from which you withdraw money, currency, principal, term of deposit, account opening date, maturity date, account to which the money is transferred, name, customer reference number, contact number, the branch with which the account is opened, account type, and the date of the withdrawal application;
- Using Online Banking for foreign exchange settlement and trading, foreign exchange trading and foreign currency conversion: your identity information (including type of ID, ID number, name, age, nationality (jurisdiction), mobile phone number, residential address, occupation, account information) and your transaction details (including the basic information of foreign exchange trading/settlement such as transaction account, transaction amount, transaction currency, time and purpose of use of the foreign currency);
- Setting transaction limits through Online Banking: the type of the transaction limit, the maximum limit, the current limit and the new limit;
- Setting nicknames for your current savings account, fixed deposit account and structured deposit account through Online Banking: the account name and the account nickname;
- Updating your contact details/correspondence address through Online Banking: email address, mobile phone number, name, ID number, home phone number, or your correspondence address, country/jurisdiction, postal code, and nearest landmark;
- Subscribing to/setting monthly eStatements through Online Banking: the email address you use to receive the eStatements, the eStatement password;
- Subscribing to SMS banking: account type, account number, nickname of the current savings account, SMS alert service status, language of SMS banking;
- Other information you are required to provide in using the above mentioned functions by applicable laws, regulations and regulatory requirements as amended from time to time.
(4) In order to ensure the safe and normal operation of our Online Banking, prevent exposure to transactional and fund risks, and protect the safety of your account, we need to record your login time, browser type, login channel, Online Banking username, customer relationship number, login IP address, and other basic information of the devise you use. In addition, in order to verify the accuracy and completeness of the information you provide, we will check with the State organs, financial institutions, enterprises or public institutions that lawfully hold your information. If, for the purpose of such verification and check, we need to collect your information from any of the foregoing entities, we will request the relevant entity to specify its source of personal information and confirm the lawfulness of such source in accordance with applicable laws, regulations or regulatory requirements.
(5) In the event that you provide any feedback, make a voice/video call to, or communicate by text with, our customer service, or lodge a complaint, or take part in our marketing activities or surveys through Online Banking, we need to collect the information you submit in such process and the information relating to your operation (including voice/video call records, chat history) so as to contact you or provide follow-up responses and services.
(6) In order to enhance your experience with our services, we have made available a SMS banking function to provide you with secure and easy access to our SMS alerts. Depending on your preference, you can have SMS alerts sent to your designated mobile phone number while using our Online Banking, Mobile Banking, or other services offered by SCB China. For more details on SMS Banking, please go to https://www.sc.com/cn/en/bank-with-us/mobile-sms-banking/.
Please understand that the services we provide to you are updating and developing constantly. If you choose to use any service not specified hereinabove, and we need to collect your information in light of your use of such service, we will send you separate notices of the scope and purpose of, and obtain your consent to (if required by applicable laws and regulations), such collection by means of pop-up message, webpage prompt, agreement or an update of this Policy. We will use, store, disclose and protect your information in accordance with this Policy and the corresponding user agreement. Should you choose not to provide any of the information specified hereinabove, you may be refused certain services or parts of services, but your use of the other services provided by us would not be affected.
(B) How we use your personal information
We will use your information to abide by applicable laws, regulations and regulatory requirements, to provide services for you and improve the quality of the services provided for you, and to guarantee the security of your accounts and funds. In particular:
- We will use your personal information in accordance with the provisions of this Policy, in particular, the purposes and functions as described in the “How we collect your personal information” section above and to achieve our other related service purposes and functions;
- To ensure the stability and security of our services, your information may be used for verifying identity, safeguarding, anti- fraud monitoring (including monitoring for the purpose of preventing telecom fraud), preventing or prohibiting illegal activities, minimizing risks or for archival and backup purposes;
- To invite you to take part in customer surveys on our services, products or functions;
- To comply with our obligations relating to customer due diligence, anti-money laundering, and real-name system regulation, and obligations to report or file information to the relevant authorities, as well as other obligations imposed on us by laws and regulations, in accordance with applicable laws, regulations or regulatory requirements;
- In order to provide you with more accurate, personalized, smooth and easy-to-access services, or to seek for your help with evaluating, improving or designing our products, services and operational activities, we may use technical means to de-identify or desensitize your information and aggregate them for analysis and processing. Such de-identified information can no longer be used to identify the personal information subjects and therefore is not personal information, which may be used by us directly as permitted by law. We also have the right to employ the results of analysis of our user database in commercial use as such results cannot be used to identify the personal information subjects either. When we aggregate data on the use of the Online Banking services or functions, as such data do not contain any of your identifiable information, we may share these data with the public or third parties to demonstrate the overall usage of the services or functions.
- We will inform you and seek your prior consent (if required under applicable laws and regulations) if we need to use any information for any purpose other than the one for which it is collected.
II. Cookies and similar technologies
To ensure normal and safe operation of our Online Banking, when you use the Online Banking services, we may use Cookies to store the information required for security authentication or to help assess the security status of your account. Cookies store anonymous statistics only and do not touch on name, address, telephone, email address and other personal contact information. You may choose to erase all Cookies stored on your browser at any time by using the browser’s “Clear Browsing Data” function.
Further information on how we use cookies can be found in our Cookie Policy (https://www.sc.com/cn/en/cookie-policy/). You can also set your Cookie preferences in “Cookie Management” at the bottom of this page.
III. How we have third parties to process, and how we share, transfer, and publicly disclose, your personal information
(A) Entrusted processing
Your personal information may be processed by our affiliates and third-party service providers who provide products and/or services to us and our business partners on our behalf. For example:
- It may be disclosed to professional advisors (including auditors) or insurers for risk diversification and assessment purposes;
- It may be disclosed to third-party service providers, agents or independent contracted employees who provide services in support of our business;
- It may be disclosed to our other suppliers, service providers and other partners.
List of affiliated companies, third-party service providers, and partner representatives entrusted with, or providing products and/or services to, our company:
| Recipient Type | Recipient List | Purpose |
| Affiliated companies | Standard Chartered Global Business Services Limited / Standard Chartered Global Business Services (Guangzhou) Co., Ltd.
(4009-220-808) |
Support services and Bank back-office operational services |
| Third-party service providers | China UnionPay Data Services Co., Ld | Mobile phone real-name verification |
| Partners of third-party service providers | Fujian Jitui Technology Co.,Ltd.
(0591-87311156) |
Mobile phone real-name verification |