Privacy Notice

Our commitment to your privacy

Maintaining and securing personal data of our customers is a top priority for us at MBSB Bank. We hope this Privacy Notice will enable you to understand how we collect, use, maintain, disclose and protect your personal data in respect of commercial transactions and how you as data subjects can control our disclosure of such data within the ambit of the Personal Data Protection Act 2010 ("the Act").

"MBSB Bank" or "We" in this Privacy Notice refers to MBSB Bank including its branches in Malaysia as well as its subsidiaries, holding company, our affiliates, our authorized agents, any 3rd parties authorized by MBSB Bank or, as the context may require, any of them.

Your consent is important

When you request information or sign up for our products and services or when you enter into any commercial transactions with MBSB Bank, you may be required to provide MBSB Bank with your personal data. In doing so, you consent to its use by MBSB Bank in accordance with this Privacy Notice. Your personal data may have also been provided to MBSB Bank by a third party (for example your spouse, a company in which you are a director, an officer or a shareholder, or a partnership in which you are a partner or in situations where you act as a guarantor) for products or services that these third parties have sought from MBSB Bank. In this context, the term "you" or "your" in this Privacy Notice extends to any individual whose personal data has been provided to MBSB Bank and/or has been collected in other circumstances as described in "How do we collect your personal data" below.

We may collect your sensitive personal data (including, data relating to your physical or mental health, the commission or alleged commission of offences) if you apply for certain products and services such as health and/or life insurance and/or takaful or home financing, which requires you to disclose such sensitive personal data to us. We will only use your sensitive personal data to provide the service(s) you signed up for. If we collect, use, maintain or disclose your sensitive personal data, we will ask for your explicit consent. You have the choice, at any time, not to provide your personal data/sensitive personal data or to revoke your consent to MBSB Bank processing of your personal data/sensitive personal data. However, failure to provide such personal data/sensitive personal data or revocation of your consent to process personal data/sensitive personal data provided will result in MBSB Bank being unable to provide you with effective and continuous products and services.

What types of personal data do we collect?

Personal data refers to any information that relates directly or indirectly to an individual, who is identified or identifiable from that information or from that and other information in the possession of MBSB Bank, including any sensitive personal data and expression of opinion about the individual.

The types of personal data we collect may include, but is not limited to your name, address, other contact details, age, occupation, marital status, financial information such as your income, or income tax particulars, your identity card or passport, place of birth, credit history and your transaction history.

How do we collect your personal data?

We obtain your personal data in various ways, such as:

When you sign up for or use one of the many services we provide or when you register an account at any MBSB Bank branches.
When you contact MBSB Bank through various methods such as application forms, emails and letters, telephone calls and conversations you have with our staff at a branch. If you contact us or we contact you using telephone, we may monitor the phone call for quality assurance, training and security purposes.
From our analysis of your transactions (e.g. payment history, financing/loan, or deposit balances, credit or debit card purchases).
We may also obtain your personal data when you participate in customer surveys or when you sign up for any of our competitions or promotions.
When we obtain any data and information from third parties (e.g. credit reporting agencies, regulatory and enforcement agencies, employers, joint account holders, guarantors, legal representatives, spouses, parents, guardians, dependents and/or companies/partnership that you are a director, a shareholder or a partner).
When you enter into any commercial transactions with MBSB Bank, including but not limited to, you providing goods and/or services or your professional services.
From publicly available sources.

Personal data we collect from our website

www.mbsbbank.com

An IP address is a number that is automatically assigned to your computer when you sign up with an Internet Service Provider. When you visit our website, your IP address is automatically logged into our server. We use your IP address to help diagnose problems with our server, and to administer our website. From your IP address, we may identify the general geographic area from which you are accessing our website. Generally, we do not link your IP address to anything that can enable us to identify you unless it is required by law and regulations.

Information on Cookies

A cookie is an element of data that a website can send to your browser, which may then be stored on your system. We use cookies in some of our pages to store visitors' preferences and record session information. The information that we collect is then used to ensure a more personalized service level for our users. You can adjust settings on your browser so that you will be notified when you receive any cookies. Please refer to your browser documentation to check if the cookies have been enabled on your computer or to request not to receive the cookies.

What is the purpose of processing your personal data?

We may process your personal data for the following reasons:

To assess your application for any of our products and services.
To verify your financial standing through credit reference checks.
To manage and maintain your account and facility.
To evaluate your financial needs and continue performing the contractual obligations entered between MBSB Bank and you.
To respond to your enquiries and complaints and to resolve disputes.
For internal functions such as evaluating the effectiveness of marketing, market research, statistical analysis and modeling, reporting, audit and risk management and to prevent fraud.
To establish a strategic relationship between you and MBSB Bank.
To evaluate and monitor creditworthiness.
For evaluation and due diligence purposes.
For data processing purposes.
For servicing customers and the provision of products and services to customers.
To evaluate and monitor the provision of services.
To allow MBSB Bank and selected parties to promote the products and services.
For payment/debt collection purposes.
For enforcement of the rights and obligations of other parties to MBSB Bank.
For assessing, processing and investigating takaful/insurance risks and claims.
To enable a party to evaluate any actual or proposed assignment, participation, subparticipation, and/or novation of our rights and/or obligations.
To meet legal and regulatory requirements.
To preserve and protect our offices and automatic teller machines.
For risk management.
To update and enhance our customers' database.
To provide you with regular communication on MBSB Bank's products and services.
For such other purposes as permitted by applicable law and regulations, or with your consent.
For all other relevant purposes incidental and associated with any of the above.

From time to time, we may share your personal data with other entities connected to MBSB Bank being, our agents or strategic partners and other third parties ("other entities") as MBSB Bank deems fit and you may receive marketing communication from us or from these other entities about products and services that may be of interest to you. If you no longer wish to receive the marketing communications, please notify us to withdraw your consent and we will stop processing and sharing your personal data with these other entities for the purpose of sending you marketing communications.

You have a choice to withdraw your consent for receiving marketing or promotional materials and/or communication by contacting MBSB Bank using the contact details as described in “How may you contact us” below. Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials and/or communication, it may take up to seven (7) calendar days for your withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials and/or communication during this period of time. Please note that even if you opt out from receiving marketing and/or promotional materials, MBSB Bank may still contact you for other purposes in relation to the accounts, facilities or services that you hold or have subscribed with MBSB Bank.

To whom do we disclose your personal data?

Your personal data held by us shall be kept confidential. However, in order to provide you with effective and continuous products and services and to comply with any legal and regulatory requirements, we may need to disclose your personal data to:

Other entities within MBSB Bank.
Credit reporting agencies when you apply for any of our credit-based products such as personal financing, home financing etc.
Our agents and service providers with whom we have contractual agreements for some of our functions, services and activities.
Financial service providers (e.g. mortgage brokers, takaful/insurance companies).
Our merchants and strategic partners.
Parties authorized by you.
Enforcement regulatory and governmental agencies as permitted or required by law and regulations, authorized by any order of court or to meet obligations to regulatory authorities.

How do we protect your data?

The security of your personal data is our priority. MBSB Bank takes all physical, technical and organizational measures needed to ensure the security and confidentiality of personal data. If we disclose any of your personal data to our authorized agents or service providers, we will require them to appropriately safeguard the personal data provided to them.

How long may we retain your personal data?

Your personal data processed for any purpose shall not be kept longer than is necessary for the fulfilment of that purposes or as required by the prevailing laws, regulations and internal requirements. Thereafter, we will destroy or permanently delete your data.

Changes to this Privacy Notice

We may review and update this Privacy Notice from time to time to reflect the changes in law and regulations, changes in our business practices, procedures and structure, and the community's changing privacy expectations. If there are material changes to this Privacy Notice, we will notify you by posting a notice of such changes on our website or by sending you a notification directly.

How can you access / correct / update your personal data?

We are committed to ensure that the personal data we hold about you is accurate, complete, not misleading and up-to-date. If there are any changes to your personal data or if you believe that the personal data we have about you is inaccurate, incomplete, misleading or not up-todate, please contact us so that we may take steps to update your personal data.

You have the right to access your personal data. If you would like to request access to your personal data, you may contact MBSB Bank using the contact details as described in “How may you contact us” below. Please note that depending on the information requested you may be subject to a fee and also requirements under the Personal Data Protection Act 2010. We may also take steps to verify your identity before fulfilling your request for access to your personal data.

Further consent pursuant to Credit Reporting Agencies Act 2010

That, pursuant to the Credit Reporting Agencies Act 2010 ("CRA"), we and I/we, the following individuals whether as individuals or as directors/ shareholders / business interest parties do hereby give consent to you to obtain and/or disclose any Credit Information (as defined in the Act) relating to me/our company from and/or to Experian Malaysia Sdn Bhd, CTOS Data System Sdn Bhd, CCRIS, Credit Bureau Malaysia Sdn Bhd or any source deemed appropriate to verify my/our credit history as you and/or Experian Malaysia Sdn Bhd, CTOS Data System Sdn Bhd, CCRIS, Credit Bureau Malaysia Sdn Bhd or any source deemed appropriate may deem fit under any applicable law, regulation, guidelines, regulatory requirement or directive in relation to my/our company's credit application or transaction with you for the following purposes (but not limited to) opening of account, credit evaluation, credit/account review, credit/account monitoring, payment/debt recovery purposes, scoring solutions, legal documentation and/or action consented to a contract or facility granted. Such consent shall remain applicable as long as I/our company am/is maintaining an account/financing/loan/credit/any transaction with you.

How may you contact us?

If you need to contact us, you may visit any of our branches, call our Customer Care Hotline at 03-2096 3000, or visit our website at www.mbsbbank.com. For corporate customers, you may contact our Relationship Manager directly.

We provide the Privacy Notice in English and Bahasa Malaysia. In case of any inconsistencies between the two versions, the Bahasa Malaysia version shall prevail. In case there are inconsistencies on how we collect or use your personal data between this Privacy Notice and the terms and conditions of your specific product or service or other contractual documents, the terms and conditions of your specific product or service or other contractual documents shall prevail.

If you have provided us with personal data of any third party, please ensure that you have obtained the third party's consent in relation to the processing and disclosure of their personal data and that this Privacy Notice has been brought to the attention of any such third party.