- It is a legal requirement for Sumitomo Mitsui Banking Corporation Singapore Branch (the "Bank") to
comply with
the Personal Data Protection Act ("PDPA"). It is also the Bank's policy to comply with the PDPA.
- The Bank may, from time to time in the ordinary course of business and for compliance with legal and
regulatory requirements, collect, use, disclose, transfer and retain personal data (as defined in the
PDPA).
This may include personal data you provide to us, personal data from transactions performed by you or on
your
behalf or personal data from other entities or persons. Where you are an entity, it will also include
personal
data of your directors, partners, officers, employees and agents. If we do not receive this information,
we may
not be able to provide you with the products or services you have requested.
-
The purposes for which personal data may be collected, used, disclosed or retained include (but are not
limited to) the following:
- establishment, provision and conduct of day to day operation of services or facilities provided to
you,
including processing and other administrative functions related thereto in Singapore or elsewhere
- provision of research or industry reports, presentation materials and other information relating to
financial products and services or financial markets
- audit, risk management and compliance with laws and regulations, both locally and globally. This
includes
credit and exposure reviews, conducting or responding to credit/creditworthiness checks, conducting or
responding to conflict of interest checks, Know Your Customer and Anti Money Laundering/Combating of
Terror
Financing verification of identity and due diligence, prevention of fraud or other potential criminal
activity, assisting other organizations to do the above and/or providing credit references and/or
providing
reports and information to credit reporting agencies or credit bureaus
- arranging credit support or insurance coverage for financial products or services
- determining the amount of indebtedness owed to or by a customer
- designing and/or promoting and/or improving and/or monitoring financial products or services of the
Bank,
the Bank's group companies and/or third party entities, as well as assessing suitability and needs for
products and services
- introduction of our product or services partners or persons with whom we have alliances
- maintenance, review and development of systems, procedures and infrastructure including our computer
systems
- enforcement/collection of obligations including amounts owed by customers or by any credit support
provider or insurer
- provision of electronic banking services including fund transfers and conduct of transactions or
transaction related activities via electronic platforms
- performance of our roles and responsibilities in relation to products or services made available to
you,
including preventing the misuse of our services or facilities
- meeting any order of court or tribunal, legal and regulatory requirements under any law (including
regulatory reporting), or as requested by local or foreign government, regulatory or similar authority
or
agency having jurisdiction over the Bank, any of its branches or other members of the Bank's group of
companies
- handling enquiries, audits, complaints, investigations and/or legal proceedings
- enabling actual or potential assignees, transferees or any person who may enter into contractual
relations
with the Bank in relation to the Bank's rights and/or obligations under or in connection with an
agreement
or transaction with you to evaluate the transaction, rights or obligations of the Bank
- day to day operations of the Bank, including for security purposes
- central management and storing of data
- all other incidental and associated purposes relating to any of the above
- any other purpose agreed with you
Information disclosed as above may be further disclosed by recipients to other parties (including those
outside of Singapore) in accordance with the laws of the country of the recipient.
-
Personal Data held by the Bank will be kept confidential. However we or a recipient of the personal
data may
disclose the personal data in or outside Singapore as may be necessary including:
- as agreed with you
- to any person as required or permitted by law or regulation or order of court or tribunal (including
under
the Banking Act of Singapore) or as provided in Paragraph 3 above
- to our holding company, head, representative and branch offices and any of our related corporations
or
affiliates in any jurisdiction;
- to any authority in any jurisdiction, including any central bank or other fiscal or monetary
authority and
any person involved in enquiries, audits, complaints investigations or proceedings
- to any party that has provided security or credit support or assurance for your obligations and any
party
who is participating in any product or service made available to you
- to any actual or potential assignees, transferees or any person who may enter into contractual
relations
with the Bank in relation to the Bank's rights and/or obligations under or in connection with an
agreement
or transaction with you
- to our agents, contractors, auditors and service providers and their sub-contractors (including but not limited to any host server or storage provider), auditors or professional advisers(and any others to whom they may make further disclosure), wherever located or wherever performing services
- to our stationery printer and storage provider (including, without limitation, any provider of
microfilm
service, archival service or other storage facility) (and any others to whom they may make further
disclosure) for the purpose of making, printing, mailing, storing, archiving, microfilming and/or
filing
cheques, statements of account, advices, transaction records and other documents, data or records
- to any person in connection with any legal action taken or contemplated in relation to any
agreement,
product, service or transaction with you or any party that has provided security or credit support for
your
obligations
- to insurers, reinsurers, insurance brokers and their respective related entities, auditors, advisers
and
service providers, in each case arising from or in connection with the provision of credit support or
insurance
- to any person we are under a duty to disclose the information
- to any person (and any others to whom such person may make further disclosure) for the purpose of
giving
effect to any transaction with or for you or in connection with the provision of banking products or
services (including via electronic platforms or electronic banking services) (including, without
limitation,
any agent, correspondent, intermediary or beneficiary in a transaction)
- to persons with whom we have arrangements or alliances for promoting or using their products or
services
- to any credit bureau or credit reporting agency
- to your authorized agents, executors, administrators or legal representatives
- to a receiver or manager, trustee, administrator, judicial manager, trustee, liquidator or person
holding
a similar position
- any other banks, financial institutions or credit agencies or credit bureaus or the external
auditors for
the purposes of verifying information, for fraud detection, anti-money laundering or combating
terrorism
financing purposes, for legal or regulatory purposes
- trade repositories, clearing houses and counterparties to transactions
Information disclosed as above may be further disclosed by recipients to other parties (including those
outside of Singapore) in accordance with the laws of the country of the recipient.
-
We may manage, store and process account and transaction information (including personal data) centrally. Your personal data may be processed and stored in another country or by other entities. Unless we are able to manage, store and process your personal data in such a manner, we may be unable to handle your banking and other transactions.
Our employees and immediate service providers are subject to confidentiality obligations and applicable laws which relate to confidentiality and privacy of personal data which are generally comparable with the standard of protection accorded to personal data under the PDPA.
-
Where personal data of any individual (including your directors or other officers or employees or
agents,
shareholders or beneficial owners) is provided to us, you represent and warrant to us that each of them
has
consented to the disclosure of such personal data to us, and the collection, use, disclosure, transfer
and
retention of their personal data (including outside Singapore) by us for and/or incidental to the
purposes
specified above and that you are authorized to obtain and notify us of that consent and that you shall
maintain the same.
-
Under the PDPA, you have the right to:
- access any personal data about you that the Bank possesses or controls subject to the applicable
exceptions under the PDPA
- require the Bank to correct any personal data relating to you which is inaccurate subject to the
applicable exceptions under the PDPA
- request to be provided with information about the ways in which such personal data has or may have
been
used or disclosed within the year before the request. However, in certain circumstances or in respect
of
certain types of personal data, organizations are prohibited from granting such access or may choose
whether
or not to provide such access
In accordance with the PDPA, the Bank has the right to charge a reasonable fee for processing any
request to
access personal data and/or for disclosure and use information.
A request must contain the following information (i) applicant's name and identification number (ii)
the
personal data for which access, disclosure and use and/or correction is being sought. The Bank will
inform you
of the applicable fee to be paid and endeavor to process the request within 30 days of receipt. In the
event
the Bank is not able to process the request within 30 days of receipt, the Bank will inform you within
the 30
days of the date the Bank will be able to process the request.
The Bank may decline any request to access Personal Data that is exempt under the PDPA or to change any
record where the Bank believes the data to be accurate or if you do not agree to pay the processing fee.
In
such a case, Bank will advise you of the outcome within 30 days from the date of receipt of the request
for
access or correction.
-
We will retain personal data for as long as required or as permitted by law. Some personal data will be
kept
for longer periods than others. Without affecting the generality of the statement hereabove, any consent
given
in relation to personal data shall, subject to all applicable laws and regulations, survive death,
incapacity,
bankruptcy or insolvency and your employment with the Bank.
-
Under the PDPA, you may withdraw your consent for the use of your personal data. If you fail to provide
personal data reasonably requested by us and/or withhold or withdraw your consent for use, disclosure,
transfer or retention of personal data, we may be unable to provide all or a part of the products or
services
made available to you. A notice of withdrawal of consent will be processed and effected within 30 days
of
receipt. The notice shall contain the applicant's name, and identification number and identify the
personal
data and purpose of use for which consent is being withdrawn.
-
Queries on the Bank's personal data protection policies and requests pursuant to Paragraph 7 above
should be
made in writing and addressed to:
Personal Data Protection Officer
Kenji Takahashi
c/o Legal & Compliance Department Asia Pacific Division
Address
Sumitomo Mitsui Banking Corporation Singapore Branch
88 Market Street
#33-01, CapitaSpring
Singapore 048948
Email Address
kenji_takahashi@sg.smbc.co.jp (cc: anjali_mohan@sg.smbc.co.jp)
Telephone Number
6705 1001
-
This data protection policy was last updated in October 2022.