Privacy Statement for all parties to a Retail Banking and/or Private Banking account
This Privacy Statement relates to the collection, use and disclosure of personal data, including special or sensitive personal data, by any member of the Standard Chartered Group (“SCB”, “we” or “our”). Personal Data is information relating to an individual (“you” or “your”).
The data controller of your personal data is the SCB entity you have or may have a relationship with or with whom an account is maintained that you are a security provider for. Our Head Office functions may also be the controller of your Personal Data. A list of SCB entities can be found here.
Personal data comprises all the details SCB holds or collects about you, directly or indirectly, your transactions, transactions you effect, financial information, interactions and dealings with SCB, including information received from third parties, the public domain, collected through use of our website, cookies, and our electronic banking services.
If you have or are party to more than one account with SCB, including to a Corporate and Institutional Banking relationship, we will link all your accounts and personal data to enable us to have an overall picture of your relationship with us.
If you do not provide us with personal data we need to meet our legal and regulatory obligations or to enter into an agreement with you we may not be able to provide you with the products or services you have requested.
Purposes for which we may process your Personal Data
To enable us to fulfil the contract between us for the products or services you have requested, we need to process your personal data for purposes including the following:
- processing applications for products and services, effecting payments, transactions and completing instructions or requests;
- providing products and services (including electronic banking services);
- assessing suitability for products and services;
- credit assessment, including conducting credit checks and setting credit limits;
- operational purposes;
- statistical purposes;
- establishment, continuation and management of banking relationships and accounts;
- surveillance of premises and ATMs.
For some purposes in connection with the service you have requested, we have a legal or regulatory obligation to process your Personal Data. These purposes include:
- the prevention, detection, investigation and prosecution of crime in any jurisdiction (including, without limitation, money laundering, terrorism, fraud and other financial crime);
- identity verification, government sanctions screening and due diligence checks;
- to comply with local or foreign law, regulations, directives, judgments or court orders, government sanctions or embargoes, reporting requirements under financial transactions legislation, and demands of any authority, regulator, tribunal, enforcement agency, or exchange body.
We may also process your Personal Data in line with any voluntary codes; to effect agreements between any member of the Standard Chartered Group and any authority, regulator, or enforcement agency; to comply with policies (including the Standard Chartered Group’s policies) and good practice standards where it is in our legitimate interest to do so.
We may also process your Personal Data where it is in our legitimate interests to seek professional advice, including, in connection with any legal proceedings (including any prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights.
To whom we may disclose Personal Data
Any member of SCB, including our officers, employees, agents and advisers, may disclose your Personal Data to any of the following parties for any of the purposes specified above:
- any member of the Standard Chartered Group anywhere in the world, including any officer, employee, agent or director;
- professional advisers (including auditors), third party service providers, agents or independent contractors providing services to support SCB’s business;
- our business alliance partners who may provide their product or service to you;
- a merchant or a member of a card association where the disclosure is in connection with use of a card;
- upon your death or mental incapacity, your legal representative and their legal advisers, and a member of your immediate family for the purpose of allowing him/her to make payment on your account;
- any security provider or any person authorised to operate your account and to act on your behalf in giving instructions, to perform any other acts under our banking agreement or use any product;
- any person to whom disclosure is allowed or required by local or foreign law, regulation or any other applicable instrument;
- any court, tribunal, regulator, enforcement agency, exchange body, tax authority, or any other authority (including any authority investigating an offence) or their agents;
- any debt collection agency, credit bureau or credit reference agency, rating agency correspondents, insurer or insurance broker, direct or indirect provider of credit protection and fraud prevention agencies;
- any financial institution to conduct credit checks, anti-money laundering related checks, for fraud prevention and detection of crime purposes;
- anyone we consider necessary to facilitate requests for services or applications for products with any member of the Standard Chartered Group;
- anyone we consider necessary in order to provide services in connection with a product;
- any actual or potential participant or sub-participant in relation to any of our obligations in respect of any banking agreement, assignee, novatee or transferee (or any officer, employee, agent or adviser of any of them); located in any jurisdiction.
Personal Data may be transferred to, or stored at, a location outside of your country of residence, which may not have data protection law. The security of your personal data is important to us. SCB has technical and organisational security measures in place to safeguard your personal data. When using external service providers, we require that they adhere to security standards mandated by SCB. We may do this through contractual provisions, including any required by a privacy regulator, and oversight of the service provider. Regardless of where personal data is transferred, we take all steps reasonably necessary to ensure that personal data is kept securely.
You should be aware that the Internet is not a secure form of communication and sending us any personal data over the Internet carries with it risks including the risk of access and interference by unauthorised third parties. Information passing over the Internet may be transmitted internationally (even when sender and recipient are located in the same country) via countries with weaker privacy and data protection laws than in your country of residence.
Other Terms and Conditions
There may be specific terms and conditions in our banking and product agreements that govern the collection, use and disclosure of your personal data. Such other terms and conditions must be read in conjunction with this Privacy Statement.
We retain your personal data in line with our legal and regulatory obligations and for business and operational purposes. In the majority of cases this will be for seven years from the end of your relationship with us.
Automated decisions and profiling
We may use profiling, including behavioural analysis, to assist us to provide you with better services, to make decisions and to prevent money laundering, terrorism, fraud and other financial crime, for example using profiling may help us to try and detect whether use of your credit card may be fraudulent. If any profiling will result in an automated decision relating to you, we will let you know and you will have the right to discuss the decision with us.
We may use your Personal Data:
- to conduct market research and surveys with the aim of improving our products and services;
- for marketing purposes, promotional events, competitions and lucky draws
We process your Personal Data for these purposes because it is in the interest of our business to do so with the intention of improving our products and services and generating business. We will not send you marketing material if you have specifically asked us not to do so. You have the right to opt out of receiving marketing material at any time. To do so please contact your branch or relationship manager.
If you change your mind and ask us not to send you marketing material or other promotional or research material you have subscribed to receive, we may need to retain a record that you have asked us not to do so to ensure that you do not receive anything further.
To the extent permitted by law, we may record and monitor your electronic communications with us to ensure compliance with our legal and regulatory obligations and internal policies for the purposes outlined above.
To request a copy of the personal data processed in relation to you. SCB may be allowed by law to charge a fee for this.
To request that we correct your personal data. You can do this at your branch or through your relationship manager.
To ask us to delete your personal data, for example if we no longer have a valid reason to process it.
To object to how we process your personal data. This does not mean you can decide or choose how we process your personal data other than in relation to marketing. If you have any concerns about how we process your personal data, please discuss this at your branch or with your Relationship Manager. We may not be able to offer you services if you do not want us to process the personal data we consider it necessary to process to provide the services.
To restrict how your personal data is processed in certain cases, such as when the accuracy of your Personal Data is contested. If you have any concerns about how we process your Personal Data, please discuss this at your branch or with your Relationship Manager.
To request a copy of the personal data you have given to us in a machine readable format
The Global Head of Privacy can be contacted at:
Standard Chartered Bank
1 Basinghall Avenue
If you have a complaint in relation to the processing of your Personal Data and you are not happy with the way we deal with it, please discuss this at your branch or with your Relationship Manager, or contact the Global Head of Privacy.
You also have the right to complain to the data protection authority, if one exists, in the country where you have a relationship with the Bank, or if your relationship is with SCB outside of the European Union but you are located there, the UK Information Commissioner. Details can be provided by emailing firstname.lastname@example.org
Applying to work for the Standard Chartered Group
Please see our separate Group Recruitment Privacy Statement.