Privacy and security statement

Our business has been built on trust between our customers and ourselves. To preserve the confidentiality of all information you provide to us, we maintain the following privacy principles:

1. We only collect personal information that we believe to be relevant and required to understand your financial needs and to conduct our business.
2. We use your personal information to provide you with better customer services and products.
3. We may pass your personal information to other HSBC Group companies or agents, as permitted by law.
4. We will not disclose your personal information to any external organisation unless we have your consent or are required by law or have previously informed you.
5. We may be required from time to time to disclose your personal information to Governmental or judicial bodies or agencies or our regulators, but we will only do so under proper authority.
6. We aim to keep your personal information on our records accurate and up-to-date.
7. We maintain strict security systems designed to prevent unauthorised access to your personal information by anyone, including our staff.
8. All HSBC Group companies, all our staff and all third parties with permitted access to your information are specifically required to observe our confidentiality obligations.
9. By maintaining our commitment to these principles, we at HSBC will ensure that we respect the inherent trust that you place in us.

Your privacy matters to us

This section provides specific details of how we treat any personal information you might wish to provide us when you visit this site.

Data security

• Security is our top priority. HSBC Bank Malaysia Berhad ('the Bank') will strive at all times to ensure that your personal data will be protected against unauthorised or accidental access, processing or erasure. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal data.
• The secure area of our website supports the use of Secure Socket Layer (SSL) protocol and 128-encryption technology- an industry standard for encryption over the Internet to protect data. When you provide sensitive information such as credit card details, it will be automatically converted into codes before being securely dispatched over the Internet.
• Our web servers are protected behind "firewalls" and our systems are monitored to prevent any unauthorised access. We will not send personal information to you by ordinary email. As the security of ordinary email cannot be guaranteed, you should only send email to us using the secure email facility on our website.
• All practical steps will be taken to ensure that personal data will not be kept longer than necessary and that the Bank will comply with all relevant statutory and regulatory requirements in Malaysia concerning the retention of personally identifiable information.

Security assurance

• Both you and the Bank play an important role in protecting against online fraud. You should be careful that your bank account details including your User ID, Password, Security Device and/or Security Code are not compromised by ensuring that you do not knowingly or accidentally share, provide or facilitate unauthorised use of it. Do not share your User ID, Password, Security Device and/or Security Code or allow access or use of it/them by others. We endeavour to put in place high standards of security to protect your interests.
• You should safeguard your unique User ID, Password and Security Code by keeping them secret and confidential. Never write them down or share their details with anyone. The Bank will never ask you for your Internet Banking Password, in order to ensure that you are the only person who knows this information. When choosing your unique Password and where relevant, your unique User ID for the first time, do not create it/them using easily identifiable information such as your birthday, telephone number or a recognisable part of your name. If you think your User ID, Password, Security Device and/or Security Code has/have been disclosed to a third party, is/are lost or stolen and unauthorised transactions may have been conducted, you are responsible to inform us immediately.

Collection of personal information

• Use of "cookies": Your visit to this site may be recorded for analysis on the number of visitors to the site and general usage patterns. Some of this information will be gathered through the use of "cookies". Cookies are small bits of information that are automatically stored on a person's web browser in their computer that can be retrieved by this site. Should you wish to disable these cookies you may do so by changing the setting on your browser. However, by disabling them, you may not be able to take advantage of our website, including online@hsbc.
• Marketing Promotions: Occasionally we may collect personal information from visitors to this site and those individuals that participate in a contest or promotion (online or over the telephone, or at one of our branches). Such information is only collected from individuals who voluntarily provide us with their personal information. We may use this information to advise them of products, services and other marketing materials, which we think, may be of interest to them. We may also invite visitors to this site to participate in market research and surveys and other similar activities. 
  
  You may receive marketing and other promotional materials by email. If you do receive email promotional direct mail, you will always have an opportunity to opt out. If at any time you would like us to cease sending you direct emails, please send us a message via Personal Internet Banking / Banking Business Internet Banking or write to:
  
  HSBC Supplied Services - Scanning Unit c/o Correspondence 
  9th Floor, Wisma Hamzah Kwong Hing
  No 1, Lebuh Ampang, 50100 Kuala Lumpur

Notice relating to the Personal Data Protection Act 2010 (The "PDPA")

1. The Bank views your personal data and privacy seriously. This Notice is issued pursuant to the requirements of the Personal Data Protection Act 2010.
2. Individuals may have supplied and may continue from time to time, supply the Bank with their personal data and information (“data”) in connection with the opening or continuation of accounts and the establishment or continuation of banking facilities or provision of banking services or compliance with any laws, guidelines or requests issued by regulatory or other authorities. The Bank may also verify or source personal information about you from third party sources (both public and private) such as credit reporting agencies, Companies Commission and Insolvency Department. Your visit to our public website may be recorded for analysis on the number of visitors to the site and general usage patterns. Some of this information will be gathered through the use of "cookies".
3. Such data may include information concerning your personal details (such as name, age, gender, identity card number, passport number, date of birth, education, race, ethnic origin, nationality, citizenship), contact details (such as address, email, phone numbers), family information (such as marital status, name of spouse or child or immediate family), occupation details (such as employer name, income range, job title, job responsibilities, employer’s contact information and address) and other information such as financial reference (in respect of other bank facilities used by you). In addition, the Bank may from time to time request for certain other personal information that may be relevant for the Bank to consider your request for any other products or banking facility of the Bank.
4. Failure to supply such data may result in the Bank being unable to open, establish, continue or provide the banking accounts, services or facilities or comply with any laws or guidelines issued by regulatory or other authorities.
5. It is also the case that data are collected from (i) customers and other sources in the ordinary course of the continuation of the banking relationship, for example, when customers write cheques, deposit money or apply for credit, (ii) a person acting on behalf of the individual whose data are provided, and (iii) other sources (for example, information obtained from any bureaus or agencies established or to be established by Bank Negara Malaysia or any of its subsidiaries, or by any other authorities, the Association of Banks in Malaysia (ABM) or the Association of Islamic Banking Institutions Malaysia (AIBIM) whichever is applicable, any registered credit reporting agencies or any debt collection agencies that may be appointed by the Bank, and with any authority, central depository or depository agent in relation to the securities industry). Data may also be generated or combined with other information available to the Bank or any member of the HSBC Group (“HSBC Group” means HSBC Holdings plc, its affiliates, subsidiaries, associated entities and any of their branches and offices (together or individually) and “member of the HSBC Group” has the same meaning).
6. The purposes for which data may be used and/or processed are as follows:
   1. considering applications and the processing of applications for banking accounts, services and/or facilities provided to customers;
   2. the daily operation of the banking accounts, services and/or facilities provided to customers;
   3. conducting credit checks (including but not limited to upon an application for credit and upon periodic or special review of the credit which normally will take place one or more times each year);
   4. creating and maintaining the Bank's credit and risk related models and/or any purpose relating to risk management functions;
   5. assisting other financial institutions to conduct credit checks and collect debts;
   6. updating customers’ records;
   7. ensuring ongoing credit worthiness of customers;
   8. designing financial services or related products for customers' use;
   9. marketing services or products of the Bank and/or selected companies (in respect of which the Bank may or may not be remunerated) including but not limited to:
      1. financial, insurance/takaful, credit card, banking, wealth management and related services and products;
      2. reward, loyalty or privileges programmes and related services and products;
      3. services and products offered by the Bank’s co-branding partners (the names of such co-branding partners will be provided during the application of the relevant services and products, as the case may be);
   10. determining the amount of indebtedness owed to or by customers;
   11. collection of amounts outstanding from customers and those providing security for customers' obligations;
   12. for fraud or crime prevention, audit and debt collection and in order that services may be processed by the Bank;
   13. for investigating, reporting, preventing or otherwise in relation to breach of banking secrecy/confidential information, fraud, money laundering, terrorist financing and criminal activities generally;
   14. meeting obligations, requirements or arrangements, whether compulsory or voluntary, of the Bank or any of its branches and any member of the HSBC Group to comply with, or in connection with;
       1. any law, regulation, judgment, court order, voluntary code, sanctions regime, within or outside Malaysia existing currently and in the future (“Laws”);
       2. any guidelines, guidance or requests given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside Malaysia existing currently and in the future and any international guidance, internal policies or procedures;
       3. any present or future contractual or other commitment with local or foreign legal, regulatory, judicial, administrative, public or law enforcement body, or governmental, tax, revenue, monetary, securities or futures exchange, court, central bank or other authorities, or self-regulatory or industry bodies or associations of financial service providers or any of their agents with jurisdiction over all or any part of the HSBC Group (together the “Authorities” and each an “Authority”) that is assumed by, imposed on or applicable to the Bank or any of its branches or any member of the HSBC Group; or
       4. any agreement or treaty between Authorities;
   15. complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information within the HSBC Group and/or any other use of data and information in accordance with any programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;
   16. conducting any action to meet obligations of the Bank or any member of the HSBC Group to comply with Laws or international guidance or regulatory requests relating to or in connection with the detection, investigation and prevention of money laundering, terrorist financing, bribery, corruption, tax evasion, fraud, evasion of economic or trade sanctions and/or any acts or attempts to circumvent or violate any Laws relating to these matters;
   17. meeting any obligations of the Bank or any member of the HSBC Group to comply with any demand or request from the Authorities;
   18. enabling an actual or proposed assignee of the Bank, or participant or sub-participant of the Bank's rights in respect of the customer to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
   19. market research and statistical analysis and surveys with the aim of improving our products and services;
   20. for any purpose required by law or regulation;
   21. for the purpose of enforcing its legal rights and/or obtaining legal advice;
   22. to support the Group’s business, financial and risk monitoring, planning and decision making;
   23. for making enquiries or investigations as to whether or not the customer or person whose data is collected, used and/or processed by the Bank is actually a sanctioned person, or is otherwise howsoever related to, or associated with, a sanctioned person or entity; and also for the reporting or the taking of any remedial or preventive action in relation thereto;
   24. for all ancillary purposes relating to the provision of facilities including the provision of computer, telecommunications and technology services;
   25. for internal operational requirements of the Bank or the HSBC Group (including, without limitation, credit and risk management, system or product development and planning, insurance/takaful, audit and administrative purposes); and/or
   26. purposes relating thereto.
7. Data held by the Bank or a member of the HSBC Group relating to an individual will be kept confidential but the Bank or a member of the HSBC Group may provide or disclose such information to the following parties (whether within or outside Malaysia) for the purposes set out in paragraph 6 (who may also subsequently process, transfer and disclose such data for the purposes set out in paragraph 6):
   1. any HSBC Group Member;
   2. any agent, contractor, sub-contractors, service providers, lawyers, auctioneers, valuers or associates of the HSBC Group (including their employees, directors, officers, agents, contractors, service providers and professional advisers);
   3. any third party service provider who provides administrative, telecommunications, computer, payment or securities clearing or other services to the Bank in connection with the operation of its business (including their employees, directors and officers);
   4. any Authorities;
   5. any other person under a duty of confidentiality to the Bank including any HSBC Group Member which has undertaken to keep such information confidential;
   6. the drawee bank providing a copy of a paid cheque (which may contain information about the payee) to the drawer;
   7. any persons acting on behalf of an individual whose data are provided, payment recipients, beneficiaries, account nominees, intermediary, correspondent and agent banks, clearing houses, clearing or settlement systems, market counterparties, upstream withholding agents, swap or trade repositories, stock exchanges, companies in which the customer has an interest in securities (where such securities are held by the Bank or any member of the HSBC Group) or a person making any payment into the customer’s account;
   8. any person to whom the Bank or any of its branches or any member of the HSBC Group is under an obligation or required or expected to make disclosure for the purposes of any guidelines set out, or in connection with paragraph 6 (n), (o), (p) & (q);
   9. any actual or proposed assignee of the Bank or participant or sub-participant or transferee of the Bank’s rights in respect of the customer;
   10. third party financial institutions, insurers/ takaful operators, credit card companies, securities and investment services providers;
   11. third party reward, loyalty, co-branding and privileges programme providers;
   12. co-branding partners of the Bank or any member of the HSBC Group (the name of such co-branding partners will be provided during the application of the relevant services and products, as the case may be);
   13. external service providers (including but not limited to mailing houses, telecommunication companies, telemarketing and direct sales agents, call centres, data processing companies and information technology companies) that the Bank engages for the purposes set out in paragraph 6 (i);
   14. any bureaus or agencies established or to be established by Bank Negara Malaysia (including the Central Credit Reference Information System – “CCRIS”) or any of its subsidiaries, or by any other regulatory authorities; the Association of Banks Malaysia (ABM) or the Association of Islamic Banking Institutions Malaysia (AIBIM) whichever is applicable; any registered credit reporting agency; any authority, central depository or depository agent in relation to the securities industry; the police; any other governmental or regulatory authority or body, Cagamas Berhad and/or Credit Guarantee Corporation Berhad and in the event of default, to debt collection agencies; and/or
   15. any guarantor or security provider for the facilities.
8. In connection with 7 n) above, in the event of any default in payment where the amount in default is not fully paid on or before the due date, the individual is liable to have his/her/its account data shared with, disclosed to and/or retained by the registered credit reporting agency.
9. Under and in accordance with the provisions of the PDPA and the Code of Practice approved and issued under the PDPA, any individual may:-
   1. check whether the Bank holds data about him/her and of access to such data;
   2. request the Bank to correct any data relating to him/her which is inaccurate;
   3. request clarification on the Bank's policies and practices in relation to data and to be informed of the kind of personal data held by the Bank;
   4. in relation to facilities, to request to be informed which items of data are routinely disclosed to registered credit reporting agencies or debt collection agencies.
10. In accordance with the terms of the PDPA, the Bank has the right to charge a fee for the processing of any data access request.
11. The individual can request for access to data or correction of data or for information regarding policies and practices and kinds of data held by mail to the address below or by visiting any of the Bank’s *branches to complete the data access form.
    
    The Personal Data Protection Officer
    HSBC Bank Malaysia Berhad
    No. 2, Leboh Ampang,
    50100 Kuala Lumpur
    Tel : +603 2075 3000
    Email :pdpo@hsbc.com.my
    
    *not applicable to HSBC Amanah Malaysia Berhad’s mini branches
12. If you have any queries or complaints relating to this Notice or otherwise relating to misuse or suspected misuse of your personal information, you may send us a message via Personal Internet Banking/ Business Internet Banking or contact our call centre (the number is available at www.hsbc.com.my / www.hsbcamanah.com.my).
13. If you do not want us to further disclose your name, contact particulars and/or non-financial information to any company within the HSBC Group Member or the said third parties for the purposes of cross-selling and/or if you do not want to be contacted by us or the said third parties for the sale or promotion of any products or services via the posting of any promotional and/or marketing materials, please send us a message via Personal Internet Banking/ Business Internet Banking or write to:
    
    HSBC Supplied Services - Scanning Unit c/o Correspondence 
    9th Floor, Wisma Hamzah Kwong Hing
    No 1, Lebuh Ampang, 50100 Kuala Lumpur
14. The Bank reserves the right to amend this Notice at any time and will place notice of such amendments on the Bank’s website or the Bank’s branches or via any other mode the Bank views suitable.
15. Nothing in this Notice shall limit the rights of customers or the Bank under the Personal Data Protection Act 2010.
16. Where the customer is a partnership (that is not registered under the Limited Liability Partnerships Act 2012) or other unincorporated body of persons, the giving of this Notice addressed to the partnership or the unincorporated body of persons shall be deemed as notice given to all the partners or office-bearers (as the case may be) of such customer whose data are collected and/or processed by the Bank for the purposes as stated herein. In this regard, the customer warrants that the customer has obtained the consent of all such individuals to the provision of their data to the Bank for the foregoing purposes and for disclosure to such parties as stipulated above and the customer undertakes to extend a copy of this Notice to all such individuals, which expression shall include all such existing and new partners or office-bearers (as the case may be) of the customer from time to time.
17. Aside from customers, this Notice shall also apply (as the context shall require) in relation to the usage, processing and disclosure of the data of any other individual who is not a customer but whose data is required to be collected by the Bank by reason of, or incidental to, the provision of any banking accounts, services and/or facilities by the Bank to its customers, whether the customer concerned is another individual(s) or is a company, business entity or organisation. In this regard, the customer confirms and warrants that the customer has obtained the consent of such individuals to the provision of such data to the Bank for the foregoing purposes and for disclosure to such parties as stipulated above.

Your continued usage of the banking accounts, services and/or facilities is deemed consent for the Bank to collect, process and store the data in accordance with the above. Failure to consent to the above may result in the Bank being unable to open, establish, continue or provide the banking accounts, services or facilities to you.

Notis Berkenaan Dengan Akta Perlindungan Data Peribadi 2010 ("PDPA")

1. Bank memandang serius data peribadi dan privasi anda. Notis ini dikeluarkan selaras dengan keperluan-keperluan Akta Perlindungan Data Peribadi 2010.
2. Individu-individu mungkin telah membekalkan dan boleh terus dari semasa ke semasa, membekalkan Bank dengan data peribadi dan maklumat mereka (“data”) berkaitan dengan pembukaan atau menyambung akaun dan penubuhan atau berterusan dengan kemudahan perbankan atau memperuntukan perkhidmatan perbankan atau mematuhi dengan mana-mana undang-undang, garis panduan atau permintaan yang dikeluarkan oleh pihak berkuasa kawal selia atau lain-lain pihak berkuasa. Bank juga boleh mengesahkan atau mencari sumber maklumat peribadi mengenai anda daripada sumber pihak ketiga (awam dan swasta) seperti agensi pelapor kredit, Suruhanjaya Syarikat dan Jabatan Insolvensi. Lawatan anda ke laman sesawang awam kami mungkin akan direkod untuk analisa bilangan pelawat ke laman tersebut dan corak penggunaan umum. Sebahagian daripada maklumat ini akan dikumpul melalui penggunaan “cookies”.
3. Data tersebut termasuklah maklumat berkenaan dengan butir-butir peribadi anda (seperti nama, umur, jantina, nombor kad pengenalan, nombor pasport, tarikh lahir, pendidikan, bangsa, keturunan, warganegara, kerakyatan), butir-butir hubungan (seperti alamat, e-mel, nombor telefon) maklumat keluarga (seperti status perkahwinan, nama suami isteri atau anak atau keluarga terdekat), butir-butir pekerjaan (seperti nama majikan, lingkungan pendapatan, jawatan, tanggungjawab kerja, maklumat hubungan dan alamat majikan) dan maklumat-maklumat lain seperti rujukan kewangan (berkenaan kemudahan –kemudahan perbankan lain yang digunakan oleh anda). Sebagai tambahan, Bank boleh dari semasa ke semasa meminta maklumat peribadi tertentu yang lain yang mungkin berkaitan bagi Bank mempertimbangkan permintaan anda untuk mana-mana produk atau kemudahan perbankan oleh Bank.
4. Kegagalan untuk membekalkan data-data tersebut boleh menyebabkan Bank tidak boleh membuka, menubuhkan, meneruskan atau menyediakan akaun-akaun perbankan, perkhidmatan-perkhidmatan atau kemudahan-kemudahan atau mematuhi dengan mana-maa undang-undang atau garis panduan yang dikeluarkan oleh pengatur atau pihak-pihak berkuasa lain.
5. Ianya juga menjadi kes bahawa data yang dikumpulkan daripada (i) pelanggan dan mana-mana sumber dalam keadaan biasa bagi meneruskan hubungan perbankan, sebagai contoh, apabila pelanggan menulis cek-cek, wang deposit atau memohon untuk kredit, (ii) seseorang yang bertindak bagi pihak individu yang mana data disediakan, dan (iii) sumber-sumber lain (sebagai contoh, maklumat yang diperolehi daripada mana-mana biro atau yang ditubuhkan atau akan ditubuhkan oleh Bank Negara Malaysia atau mana-mana anak syarikatnya, atau oleh mana-mana pihak berkuasa lain, Persatuan Bank-bank di Malaysia (ABM) atau Persatuan Institusi Perbankan Islam Malaysia (AIBIM) yang mana berkenaan, mana-mana agensi pelapor kredit berdaftar atau agensi kutipan hutang yang boleh dilantik oleh Bank, dan dengan mana-mana pihak berkuasa, tempat simpanan pusat atau agen tempat simpanan berkaitan dengan industri sekuriti). Data boleh juga dihasilkan atau digabungkan dengan maklumat lain yang sedia ada kepada Bank atau mana-mana ahli Kumpulan HSBC (“Kumpulan HSBC” bermaksud HSBC Holdings plc, syarikat sekutunya, anak-anak syarikatnya, entiti-entiti berkaitan dan mana-mana cawangan dan pejabatnya (bersama-sama atau perseorangan) dan “ahli Kumpulan HSBC” mempunyai pengertian yang sama.
6. Tujuan-tujuan data yang boleh digunakan dan/atau diproses adalah seperti berikut:-
   1. mempertimbangkan permohonan dan memproses permohonan untuk akaun-akaun perbankan, perkhidmatan-perkhidmatan dan/atau kemudahan- kemudahan yang disediakan kepada pelanggan;
   2. Operasi harian bagi akaun-akaun perbankan, perkhidmatan-perkhidmatan dan/atau kemudahan-kemudahan yang disediakan kepada pelanggan-pelanggan;
   3. Membuat pemeriksaan kredit (termasuklah tetapi tidak terhad semasa permohonan untuk kredit dan semasa kajian semula berkala atau khusus untuk kredit yang biasanya akan berlaku sekali atau beberapa kali setiap tahun);
   4. Mewujudkan dan mengekalkan credit Bank dan model-model berkaitan risiko dan/atau apa-apa tujuan berkaitan dengan fungsi-fungsi pengurusan risiko;
   5. Membantu institusi-institusi kewangan lain untuk membuat pemeriksaan kredit dan memungut hutang-hutang;
   6. Mengemaskini rekod-rekod pelanggan;
   7. Memastikan kepercayaan kredit berterusan oleh pelanggan;
   8. Merekabentuk perkhidmatan kewangan atau produk berkaitan untuk kegunaan pelanggan;
   9. Memasarkan perkhidmatan atau produk-produk Bank dan/atau syarikat-syarikat terpilih (berkenaan di mana Bank boleh atau tidak boleh diupah) termasuklah tetapi tidak terhad kepada:
      1. Kewangan, insurans, kad kredit, perbankan, pengurusan kekayaan dan perkhidmatan-perkhidmatan dan produk-produk berkaitan;
      2. Ganjaran, ketaatan atau program-program hak keistimewaan dan perkhidmatan-perkhidmatan dan produk-produk berkaitan;
      3. Perkhidmatan-perkhidmatan dan produk-produk yang ditawarkan oleh rakan kongsi jenama bersama Bank (nama-nama rakan kongsi jenama bersama akan diberikan semasa permohonan untuk perkhidmatan-perkhidmatan dan produk-produk berkaitan, mengikut mana-mana yang berkenaan);
   10. Menentukan jumlah keberhutangan yang dihutang kepada atau oleh pelanggan;
   11. Memungut jumlah-jumlah yang terhutang daripada pelanggan dan mereka yang memberikan sekuriti untuk obligasi pelanggan.
   12. Bagi ‘frod’ atau pencegahan jenayah, audit atau kutipan hutang dan bagi membolehkan perkhidmatan-perkhidmatan boleh diproses oleh Bank;
   13. Bagi siasatan, laporan, pencegahan atau selainnya berkenaan pelanggaran kerahsiaan perbankan/maklumat sulit, frod, pengubahan wang haram, pembiayaan keganasan dan kegiatan-kegiatan jenayah secara amnya;
   14. memenuhi kewajipan, keperluan atau pengaturan, sama ada secara wajib atau sukarela, untuk Bank atau mana-mana cawangannya dan mana-mana ahli dalam Kumpulan HSBC untuk mematuhi dengannya, atau berkaitan dengan;
       1. mana-mana undang-undang, peraturan, penghakiman, perintah mahkamah, kod sukarela, rejim sekatan, di dalam atau di luar Malaysia yang sedia ada pada masa kini dan pada masa akan datang ("Undang-Undang");
       2. apa-apa garis panduan, panduan atau permintaan diberikan atau dikeluarkan oleh mana-mana badan perundangan, peraturan, kerajaan, cukai, penguatkuasaan undang-undang atau pihak berkuasa lain, atau badan-badan kawal selia sendiri atau industri atau persatuan-persatuan pembekal perkhidmatan kewangan di dalam atau di luar Malaysia yang sedia ada pada masa kini dan pada masa akan datang dan apa-apa panduan antarabangsa, dasar atau prosedur dalaman;
       3. apa-apa kontrak masa kini atau masa akan datang atau komitmen lain dengan undang-undang tempatan atau asing, peraturan, kehakiman, pentadbiran, awam atau badan penguatkuasaan undang-undang, atau pihak berkuasa kerajaan, cukai, hasil, kewangan, sekuriti atau pertukaran hadapan, mahkamah, bank pusat atau pihak-pihak berkuasa lain, atau badan-badan kawal selia sendiri atau industri atau persatuan-persatuan pembekal perkhidmatan kewangan atau mana-mana ejen mereka yang mempunyai bidang kuasa ke atas semua atau mana-mana bahagian Kumpulan HSBC (bersama-sama "Pihak-Pihak Berkuasa" dan setiap satu "Pihak Berkuasa") yang diambil alih oleh, dikenakan ke atas atau terpakai kepada Bank atau mana-mana cawangannya atau mana-mana ahli Kumpulan HSBC; atau
       4. mana-mana perjanjian atau ketaatsetiaan antara Pihak Berkuasa;
   15. mematuhi apa-apa kewajipan, keperluan, dasar, prosedur, langkah-langkah atau perkiraan bagi perkongsian data dan maklumat di dalam Kumpulan HSBC dan/atau mana-mana kegunaan lain data dan maklumat mengikut apa-apa program untuk mematuhi dengan sekatan atau pencegahan atau pengesanan pengubahan wang haram, pembiayaan keganasan atau lain-lain aktiviti yang menyalahi undang-undang;
   16. menjalankan apa-apa tindakan bagi memenuhi tanggungjawab Bank atau mana-mana ahli Kumpulan HSBC untuk mematuhi Undang-Undang atau panduan antarabangsa atau permintaan-permintaan peraturan yang berhubungan dengan atau berkaitan dengan pengesanan, penyiasatan dan pencegahan pengubahan wang haram, pembiayaan keganasan, sogokan, rasuah, pengelakan cukai, penipuan, pengelakan sekatan ekonomi atau perdagangan dan / atau apa-apa tindakan atau percubaan untuk memintas atau melanggar mana-mana Undang-Undang yang berkaitan dengan perkara ini;
   17. memenuhi mana-mana obligasi Bank atau mana-mana ahli Kumpulan HSBC untuk mematuhi apa-apa permintaan atau permohonan dari Pihak Berkuasa;
   18. membolehkan pemegang serahhak sebenar atau yang dicadangkan Bank, atau peserta atau sub-peserta berkenaan hak Bank atas pelanggan untuk menilai transaksi yang bertujuan menjadi subjek kepada serahan hak, penyertaan atau sub-penyertaan;
   19. penyelidikan pasaran dan analisa statistik dan kajian dengan tujuan untuk memperbaiki produk-produk dan perkhidmatan-perkhidmatan kami;
   20. bagi apa-apa tujuan yang dikehendaki oleh undang-undang dan peraturan;
   21. bagi tujuan menguatkuasakan hak-hak perundangan dan/atau mendapatkan nasihat undang-undang;
   22. bagi menyokong perniagaan Kumpulan, pemantauan kewangan dan risiko, perancangan dan membuat keputusan;
   23. untuk membuat pertanyaan atau siasatan sama ada atau tidak data pelanggan atau seseorang yang dipungut, diguna dan/atau diproses oleh Bank itu adalah sebenarnya orang yang dibenarkan, atau sebaliknya walau apa jua pertalian, atau kaitan dengan, orang atau entiti yang dibenarkan; dan juga bagi melapor atau mengambil apa-apa remedi atau tindakan pencegahan berkenaan dengannya
   24. bagi semua tujuan sampingan berkaitan penyediaan kemudahan-kemudahan termasuk penyediaan komputer, telekomunikasi dan perkhidmatan-perkhidmatan berteknologi; dan/atau
   25. untuk keperluan operasi dalaman Bank atau Kumpulan HSBC (termasuk, tanpa had kepada, pengurusan kredit dan risiko, sistem atau produk pembangunan dan perancangan, insurans / takaful, audit dan tujuan pentadbiran); dan/atau
   26. tujuan-tujuan yang berkenaan dengannya
7. Data yang dipegang oleh Bank atau ahli Kumpulan HSBC berkaitan dengan seseorang individu akan dirahsiakan atau disimpan secara sulit tetapi Bank atau ahli Kumpulan HSBC boleh memberikan atau mendedahkan maklumat-maklumat tertentu kepada pihak-pihak berikut (sama ada di dalam atau di luar Malaysia) bagi tujuan-tujuan yang dinyatakan di perenggan 6 (yang boleh juga kemudiannya akan memproses, memindah atau mendedahkan data sedemikian untuk tujuan-tujuan yang dinyatakan di perenggan 6):-
   1. mana-mana Ahli Kumpulan HSBC;
   2. mana-mana ejen, kontraktor, sub-kontraktor, pembekal perkhidmatan, peguam, pelelong, penilai atau syarikat bersekutu Kumpulan HSBC (termasuk pekerja, pengarah, pegawai, ejen, kontraktor, pembekal perkhidmatan dan penasihat professional mereka);
   3. mana-mana pembekal perkhidmatan pihak ketiga yang membekalkan, tadbir, telekomunikasi, komputer, pembayaran atau penyelesaian sekuriti atau perkhidmatan-perkhidmatan lain kepada Bank berhubung dengan operasi perniagaannya (termasuk pekerja, pengarah dan pegawai mereka);
   4. mana-mana Pihak Berkuasa;
   5. mana-mana orang lain yang mempunyai kewajipan untuk merahsiakan kepada Bank termasuklah mana-mana Ahli Kumpulan HSBC yang telah mengakujanji untuk merahsiakan maklumat tersebut;
   6. bank pembayar menyediakan sesalinan cek berbayar (yang mungkin mengandungi maklumat berkenaan penerima) kepada pembayar;
   7. mana-mana orang yang bertindak bagi pihak seseorang individu yang mana data telah disediakan, penerima pembayaran, waris, penama akaun, perantara, wartawan dan ejen bank, rumah penjelasan, sistem penjelasan atau penyelesaian, rakan niaga pasaran, ejen pegangan hulu, swap atau perdagangan repositori, bursa saham, syarikat-syarikat di mana pelanggan mempunyai kepentingan dalam sekuriti (di mana sekuriti tersebut dipegang oleh Bank atau mana-mana ahli Kumpulan HSBC) atau seseorang yang membuat apa-apa bayaran ke dalam akaun pelanggan;
   8. mana-mana orang yang mana Bank atau mana-mana cawangannya atau mana-mana ahli Kumpulan HSBC yang berkewajipan atau dikehendaki atau dijangka untuk membuat pendedahan bagi maksud mana-mana garis panduan yang ditetapkan, atau berkaitan dengan perenggan 6 (n), (o), (p) & (q);
   9. mana-mana pemegang serah hak sebenar atau yang dicadangkan Bank atau perserta atau sub-peserta atau penerima pindahan hak-hak Bank berkenaan pelanggan;
   10. institusi-institusi kewangan pihak ketiga, penanggung-penanggung insurans/ pengendali takaful, syarikat-syarikat kad kredit, pembekal-pembekal perkhidmatan sekuriti dan pelaburan;
   11. ganjaran pihak ketiga, kesetiaan, penjenamaan bersama dan hak istimewa penyedia program;
   12. rakan kongsi penjenamaan bersama Bank atau mana-mana ahli Kumpulan HSBC (nama-nama rakan kongsi jenama bersama akan diberikan semasa permohonan untuk perkhidmatan-perkhidmatan dan produk-produk berkaitan, mengikut mana-mana berkenaan);
   13. pembekal-pembekal perkhidmatan luar (termasuklah tetapi tidak terhad kepada pusat-pusat penghantaran, syarikat-syarikat telekomunikasi, telepemasaran dan ejen-ejen jualan langsung, pusat-pusat panggilan, syarikat-syarikat pemprosesan data dan syarikat-syarikat teknologi maklumat) yang diupah oleh Bank bagi tujuan-tujuan yang dinyatakan di perenggan 6 (i);
   14. mana-mana biro atau agensi yang ditubuhkan atau akan ditubuhkan oleh Bank Negara Malaysia (termasuklah Sistem Maklumat Pusat Rujukan Kredit – “CCRIS”) atau mana-mana subsidiari-subsidiarinya, atau oleh mana-mana pihak berkuasa kawal selia lain; Persatuan Bank-bank Malaysia (ABM) atau Persatuan Institusi-institusi Perbankan Islam Malaysia (AIBIM) yang mana berkenaan; mana-mana agensi laporan kredit berdaftar, mana-mana pihak berkuasa, pusat simpanan atau ejen simpanan berkaitan dengan industri sekuriti, polis, mana-mana badan kerajaan atau pihak berkuasa kawal selia yang lain, Cagamas Berhad dan/atau Syarikat Jaminan Kredit Berhad dan jika ingkar, dibawa ke agensi-agensi pengutipan hutang; dan/atau
   15. mana-mana penjamin atau pembekal sekuriti bagi kemudahan-kemudahan tersebut.
8. Berkenaan dengan 7 n) di atas, jika terdapat sebarang keingkaran dalam pembayaran di mana jumlah yang diingkar tidak dibayar sepenuhnya pada atau sebelum tarikh luput, individu tersebut bertanggungjawab untuk membolehkan data akaunnya dikongsi bersama, didedahkan kepada dan/atau disimpan oleh agensi pelapor kredit berdaftar.
9. Di bawah dan selaras dengan peruntukan-peruntukan PDPA dan Kod Amalan yang diluluskan dan dikeluarkan di bawah PDPA, mana-mana individu boleh:-
   1. memeriksa sama ada Bank memegang datanya dan mempunyai akses kepada data tersebut;
   2. meminta Bank untuk membetulkan apa-apa data yang berkaitan dengannya yang tidak tepat;
   3. meminta penjelasan berkenaan polisi-polisi dan amalan-amalan Bank berkenaan data dan untuk dimaklumkan berkenaan jenis data peribadi yang dipegang oleh Bank;
   4. berkenaan dengan kemudahan-kemudahan, meminta untuk dimaklumkan perkara data yang manakah yang biasanya didedahkan kepada agensi pelapor kredit berdaftar atau agansi kutipan hutang; dan
10. Menurut terma-terma PDPA, Bank berhak untuk mengenakan bayaran bagi permintaan untuk pemprosesan apa-apa akses data.
11. Individu boleh meminta akses kepada data atau pembetulan data atau mendapatkan maklumat mengenai polisi-polisi dan amalan-amalan dan jenis-jenis data yang disimpan melalui pos ke alamat di bawah atau dengan melawat mana-mana *cawangan Bank bagi melengkapkan borang akses data. 
    
    Pegawai Perlindungan Data Peribadi
    HSBC Bank Malaysia Berhad
    No. 2, Leboh Ampang
    50100 Kuala Lumpur
    Tel : +603 2075 3000
    Emel :pdpo@hsbc.com.my
    *tidak terpakai kepada cawangan-cawangan mini HSBC Amanah Malaysia Berhad
12. Jika anda mempunyai apa-apa pertanyaan atau aduan berkenaan dengan Notis ini atau sebaliknya berkenaan dengan penyalahgunaan atau mengesyaki penyalahgunaan maklumat-maklumat peribadi anda, anda boleh menghantar mesej kepada kami melalui Perbankan Internet Peribadi/ Perbankan Internet Perniagaan atau menghubungi pusat panggilan kami (nombor yang boleh didapati di www.hsbc.com.my atau www.hsbcamanah.com.my).
13. Jika anda tidak mahu kami terus mendedahkan nama, butir-butir hubungan dan/atau maklumat bukan kewangan anda kepada mana-mana syarikat dalam Ahli Kumpulan HSBC atau pihak ketiga tersebut bagi tujuan jualan silang dan/atau jika anda tidak mahu dihubungi oleh kami atau pihak ketiga tersebut untuk jualan atau promosi apa-apa produk atau perkhidmatan melalui penyiaran apa-apa bahan promosi dan/atau bahan pemasaran, sila hantarkan mesej kepada kami melalui Perbankan Internet Peribadi/ Perbankan Internet Perniagaan atau dengan menulis kepada:
    
    HSBC Supplied Services – Scanning Unit c/o Correspondence
    Tingkat 9, Wisma Hamzah Kwong Hing
    No. 1, Leboh Ampang, 50100 Kuala Lumpur
14. Bank merizabkan hak untuk meminda Notis ini pada bila-bila masa dan akan meletakkan notis pindaan tersebut di laman sesawang Bank atau cawangan-cawangan Bank atau melalui apa-apa cara lain yang Bank anggap sesuai.
15. Tiada apa-apa dalam Notis ini akan menghadkan hak-hak pelanggan atau Bank di bawah Akta Perlindungan Data Peribadi 2010.
16. Jika pelanggan adalah seorang rakan kongsi (yang tidak didaftarkan di bawah Akta Perkongsian Liabiliti Terhad 2012) atau lain-lain badan perseorangan yang tidak diperbadankan, pemberian Notis ini yang dialamatkan kepada perkongsian atau badan perseorangan yang tidak diperbadankan adalah dianggap sebagai notis yang diberikan kepada semua rakan kongsi atau pemegang jawatan (mengikut mana berkenaan) pelanggan tersebut yang mana data dikumpul dan/atau diproses oleh Bank bagi tujuan-tujuan yang dinyatakan di sini. Dalam hal ini, pelanggan menjamin bahawa pelanggan telah mendapat persetujuan semua individu tersebut tentang penyediaan data mereka kepada Bank untuk tujuan-tujuan yang disebutkan sebelum ini dan untuk mendedahkan kepada pihak-pihak tersebut sebagaimana yang dinyatakan di atas dan pelanggan mengakujanji untuk memberikan sesalinan Notis ini kepada semua individu tersebut, di mana ungkapan hendaklah termasuk semua rakan kongsi atau pemegang jawatan yang sedia ada (mengikut mana yang berkenaan) pelanggan dari semasa ke semasa.
17. Selain daripada pelanggan, Notis ini hendaklah juga terpakai (sebagaimana yang dikehendaki konteks) berkenaan dengan penggunaan, pemprosesan dan pendedahan data mana-mana individu lain yang bukan pelanggan tetapi yang mana data diperlukan untuk dikumpulkan oleh Bank atas sebab, atau sampingan kepada penyediaan apa-apa akaun perbankan, perkhidmatan-perkhidmatan dan/atau kemudahan-kemudahan oleh Bank kepada pelanggannya, sama ada pelanggan tersebut merupakan individu yang lain atau sebuah syarikat, entiti perniagaan atau organisasi. Dalam hal ini, pelanggan mengesahkan dan menjamin bahawa pelanggan telah mendapatkan persetujuan individu-individu tersebut untuk penyediaan data tersebut kepada Bank bagi tujuan-tujuan yang dinyatakan sebelum ini serta untuk pendedahan kepada pihak-pihak tersebut sepertimana yang dinyatakan di atas.

Penggunaan berterusan akaun-akaun perbankan anda, perkhidmatan-perkhidmatan dan/atau kemudahan-kemudahan dianggap kebenaran kepada Bank untuk mengumpul, memproses dan menyimpan data selaras dengan di atas. Kegagalan untuk bersetuju kepada di atas boleh menyebabkan Bank tidak berupaya untuk membuka, menubuhkan, meneruskan atau menyediakan akaun- akaun perbankan, perkhidmatan-perkhidmatan atau kemudahan-kemudahan kepada anda.

IMPORTANT: By accessing this website and any of its pages you are agreeing to the terms set out above. Thank you for choosing HSBC.