Personal information handling policy

Our business has been built on trust between our customers and ourselves. To preserve the confidentiality of all information you provide to us, we maintain the following privacy principles:

  1. We only collect personal information that we believe to be relevant and required to understand your financial needs and to conduct our business.
  2. We use your personal information to provide you with better customer services and products.
  3. We may pass your personal information to other HSBC Group companies or agents, as permitted by law.
  4. We will not disclose your personal information to any external organization unless we have your consent or are required by law or have previously informed you.
  5. We may be required from time to time to disclose your personal information to Governmental or judicial bodies or agencies or our regulators, but we will only do so under proper authority.
  6. We aim to keep your personal information on our records accurate and up-to-date.
  7. We maintain strict security systems designed to prevent unauthorized access to your personal information by anyone, including our staff.
  8. All HSBC Group companies, all our staff and all third parties with permitted access to your information are specifically required to observe our confidentiality obligations.

By maintaining our commitment to these principles, we at HSBC will ensure that we respect the inherent trust that you place in us.

Your privacy matters to us

In order to guarantee and secure safe transactions by carefully protecting your personal information, the Hong Kong and Shanghai Banking Corporation (the "Bank") complies with the provisions regarding the protection of personal information in the Act on Promotion of Utilization of Information and Communications Network and the Personal Information Protection Guidelines. Our Personal Information Handling Policy may change in accordance with changes in the applicable laws or policies of the financial supervisory authorities or change in the Bank's policy. We hope you will understand how preciously we protect your personal information, and kindly ask for your cooperation to allow us to provide superior services to you.

Security is our top priority. The Bank will strive at all times to ensure that your personal data will be protected against unauthorized or accidental access, processing or erasure. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal data.

The secure area of our website supports the use of Secure Socket Layer (SSL) protocol and 128-encryption technology an industry standard for encryption over the Internet to protect data. When you provide sensitive information such as credit card details, it will be automatically converted into codes before being securely dispatched over the Internet.

Our web servers are protected behind firewalls and our systems are monitored to prevent any unauthorized access. We will not send personal information to you by ordinary email. As the security of ordinary email cannot be guaranteed, you should only send email to us using the secure email facility on our website.

All practical steps will be taken to ensure that personal data will not be kept longer than necessary and that the Bank will comply with all statutory and regulatory requirements under the Act on Promotion of Utilization of Information and Communications Network and the Personal Information Handling Policy concerning the retention of personally identifiable information. We limit the number of employees handling personal information as much as possible, and hold training sessions to ensure compliance with this policy. We monitor our employees on an ongoing basis to check for compliance with our policy, and we take corrective measures whenever problems are discovered.

Security assurance

Both you and HSBC play an important role in protecting against online fraud. You should be careful that your bank account details including your User ID and/or Password are not disclosed by ensuring that you do not knowingly or accidentally share, provide or facilitate unauthorized use of it. Do not share your User ID and/or password or allow access or use of it by others. We endeavor to put in place high standards of security to protect your interests. If, in the unlikely event, unauthorized transactions have been conducted through your account through no fraud, fault or negligence on your part, we will see that you are covered for your direct loss up to the full amount of the unauthorized transaction.

You should safeguard your unique User ID and Password by keeping it secret and confidential. Never write them down or share these details with anyone. The Bank will never ask you for your Internet Banking Password, in order to ensure that you are the only person who knows this information. When choosing your unique User ID and Password for the first time, do not create it using easily identifiable information such as your birthday, telephone number or a recognizable part of your name. If you think your User ID and/or password has been disclosed to a third party, is lost or stolen and unauthorized transactions may have been conducted, you are responsible to inform us immediately.

Our business has been built on trust between our customers and ourselves. We have a duty to safeguard and keep confidential any information relating to our customers or their financial affairs. Whether it is provided to us in person at one of our branches, over the phone, when using an ATM or while visiting this site, we will strive at all times to ensure that the information is kept confidential and secure.

Personal information handling policy and personal information collection

The Bank will not collect any personal information that identifies a visitor to this site individually unless specified otherwise. Your visit to this site will record only the Domain Name Server part of your e-mail address and of the pages visited. Such information will be used to prepare aggregate information about the number of visitors to the site and general statistics on usage patterns.

Use of cookies

Your visit to this site may be recorded for analysis on the number of visitors to the site and general usage patterns. Some of this information will be gathered through the use of "cookies". Cookies are small bits of information that are automatically stored on a person's web browser in their computer that can be retrieved by this site. Should you wish to disable these cookies you may do so by changing the setting on your browser.

  • The Cookies setting (ex. Internet Explorer) : Menu on Browser > Internet Options > Personal Information
  • There might be the service interruption if you set to disable the cookies.

Marketing promotions

Occasionally we may collect personal information from visitors to this site and those individuals that participate in a contest or promotion (online or over the telephone, or at one of our branches). Such information is only collected from individuals who voluntarily provide us with their personal information. We may use this information to advise them of products, services and other marketing materials, which we think, may be of interest to them. We may also invite visitors to this site to participate in market research and surveys and other similar activities. You can choose to receive marketing and other promotional materials by email. If you do receive email or promotional direct mailings, you will always have an opportunity to opt-out. If at any time you would like us to cease sending you direct mailings, please contact us. We will then, at no cost to you, act on your request within 30 days and ensure that you are not included in future direct marketing promotions. If we do ask you to provide personal information, we will always specify the purpose for which such personal information is collected and ensure that it is only used for the purpose specified at the time of collection.

Consent for personal information collection

The Bank collects personal information by the consent procedure according to Personal Information Handling Policy.

Collection of personal information, purpose of usage, and items subject to collection

HSBC requests for the basic customer information including customer name, NID, address, phone number and e-mail address in order to abide by the Real Name Financial Transaction Act and provide the appropriate financial services to customers. The information provided by customer is used for financial services and information provision such as authentication of financial transaction and provision of financial information. Also, it could be used for the record tracking of customer complaint handling and conflict settlement such as service related customer consultation and complaint handling. In addition, the bank may collects the information needed for the internet banking transaction in accordance with Article 21 (Responsibility to Secure the Safety) and Article 22 (Creation and Preservation of Electronic Financial Transaction Record) of the Electronic Financial Transactions Act.

Information items subject to collection and the purpose of usage are as follows:

  • Tracking and search for details of electronic financial transaction: customer ID, access date and time, IP address, HDD serial, MAC Address, etc.
  • Statistics data for security policy establishment: Personal firewall setup, OS type, OS version with service pack version, remote access setup, browser version, keyboard type, etc.

Period of retention and use

We will maintain and protect all personal information during the use of our services.

Destruction process of personal information

The Bank destruction personal information when the services are discontinued. The termination procedures are the following;

  • Destruction Procedure
    • When request is received, your personal information is terminated immediately after keeping your personal information according to the Bank’s internal guidelines and related laws by Information Protection. The personal information is not for used except for the retention required by related laws.
  • How to destruct     
    • Shredding or incineration for personal information on paper
    • Irreversible termination by systematic technique on personal information on electronic file.

Maintaining confidentiality

Unless we receive your consent, we will not use personal information received from you other than for the purposes stated to you at the time we collected such information. We will not provide your personal information to a third party without your consent, other than as required by law, or in order to continue financial transactions with you or to exercise HSBC's rights with respect to such financial transactions. We will assume full responsibility in case we make unauthorized use or disclosure to any third party.

View, correction, deletion and withdrawal of consent

Through our established procedures, you may at any time inspect and correct your registered information, and you may also request to have your user I.D. cancelled. In addition, through our established procedures, you may withdraw your consent to have your information disclosed to a third party. However, such withdrawal will not be effective against disclosures made prior to such withdrawal. If you have any complaints or suggestions to make with respect to personal information, please make them known by telephone or e-mail to our Personal Information Management Officer. As soon as practicable after receiving such communication from you, we will take action and inform you of the results thereof.

Right and exercise by the user and legal representative

The user and legal representative could check, change his personal information after the verifications and request to close the account anytime for himself and children under fourteen years of age under his lawful guidance. Or you may contact Personal Information Management officer to change the personal information contact through a written letter, telephone or email. The Bank should not use or provide requested personal information to any other parties until the modification is made. The Bank maintains the procedure of destruction requested by the user and legal representative according to "Period of Retention and Use", and prevents to use or inspect for any other uses.

Contact us

Requests for access to data or correction of data or for information regarding policies and practices and kinds of data held should be addressed to:

Personal information management officer

The Bank's Personal Information Management Officer is as follows Department: HSBC Technology & Services

Title: Chief Technology & Services Officer
Name: Mi Seon Lim
Contact Information:
Tel: 02)2004-8000 / FAX: 02)318-9109
Address : The Hongkong and Shanghai Banking Corporation Limited, HSBC Building #25, 1-Ka, Bongrae-Dong, Chung-Ku, CPO Box 6910, Seoul, Korea

Please forward any questions or suggestions you may have relating to our personal privacy policy or Internet services to our Personal Information Management Officer.

IMPORTANT: By accessing this website and any of its pages you are agreeing to the terms set out above. Thank you for choosing HSBC.