You're about to leave our website

This hyperlink will bring to you to another website on the Internet, which is published and operated by a third party which is not owned, controlled or affiliated with or in any way related to Standard Chartered Bank (China) Limited or any member of Standard Chartered Group (the "Bank").

The hyperlink is provided for your convenience and presented for information purposes only. The provision of the hyperlink does not constitute endorsement, recommendation, approval, warranty or representation, express or implied, by the Bank of any third party or the hypertext link, product, service or information contained or available therein.

The Bank does not have any control (editorial or otherwise) over the linked third-party website and is not in any way responsible for the contents available therein. You use or follow this link at your own risk. To the extent permissible by law, the Bank shall not be responsible for any damage or losses incurred or suffered by you arising out of or in connection with your use of the link.

Please be mindful that when you click on the link and open a new window in your browser, you will be subject to the terms of use and privacy policies of the third-party website that you are going to visit.


Proceed to third party website

Standard Chartered Bank (China) Limited Corporate Mobile Banking Privacy Policy

Standard Chartered Bank (China) Limited (“we”, “us” or “SCB China”) is fully aware of the importance of personal information to you as corporate user of e-banking services (“Corporate User” or “you”) and strives at all times to respect and protect personal privacy entailed in the corporate e-banking services. We therefore formulate this Mobile Banking Privacy Policy (this “Policy”) to better explain how we collect, store, protect, use and disclose personal information in offering corporate mobile banking business and to help you understand the rights you have.

This Policy applies only to the “Straight2Bank NextGen” mobile application (the “App”) offered by us. When the Corporate Users are using the services within the App including but not limited to viewing your bank account balance, authorising transactions payments and fund transfers and trading in foreign exchange, these activities need be performed by natural persons such as your employees as your representatives and tackling with specific businesses on your authorization, hence, Corporate Users can also possibly relate to and leave with us personal information in the process of entering into corporate e-banking business. We will collect, store, use and disclose these said personal information (including sensitive personal information) in accordance with this Policy. This Policy is closely related to Corporate Users’ use of our services through the App. We advise you to carefully read and understand this Policy in full. Please do not use the App if you do not understand or accept this Policy in full.

Privacy Policy Release Date: 2021/5/31
Privacy Policy Effective Date: 2021/6/1

This Policy will help you to understand:
I. How we collect and use personal information
II. Cookies and similar technologies
III. How we share, transfer and publicly disclose personal information
IV. Exceptions to obtaining consent
V. How we protect personal information
VI. How Corporate Users could manage personal information
VII. How we update this Policy
VIII. How to contact us

I. How we collect and use personal information
Personal information refers to any kind of information whether recorded in an electronic or other form that can be used alone or in combination with other information to identify, or reflect the activities of, a specific natural person.

(A) How we collect personal information
When the Corporate Users use the App, we will collect the information that you voluntarily provide in the process of using our services or that derives from your use of our services on a lawful, just and need-to basis if by doing so it allows us to provide you with the products and services in accordance with applicable laws and regulations, to improve the quality of our services, to maintain the safety of your accounts and funds, and to fulfil our legal obligations. We will collect your information under the following circumstances:
1. App registration and user authentication
On first launch of the App, we will collect your Straight2Bank Group ID and User ID/Email for registration, and verify Corporate Users’ identity with one of these methods:
(1)A one-time activation code that was sent to your registered email,and the memorable date (date of birth) that you indicated during Straigh2Bank web onboarding(Apply to new onboarded Straigh2Bank web users);
(2)A one-time activation code that was sent to your registered email,and the SMS OTP that was sent to your registered mobile number during Straigh2Bank web onboarding(Apply to new onboarded Straigh2Bank web users);
(3)OTP generated by the physical token that we offered to you(Apply to existing Straigh2Bank web users with physical token for login);
(4)Password(Apply to existing Straigh2Bank web users with password for login).
Post successful validation of user identity, you will be asked to create a PIN to secure your mobile account, and set up security questions and answer to enable future PIN reset.
2. In the process of Corporate Users’ usage use of the App, we will collect the following information of yours on a lawful, just, and need-to basis to the extent necessary for us to provide you with the relevant services through our mobile banking. Please note that if you do not provide the information below, you would not be able to access and use the relevant services within the App.
(1) You are required to provide your Straight2Bank Group ID and User ID/Email to log in to the App. We may verify your identity, you may use the PIN you set when you first registered the App.
(2) When you use the basic mobile banking functions in the App, you are required to provide the following information, which mainly includes:
• Using the App for funds transfer authorization: we may verify your identity, you may choose to use the combination of your PIN and SMS OTP.
• Using the foreign exchange trading platform and the foreign currency conversion channels in the App: Corporate Users’ transaction details (including the basic information of foreign exchange trading/settlement such as transaction account, transaction amount, time and purpose of use of the foreign currency);
• Other information you are required to provide in using the abovementioned functions by applicable laws, regulations and regulatory requirements as amended from time to time.
(3) In order to ensure the safe and normal operation of the App, prevent exposure to transactional and fund risks, and protect the safety of your account, we need to record the model, operation system, unique equipment identifier, mobile app version number and other basic information of the devise you use.
(4) In the event that you provide any feedback, lodge a complaint through the App, we need to collect the information you submit in such process and the information relating to your operation so as to contact you or provide follow-up responses and services.
(5) When you use the functions and services of the App, under certain circumstances, we may need to use the software service toolkit or code (“SDK”) provided by a qualified third-party service provider in order to provide the service for you, where the third-party service provider will collect the necessary information about you, including:
• TMX SDK: We use TMX SDK to capture the specified values to detect fraud to secure and mitigate the transactions. TMX SDK requires access to your user ID, Group ID, IMEI (international mobile equipment identity) information and login session detail to identify the high-risk scorer and notify the Fraud handling team.

If you do not agree the said third-party service providers to collect the information they require, it would affect the App usage.

Please note that this section is intended for Corporate Users to have a full picture understanding of what information will be collected by us in the course of business, and this does not mean that all Corporate User’s information collected by us constitutes personal information; only the information that meets the definition of personal information is personal information.

Please further understand that the services we provide to you are updating and developing constantly. If you choose to use any services not specified hereinabove, we may need to collect your extra information in light of your usage use of such services, and if personal information is involved, we will send you separate notices of the scope and purpose of, and obtain your consent to, such collection by means of pop-up message, webpage prompt, interactive process, agreement or an update of this Policy. We will use, store, disclose and protect your personal information in accordance with this Policy and the applicable user agreement. Should you choose not to provide any of these information required separately, you may be refused certain newly added APP services or parts of them, but your usage of the original services provided by us would not be affected.

(B) How we use personal information
We will use your information (regardless of whether it is personal information) to abide by applicable laws, regulations and regulatory requirements, to provide services for you and improve the quality of the services provided for you, and to guarantee the security of your accounts and funds. In particular:
1. We will use your information that we collect to make available our services or functions to you in accordance with the provisions of this Policy;
2. To ensure the stability and security of our services, your information may be used for verifying identity, safeguarding, monitoring fraud, preventing or prohibiting illegal activities, minimizing risks or for archival and backup purposes;
3. To invite you to take part in customer surveys on our services, products or functions;
4. To report to the relevant authorities in accordance with applicable laws, regulations or regulatory requirements;
5. In order to provide you with more accurate, personalized, smooth and easy-to-access services, or to seek for your help with evaluating, improving or designing our products, services and operational activities, we may use technical means to de-identify or desensitize your information and aggregate them for analysis and processing.
Please specially note that such de-identified information can no longer be used to identify the personal information subjects and therefore is not personal information, which may be used by us directly as permitted by law. We also have the right to employ the results of analysis of our user database in commercial use as such results cannot be used to identify the personal information subjects either. When we aggregate data on the use of the App services or functions, as such data do not contain any of your identifiable information, we may share these data with the public or third parties to demonstrate the overall usage of the services or functions within the App.
We will ask for your prior consent if we need to use your information for any other purpose.
In rendering our services, we may ask the personal users of corporate e-banking designated by you for certain personal access permissions on their devices to guarantee your normal use of our services, and safeguard the security of your account, including:
1. Camera: to help you scan the QR code for Straigh2Bank web login and/or online transaction authorization.
2. Telephone: to directly call SCB hotline.
3. Storage: to read, modify or delete the contents (Straight2Bank Group ID and User ID/Email) to log in to the App.
Please note that by turning on these permissions, it means you grant us the right to collect and use the aforementioned information to enable the above functions. You can also turn off part or all of these permissions at any time in the settings on the mobile devices. (The display and turn-off of such permissions may vary on different mobile devices. Please refer to the instructions or guidelines from the developer of the device or system for details.) If you turn off these permissions, we will no longer collect the relevant information from you but at the same time we will no more and not be able to provide you with the function that requires such permission.

II. Cookies and similar technologies
To ensure normal and safe operation of the App, when you use the services provided in the App, we may use Cookies to store the information required for security authentication or to help assess the security status of your account. Cookies will be used to store the information such as tokens which require for authentication & session management. Cookies store anonymous statistics only and do not touch on name, address, telephone, email address and other personal contact information. You may choose to erase all Cookies stored on the mobile device at any time.

III. How we share, transfer, and publicly disclose personal information
(A) Sharing
We will not share your information (whether which is personal information) with any company, organization or individual other than SCB Group (meaning Standard Chartered Bank PLC, us and any subsidiaries, affiliates, branches and offices of the fore-said), except in the following circumstances:
1. Sharing with explicit consent: we will share your information with others upon obtaining your explicit consent or in accordance with the agreement made with you;
2. We may disclose your information as required under applicable laws and regulations or in accordance with the mandatory requirements of relevant government authorities, courts, regulators, tax authorities, or any other authorities (including any authority that investigates criminal activities);
3. Disclosure to professional advisors (including auditors) or insurers for risk diversification and assessment purposes;
4. Disclosure to third-party service providers, agents or independent contracted employees who provide services in support of our business;
5. Sharing with authorized partners: In order to fulfil the agreement with you, certain services of our bank will be provided by authorized partners, or your information must be provided to our partners in order to achieve your transaction purposes. In this regard, our bank will only share your information for legal, legitimate, necessary, specific and clear purposes, and will only share information necessary to provide services, and require our partners not to use the shared information for any other purpose. Our authorized partners mainly include the following:

Our supplies, service providers and other partners. We will need to disclose your login, account or transaction details (including company name, geographical location, payer’s name, payee’s name, payer’s account number, name of the paying bank, banking office of the paying bank, payee’s account number, name of the receiving bank, banking office of the receiving bank, method of transfer, amount transferred, time of transfer, agreed frequency of transfer, transaction notes, status, date and time of the transaction) to the supplies, service providers and other partners who support our business by, for example, providing technical infrastructure services, providing customer services.

If to share any personal information, we will sign strict non-disclosure agreements with the companies, organizations and individuals whom we will share personal information with and require them to deal with personal information in compliance with our instructions, this Policy and any other relevant confidentiality and security measures.
(B) Transfer
We will not transfer your personal information to any companies, organizations or individuals, except:
1. We may transfer your personal information to others after obtaining your explicit consent;
2. In the case of mergers, acquisitions, bankruptcy, liquidation, transfer of assets or other similar transactions where transfer of personal information is required, we will request the succeeding company or organization holding your personal information to be bound by this Policy; otherwise, we will require such company or organization to seek separate consent from you.
(B) Public Disclosure
We will only disclose your personal information to the public in the following circumstances:
1. After obtaining your explicit consent;
2. Disclosure according to law: we may disclose your personal information to the public if so required mandatorily by law, legal proceedings, litigations or governmental authorities.

IV. Exceptions to obtaining consent
According to the relevant laws and regulations, regulatory requirements and national standards, we may collect, use or disclose your personal information without otherwise obtaining your authorization and consent under the following circumstances:
1. Where it directly relates to national security and national defence security;
2. Where it directly relates to public security, public health or major public interest;
3. Where it directly relates to criminal investigations, prosecutions, trials or execution of rulings, etc.;
4. Where it’s required to protect your or others’ life, property or other material legitimate rights and interests while it is difficult to obtain your consent;
5. Where the personal information collected is made available to the public by yourself;
6. Where the personal information is collected from legitimate public sources such as legitimate news reports, disclosure by government, etc.;
7. Where it is necessary to enter into and perform a contract at your request;
8. Where it is necessary to maintain the safe and stable operation of the products or services provided, such as discovering and disposing of failures in products or services;
9. Where it is necessary to aggregate data or conduct academic research for the public interest, and when the results of such academic research or description are disclosed, the personal information contained in the results is de-identified; and
10. Other circumstances provided for under laws, regulations and regulatory requirements.

V. How we protect your information
(A) No personal information will be captured or stored in the mobile application. Information relevant to mobile app will be stored in a secure storage within the sandbox of the app and wrapped with RASP binding provided by VASCO to secure the app from any form of intrusion. All the data over the network will be secure and protected by SSL encryption. And also Scanning of the source and AVT (Application Vulnerable Testing) will be conducted periodically for every release to make the sure application is safe and protected.
(B) We will take all reasonably practical measures to ensure that no irrelevant personal information is collected. We will only store and retain your personal information for a period as minimum as necessary to fulfil the purposes stated in this Policy.
(C) The Internet is not an absolutely safe place. E-mails, instant messages, and communications with other App users are not encrypted; therefore, we strongly recommend that you do not send any personal information through these ways. Please use complex passwords to keep your account safe.
(D) AVT (Application Vulnerable Testing) will conducted periodically on every release of the application to make sure all the possible threats are addressed and application is safe and protected up to date.
(E) We will take every effort to guarantee the security of the information you send us. If unfortunately your information suffers from unauthorised access, public disclosure, erasure or damage as a result of any damage to our physical, technical or management protection facilities, we will, in accordance with the requirements of laws and regulations, promptly inform you of the basic information of the incident and its possible impact, the actions and measures we have taken or will take, suggestions on what you can do to prevent and mitigate risks, and remedial measures to be taken for you, etc. We will promptly inform you about the incident by email, SMS, letter, call or other means, or if it is just not feasible to inform each and every party, we will give a public notice in a reasonable and effective way.
Meanwhile, we will report the handling of such personal information security incident on our initiative in accordance with the requirements of regulatory authorities.

VI. How you could manage personal information
You need to convey and inform all relevant contents of this “Standard Chartered Bank (China) Limited Corporate Mobile Banking Privacy Policy” concerning the collection, use, disclosure, sharing, transfer, rights protection, etc. of personal information to the natural persons acting on your behalf. Meanwhile, in accordance with the relevant laws, regulations and standards of the People’s Republic of China as well as the common practices in other countries and regions, we guarantee that you may exercise the following rights in relation to personal information:

(A) Access and correct personal information
You may view or update personal information by contacting our customer service team unless otherwise provided by laws, regulations or regulatory policies.
You have the right and obligation to update personal information in a timely manner to ensure that such information is accurate. To protect the safety of your account, you may need to access and correct certain personal information by contacting our customer service team.

(B) Delete personal information
If you find that our collection or use of your information including personal information is in violation of laws and regulations or the agreement between you and us, you may request us to delete information in accordance with the law.
When you delete information from our App, deletion of information will be deleted permanently from the mobile immediately and there will be no backup. No change from the banking systems services.
Please note that uninstalling the App will remove all the relevant data stored in the mobile. No change from the banking systems services.

(C) Change the scope of your authorization and consent
You may change the scope of your authorization for us to collect your information or withdraw your consent by turning off certain functions on your device. However, please note that, your decision to withdraw your consent will not affect any collection of information based on your consent prior to such withdrawal.

(D) Cancel your account
Since your Straight2Bank Group ID and user ID with the App is the same as your Straight2Bank Web Group ID and user ID, if you wish to cancel your App Group ID and/or user ID, you may do so by contacting our customer service team. Please follow the instructions to complete the verification of your identity and submit a manual application for cancelling your Straight2Bank Group ID and user ID. We will verify and process your application within 15 working days after receiving it.
After you meet all the conditions for cancellation according to law and your Straight2Bank Web Group ID and User IDs are cancelled, you will no longer have access to tStraight2Bank Web and the App. Unless otherwise provided in laws, regulations, regulatory requirements or special agreements or for the purpose of settling certain specific debtor-creditor relationships, the information relating to your App account will also be deleted. We will no longer collect or use the personal information relating to such account through SCB online banking or the App. In addition, we still need to retain the information provided by you or generated during the term of your use of the App service for a period of time as required by regulatory authorities (no less than 5 years after you cancel your App account) and we will cooperate with inquiries or other requirements of relevant authorities in accordance with law during such retention period.

(E) Response to your requests above
For your security, you may need to submit a written request or identify yourself through other ways. We may ask you to verify your identity before processing your request. Unless otherwise specifically provided in laws and regulations, we will, in principle, review and process your requests for correcting your personal information, deleting or cancelling your Straight2Bank Group ID and User ID submitted in accordance with the procedures described in this Policy within 15 working days:
According to the requirements of applicable laws and regulations, we will not be able to respond to your request under any of the following circumstances:
1. Where it directly relates to national security and national defence security;
2. Where it directly relates to public security, public health or major public interest;
3. Where it directly relates to criminal investigations, prosecutions, trials or execution of rulings, etc.;
4. Where there is sufficient evidence showing that you are intentionally malicious or abuse your rights;
5. Where responding to your request will cause serious damage to the legitimate rights and interests of yours or of other individuals or organizations; or
6. Where the request involves any trade secret.

VIII. How we update this Policy
Our Privacy Policy may be updated from time to time. Once it is updated, we will notify you about the latest version of our Privacy Policy through pop-ups within the App.
We will not reduce your rights under this Policy without your explicit consent. You can read the Standard Chartered Bank (China) Limited Mobile Banking Privacy Policy as updated from time to time by visiting “Privacy Policy” within the App. If you do not agree with any or all of the terms of this Policy, please stop using the App.

IX. How to contact us
If you have any question, comment or suggestion about the App, especially those regarding personal information or this Policy, please contact us through the means set forth below and we will in principle respond within 15 working days of receiving your question, comment or suggestion:

Company Name: Standard Chartered Bank (China) Limited
Address: 201 Century Avenue, Pudong New Area, Shanghai, China
Customer Services:
 CORPORATE & INSTITUTIONAL CLIENTS AND COMMERCIAL CLIENTS
Hotline (within China) :800 999 0213
Hotline (overseas / mobile phone) :+86 755 2215 0988
Email:Straight2bank.cn@sc.com
 BUSINESS CLIENTS (FOR STRAIGHT2BANK RELATED INQUIRIES ONLY)
Hotline (within China) :800 988 0018
Hotline (overseas / mobile phone) :+86 400 888 8393
Email:CNSME-Customer.Service@sc.com
 FINANCIAL MARKETS CLIENTS
Hotline:+852 3013 4426
Email:eClientServices@sc.com

If you are not satisfied with our reply, and in particular consider that our processing of personal information has caused harm to your legitimate rights and interests, you may also resort to a people’s court of competent jurisdiction where we are located in accordance with the laws of the People’s Republic of China or seek solutions through other means as provided in applicable laws and regulations.