In this policy, “we”, “us”, “our” or “DBS” means DBS Bank Ltd, POSB, DBS Nominees Private Limited and/or DBS Trustee Limited, “you”, “your” or “yours” means the persons to whom this policy applies and “DBS Group” means DBS Bank Ltd., its related corporations, affiliates and branches.
The security of your personal data is important to us. DBS has in place safeguards to protect the personal data stored with us. This policy describes how we may collect, use, disclose, process and manage your personal data.
This policy applies to any individual’s personal data which is in our possession or under our control.
In the event of any inconsistency between different versions of this policy, the English version shall prevail.
“Personal data” is data that can be used to identify a natural person. Some examples of personal data that we may collect are:
(a) personal particulars (e.g. name, contact details, residential address, date of birth, identity card/passport details, and/or education details);
(b) specimen signature(s);
(c) financial details (e.g. income, expenses, and/or credit history);
(d) images and voice recordings of our conversations with you;
(e) employment details (e.g. occupation, directorships and other positions held, employment history, salary, and/or benefits);
(f) tax and insurance information;
(g) information about your risk profile, investments, investment objectives, knowledge and experience and/or business interests and assets;
(h) banking information (e.g. account numbers and banking transactions);
(i) personal opinions made known to us (e.g. feedback or responses to surveys); and/or
(j) Information obtained from mobile device with your consent (e.g. device location and information).
We may use your personal data for our core business purposes, such as:
(a) developing and providing banking facilities, products or services (whether made available by us or through us), including but not limited to:
i. executing investments, banking, commercial or other transactions and clearing or reporting on these transactions;
ii. carrying out research, planning and statistical analysis; or
iii. analytics for the purposes of developing or improving our products, services, security, service quality, and advertising strategies;
(b) assessing and processing applications, instructions or requests from you or our customers;
(c) communicating with you, including providing you with updates on changes to products, services and banking facilities (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products, services and banking facilities and their terms and conditions;
(d) managing our infrastructure and business operations and complying with internal policies and procedures;
(e) responding to queries or feedback;
(f) addressing or investigating any complaints, claims or disputes;
(g) verifying your identity for the purposes of providing banking facilities, products or services;
(h) conducting credit checks, screenings or due diligence checks as may be required under applicable law, regulation or directive;
(i) complying with all applicable laws, regulations, rules, directives, orders, instructions and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;
(j) monitoring products and services provided by or made available through us;
(k) complying with obligations and requirements imposed by us from time to time by any credit bureau or credit information sharing services of which we are a member or subscriber;
(l) creating and maintaining credit and risk related models;
(m) financial reporting, regulatory reporting, management reporting, risk management (including monitoring credit exposures), audit and record keeping purposes;
(n) enabling any actual or proposed assignee or transferee, participant or sub-participant of DBS’s rights or obligations to evaluate any proposed transaction;
(o) enforcing obligations owed to us; and/or
(p) seeking professional advice, including legal advice.
We may also use personal data for purposes set out in the terms and conditions that govern our relationship with you or our customer.
We may use your personal data to offer you products or services, including special offers, promotions, contests or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, facsimile and other mobile messaging services. In doing so, we will comply with the Personal Data Protection Act of Singapore (PDPA) and other applicable data protection and privacy laws, such as the European Union General Data Protection Regulation (GDPR).
In respect of sending telemarketing messages to your Singapore telephone number via short message service, telephone calls, facsimile and other mobile messaging services, please be assured that we shall only do so if we have your clear and unambiguous consent in writing or other recorded form to do so or if you have not otherwise made the appropriate registration of that number with the Do Not Call Registry. If we have an ongoing relationship with you and you have not indicated to us that you do not wish to receive telemarketing messages sent to your Singapore telephone number, we may send you telemarketing messages to that number related to the subject of our ongoing relationship via short message service, facsimile and other mobile messaging services (other than a voice or video call).
You may at any time request that we stop contacting you for marketing purposes via selected or all modes.
To find out more on how you can change the way we use your personal data for marketing purposes, please contact us (please see the “How to contact us” section below).
Nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.
We may from time to time and in compliance with all applicable laws on data privacy, disclose your personal data to any personnel of DBS Group or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your personal data to such parties, we require them to ensure that any personal data disclosed to them are kept confidential and secure.
For more information about the third parties with whom we share your personal data, you may, where appropriate, wish to refer to the agreement(s) and/or terms and conditions that govern our relationship with you or our customer. You may also contact us for more information (please see the “How to contact us” section below).
We wish to emphasise that DBS does not sell personal data to any third parties and we shall remain fully compliant of any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or terms and conditions that govern our relationship with you or our customer or any applicable law.
We may transfer, store, process and/or deal with your personal data outside Singapore. In doing so, we will comply with the PDPA and other applicable data protection and privacy laws, such as the GDPR.
A pixel tag, also known as a web beacon, is an invisible tag placed on certain pages of our web site but not on your computer. Pixel tags are usually used in conjunction with cookies and are used to monitor the behaviour of users visiting the web site.
You may set up your web browser to block cookies which will in turn disable the pixel tags from monitoring your web site visit. You may also remove cookies stored from your computer or mobile device. However, if you do block cookies and pixel tags, you may not be able to use certain features and functions of our web sites.
Your personal data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other legal or business purposes.
You may request access or make corrections to your personal data held by DBS. DBS may charge a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. Information on the processing fee will be made available to you.
The GDPR also provides relevant individuals with additional rights including the right to obtain information on how DBS process your personal data, receive certain information provided in an electronic format and/or request that these be transmitted to a third party, request for your information to be erased, object or restrict the use or processing of your information in some circumstances. These will be subject to ongoing obligations imposed on the Bank pursuant to any applicable law or regulation, and/or the bank’s legitimate reason or entitlement to continue processing your information, and/or to refuse that request.
Please contact us (please see the “How to contact us” section below) for details on how you may request access or correction to, or exercise your rights with respect to the processing of your personal data.
To contact us on any aspect of this policy or your personal data or to provide any feedback that you may have, please visit any of our branches or get in touch with our customer centre officer in the following ways:
If you are our personal banking customer or a non-customer, you may contact our customer centre officer at our 24 hour hotline at (65) 6327 2265 or email us at email@example.com.
If you are our business banking customer, you may contact our customer centre officer at our 24 hour hotline at (65) 6222 2200 or email us at firstname.lastname@example.org.
We may amend this policy from time to time to ensure that this policy is consistent with any developments to the way DBS uses your personal data or any changes to the laws and regulations applicable to DBS. We will make available the updated policy on our web site (www.dbs.com/privacy) and at our branches in Singapore. All communications, transactions and dealings with us shall be subject to the latest version of this policy in force at the time.