Last updated: 24 April 2023
Your Privacy is Important to Us
In this policy, “we”, “us”, “our” or “DBS” means DBS Bank Ltd, POSB, DBS Nominees Private Limited and/or DBS Trustee Limited, “you”, “your” or “yours” means the persons to whom this policy applies and “DBS Group” means DBS Bank Ltd., its related corporations, affiliates and branches.
The security of your personal data is important to us. DBS has in place safeguards to protect the personal data stored with us. This policy describes how we may collect, use, disclose, process and manage your personal data.
This policy applies to any individual’s personal data which is in our possession or under our control.
In the event of any inconsistency between different versions of this policy, the English version shall prevail.
What Personal Data We Collect
We define “Personal data” as data that can be used to uniquely identify a natural person. Personal data can be collected from various sources and processed by us. Some examples of data which, on its own or jointly, can be used to identify a natural person are:
- personal particulars (e.g. name, contact details, residential address, date of birth, identity card/passport details, and/or education details);
- specimen signature(s);
- financial details (e.g. income, expenses, and/or credit history);
- images and biometrics such as thumbprints, voice and video recordings of you, including our conversations with you for verification or other purposes;
- employment details (e.g. occupation, directorships and other positions held, employment history, salary, and/or benefits);
- tax and insurance information;
- information about your risk profile, investments, investment objectives, knowledge and experience and/or business interests and assets;
- banking information (e.g. account numbers and banking transactions);
- your personal opinions made known to us e.g. through feedback or surveys;
- information relating to your activities, habits, preferences and interests arising from your use of products and services of DBS Group, our partners or vendors; and/or
- other electronic data or information relating to you such as IP addresses, cookies, activity logs, online identifiers and location data through your usage of our products and services or as part of their delivery to you.
How We Use Your Personal Data
We may use your personal data for our business purposes, such as:
- developing and providing banking facilities, products or services (whether made available by us or through us), including but not limited to:
- executing investments, banking, commercial or other transactions and requests, including processing, settlement, clearing or reporting on these transactions;
- carrying out research, planning and statistical analysis and conducting surveys; or
- analytics for the purposes of developing or improving our products, services, security, service quality, advertising or customisation strategies;
- assessing and processing applications, instructions or requests from you;
- communicating with you, including providing you with updates on changes to products, services and banking facilities (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products, services and banking facilities and their terms and conditions and collecting your opinions through surveys;
- managing our infrastructure, business operations and complying with internal policies and procedures;
- responding to queries or feedback;
- addressing or investigating any complaints, claims or disputes;
- verifying your identity for the purposes of providing banking facilities, products or services and allowing access to our premises;
- conducting credit checks, screenings or due diligence checks as may be required under applicable law, regulation or directive;
- complying with all applicable laws, regulations, rules, directives, orders, instructions, guidance and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;
- monitoring products and services provided by or made available through us;
- complying with obligations and requirements imposed by us from time to time by any credit bureau or credit information sharing services of which we are a member or subscriber;
- creating and maintaining credit and risk related models;
- financial reporting, regulatory reporting, management reporting, risk management (including monitoring credit exposures), audit and record keeping purposes;
- enabling any actual or proposed assignee or transferee, participant or sub-participant of DBS’s rights or obligations to evaluate any proposed transaction;
- enforcing obligations owed to us;
- in connection with performance of our duties and obligations when seeking consultancy or professional advice, including legal advice; and/or
- administering benefits or entitlements in connection with our banking relationship with you or arising from your participation in events, campaigns, or marketing promotions by us or in conjunction with our partners. This will include the administration of loyalty, rewards programmes, lucky draws, and/or sending gifts and awards.
In addition to the above purposes, we may also use personal data for purposes set out in the terms and conditions that govern our relationship with you.
Use of Personal Data for Marketing Purposes
We may use your personal data to recommend you products or services, including special offers, promotions, contests or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, facsimile and other mobile messaging services. In doing so, we will comply with the Personal Data Protection Act of Singapore (PDPA) and other applicable data protection and privacy laws, such as the European Union General Data Protection Regulation (GDPR).
In respect of sending telemarketing messages to your Singapore telephone number via short message service, telephone calls (voice or video), facsimile and other mobile messaging services, please be assured that we shall only do so if:
- you have provided your clear and unambiguous consent in writing or other recorded form for us to do so;
- you have not indicated to us in our ongoing relationship that you do not wish to receive telemarketing messages sent to your Singapore telephone number and you have not registered that number with the National Do Not Call Registry.
To find out more on how you can change the way we use your personal data for marketing purposes, please contact us (please see the “Contact us” section below).
At the same time, we may continue to send you messages as part of our ongoing relationship with you and nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.
Disclosure and Sharing of Personal Data
We may from time to time and in compliance with all applicable laws on data privacy, disclose your personal data to any personnel of DBS Group or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your personal data to such parties, we require them to ensure that any personal data disclosed to them are kept confidential and secure.
An example of such sharing would be for the purposes of providing or offering products or services that might be of interest to you based on your collected information or other data relating to your interactions with DBS Group, our partners or vendors.
For more information about the third parties with whom we share your personal data, you may, where appropriate, wish to refer to the agreement(s) and/or terms and conditions that govern our relationship with you or as our customer. You may also contact us for more information (please see the “Contact us” section below).
We wish to emphasise that DBS does not sell personal data to any third parties and we shall remain fully compliant of any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or terms and conditions that govern our relationship with you or our customer or any applicable law.
We may transfer, store, process and/or deal with your personal data outside Singapore. In doing so, we will comply with the PDPA and other applicable data protection and privacy laws, such as the GDPR.
Cookies and Related Technologies
A pixel tag, also known as a web beacon, is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags are usually used in conjunction with cookies and are used to monitor the behaviour of users visiting the website.
You have the choice to set up your web browser to block cookies which will in turn disable the pixel tags from monitoring your website visit. You may also remove cookies stored from your computer or mobile device. However, do note that when you enable blocking of cookies and pixel tags, it may limit certain features and functions in your use of our websites or applications.
Retention of Personal Data
Your personal data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other legal or business purposes.
Access and Correction
You may request access or make corrections to your personal data held by DBS. DBS may charge a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. Information on the processing fee will be made available to you. We may also take a reasonable period of at least 7 business days after receiving your correction request to process and update the change.
There are also other data protection and privacy laws that provides relevant individuals with additional rights including the right to obtain information on how DBS processes your personal data, receive certain information provided in an electronic format and/or request that these be transmitted to a third party, withdraw consent to the processing of your personal data, request for your information to be erased, object or restrict the use or processing of your information in some circumstances e.g. GDPR. These will be subject to ongoing obligations imposed on the Bank pursuant to any applicable law or regulation, and/or the bank’s legitimate reason or entitlement to continue processing your information, and/or to refuse that request.
Where a request is made to withdraw consent, we will inform you of the likely consequences of withdrawing consent and the timeframe to effect the withdrawal. Such requests will be processed within a reasonable timeframe, taking ten business days or more depending on the complexity of the request. In some cases, not providing the personal data, or withdrawing consent to the use, processing, or disclosure of the personal data, may adversely affect DBS’ ability to continue our banking relationship with you.
Please contact us (please see the “Contact us” section below) for details on how you may request access, correct or exercise your rights with respect to the processing of your personal data.
To contact us on any aspect of this policy or your personal data or to provide any feedback that you may have, please visit any of our branches or get in touch with our customer centre officer in the following ways:
If you are our personal banking customer or a non-customer, you may contact our customer centre officer at our 24 hour hotline at (65) 6327 2265 or email us at email@example.com.
If you are our business banking customer, you may contact our customer centre officer at our 24 hour hotline at (65) 6222 2200 or email us at firstname.lastname@example.org.
In addition, should we be aware that your data has been compromised and is, or likely to result in significant harm to you, we will notify you and advise on the possible steps to protect yourself from further potential harm. Please be assured that you can always validate such notifications from us by contacting us at our 24 hour hotlines at (65) 6327 2265 (for personal banking customer) or (65) 6222 2200 (for business banking customer) or email us at email@example.com.
We may amend this policy from time to time to ensure that this policy is consistent with any developments to the way DBS uses your personal data or any changes to the laws and regulations applicable to DBS. We will make available the updated policy on our website (www.dbs.com/privacy) and at our branches in Singapore. All communications, transactions and dealings with us shall be subject to the latest version of this policy in force at the time.