I. In relation to customers: the purposes for which any personal data collected by the Bank about customers may comprise all or any one or more of the following:
1. processing applications from customers (including assessing the merits and/or suitability of the customers’ application(s)) for the establishment of Facilities, Products and Services;
2. operating, maintaining and providing Facilities, Products and Services to customers;
3. conducting credit checks on customers (whether in respect of an application for Facilities, Products and Services or during regular or special review);
4. creating and maintaining the Bank’s credit scoring models;
5. maintaining credit history of customers for present and future reference;
6. assisting other financial institutions to conduct credit checks and collect debts;
7. ensuring ongoing credit worthiness of customers;
8. designing banking, cards, financial, insurance, securities and investment services or related products for customers’ use;
9. marketing services, products and other subjects as set out in more detail in our “Notice to customers and other individuals relating to the Personal Data (Privacy) Ordinance and the Code of Practice on Customer Credit Data”
10. determining the amount of indebtedness owed to or by customers;
11. enforcement of customers’ obligations, including without limitation the collection of amounts outstanding from customers and those providing security for customers’ obligations;
12. meeting or complying with any obligations, requirements or arrangements for disclosing and using data that apply to the Bank or any other member of the Standard Chartered Group or that it is expected to comply according to:
a. any law or regulation binding on or applying to it within or outside the Hong Kong existing currently and in the future;
b. any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside Hong Kong existing currently and in the future;
c. any present or future contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers that is assumed by or imposed on the Bank or any member of the Standard Chartered Group by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;
13. meeting or complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information within the Standard Chartered Group and/or any other use of data and information in accordance with any group-wide programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;
14. enabling an actual or potential assignee of all or any part of the business and/or asset of the Bank or participant or sub-participant of the Bank’srights in respect of the customers, to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation, and/or
15. any other purposes relating to the purposes listed above.
II. In relation to employees: the purposes for which any personal data collected by the Bank about employees may comprise any or all of the following:-
1. processing employment application;
2. apprising employees’ job performance and making decisions about employees’ promotion, training, transfer, redeployment or career development;
3. determining, calculating and reviewing employees’ salary, bonuses and any other staff benefits including pension entitlements;
4. processing payment of employees’ salary, other authorised expenses or benefits to employees’ account or by any other means;
5. taking appropriate action in event of emergencies;
6. complying with any statutory requests received from relevant public authorities/agencies;
7. any purpose required by law or regulation;
8. disciplinary purposes arising from employees’ conduct or employees’ ability to perform their job requirements;
9. providing references/reports to potential employers, financial institutions, legal representatives, and other appropriate bodies;
10. planning succession and talent management initiatives;
11. monitoring compliance with regulatory requirements and the Standard Chartered Group’s internal policy requirements;
12. enabling the Standard Chartered Group to make decisions and/or policies concerning its employees generally;
13. enabling auditors to conduct regular reviews of the Standard Chartered Group’s business and operations;
14. supporting any business, technical, administrative or security function required by the Standard Chartered Group‘s operations, including, but not limited to: communication and processing systems; accident/ sickness insurance; security of staff, systems and premises (CCTV; card entry systems; IT security systems); telephone recording; contingency planning; systems development and testing; monitoring internet and telephone usage; business and financial, monitoring planning and decision making.