Privacy Policy

Regulators of the Bank

The Siam Commercial Bank Public Company Limited (the “Bank”) with its headquarter located at 9 Rutchadapisek Road, Chatuchak, Chatuchak, Bangkok 10900, has obtained a license to engage in commercial banking business under the Commercial Banking Act B.E.2505, and the Bank is a public limited company established under the Public Limited Companies Act B.E.2535 and subject to the supervision of the Bank of Thailand and Ministry of Finance. The Bank is also listed on the Stock Exchange of Thailand in accordance with the Securities and Exchange Act B.E.2535, the Bank is therefore subject to the supervision of the Securities and Exchange Commission.

Respectfulness on Your Privacy Right

The Bank respects your privacy right and recognizes that your expectation is to obtain the highest standard of security in entering into any transactions with the Bank via the Bank's website. Therefore, your information received by the Bank will principally be used pursuant to the purpose permitted by you only and the Bank will proceed with rigorous measures and procedures for security purpose and prevent such information from any unauthorized use without obtaining your prior permission.

Information Collected or Retained by the Bank

The Bank will collect your information, which includes personal information, biometric data (such as fingerprints, face, etc.), transaction data and/or other information, whether provided by you to the Bank or collected by the Bank from your execution of transactions and/or from your use of services via branches, websites, applications, SCB Call Center and/or other channels, or collected by the Bank from reliable sources, such as governmental authorities, financial group companies of the Bank and/or business partners of the Bank, for your benefit in executing transactions and/or using services with the Bank, for providing services to you, for the purpose of the compliance with relevant laws and regulations and/or for any other purposes specified in your consent provided to the Bank. The Bank will keep your information secure under the Bank’s security measures.

 

In case that you use SCB MyCredit Application and give consent to the Bank to access information in relation to phone information, message in phone, contact list, picture, video, file, phone location, calendar information, Google account in phone and/or email account information via such Application, the Bank will collect your information allowed to be accessed for the purpose of creating credit model and increasing of your chance to obtain credit facility. The Bank will keep your information secure under the Bank’s security measures.

 

Use of Your Information

The Bank will use your information in connection with your execution of transactions and/or your use of services, for providing services to you, and for any other purposes specified in your consent provided to the Bank, which includes for the purpose of data analysis, offering, giving, using and/or improving any products and/or services of the Bank. In addition, the Bank may use your information to perform any contractual obligations between the Bank and you and to comply with the relevant laws and regulations of governmental authorities or regulatory body.

 

Disclosure of Information to Third Party

You have privacy right over your information. The Bank will disclose your information to third parties under the following circumstances: 

 

  • the disclosure of information is made to the Bank’s authorized officers and financial group companies, including the Bank’s auditors or external auditors, financial institution and/or any third persons which are the Bank’s partner of contract or having the relationship with the Bank, and/or Cloud Computing service providers, in Thailand or overseas.
  • the disclosure of such information is for the purpose of executing the transaction and/or using services required by you;
  • the disclosure of such information is made to a credit bureau where the Bank is a member;
  • the Bank is legally compelled or required to disclose such information for any investigation or legal proceeding;
  • the disclosure of such information is made in compliance with any laws, orders or instructions of any governmental authorities or regulatory body; or
  • the Bank has obtained consent or permission from you to disclose such information to such person.

 

Rights in relation to Your Information for the Use of Verification and Authentication Service with the Bank via Digital Channel

In case you use Verification and Authentication Service with the Bank via digital channel, you have the rights regarding your own information that the Bank is holding, as follows:

 

  • Right to access to your information;
  • Right to request the Bank to rectify your inaccurate or incomplete information, and to keep your information up-to-date;
  • Right to request your information to be deleted or destroyed, except where the Bank is required by laws to retain such information;
  • Right to request a restriction to process your information, except where the Bank holds contractual obligations towards you or holds legitimate grounds to continue such processing; 

 

To exercise your rights, please make a request to the Bank via SCB Call Center at +662-777-7777 and/or other channels prescribed by the Bank (in case of children below 20 years old, the request must be made by their parent or legitimate representative). After receiving such request, the Bank shall inform you within thirty days of the result of such request. If the Bank rejects your request, the reason of such reject will be specified.

General Security Measures and Procedures

A) User ID and Password

Rigid security system is applied by the Bank in order to protect your information from being accessed without your permission. Further to normal process required for internet access of the Bank's system, the Bank does not have policy to contact you directly for inquiry of your User ID, Password, account number or your personal information. Hence, if you detect or spot any of such actions other than normal process needed to be rendered for your access to the Bank's system via Internet, please inform the Bank at SCB Call Center at +662-777-7777 or at the Bank's division in charge of such service provision.

You should keep your User ID and Password at utmost confidential. Please do not write them down or record them in or on any media or disclose them to any person(s) in order to ensure you that you are the only person knowing your User ID and Password. The Bank does not and will not have any policy to query you for them. If you are in doubt that your User ID and/or Password may have been disclosed to any third person or lost or stolen and that there were any transactions executed without your authorization, please notify the Bank promptly.

The Bank knows your User ID and Corporate ID, but only you know your Password. Strict security system is focused on by the Bank to ensure that your Password is truly and well protected. You, however, should be aware of the following guidelines and comply with these recommended measures in order to protect and maintain your privacy rights in connection with your using of the Bank's electronic services:

 

  • do not allow any person to see your Password when you are logging in the Bank's website;
  • memorize your Password and do not record it on any place;
  • change your Password regularly and do not re-use your recent Password;
  • do not use any of your personal information as Password which may be guessed easily; such as, family name, telephone number, date of birth, etc.;
  • at least 6 characters are required to identify your Password, each of which could either be a number or a letter, and any words contained in the dictionaries should not be used as your Password;
  • do change your Password immediately upon your uncertainty as to whether your Password is known by any other person(s) or not;
  • do not allow or authorize anyone to access the system by using your User ID and Password, including Corporate ID as you will have to be responsible for all actions and transactions executed by using those Corporate ID, User ID and Password;
  • use your User ID, Corporate ID and Password with your private computer on which you may rely and be able to ensure that there is no equipment or software installed on it that could retrieve or disclose such User ID, Corporate ID and Password to other person(s); and
  • public computers are not recommended for use; such as, computers in any Internet Cafes, since there might be some computer program installed on those computers that could detect and retrieve your material information.

 

B) Token Device and Token Code

A Token Device is a device for generating a Password in order for you to access the system fo one time only (One Time Password). Prior to your use of the Token Device, a Token Code is to be known in order to generate your Password via Token Device.

Certain corporate customers may obtain Token Devices and Token Codes for system accessing and executing in financial transactions whereby such Token Devices and Token Codes are needed to be used together with their Corporate IDs, User IDs and Passwords. However, it is at the Bank's discretion as to whether a corporate customer will obtain such a Token Device or not.

Any person obtaining the Token Device and Token Code for accessing the system should be aware of the following guidelines and comply with these recommended measures in order to protect and maintain your privacy rights:

  • do not allow anyone to see your Token Code while you are using the Token Device for system accessing;
  • memorize your Token Code and do not record it on any place;
  • change your Token Code regularly and do not re-use your recent Token Code;
  • do not use any of your personal information as Token Code which may be guessed easily; such as telephone number, date of birth, etc;
  • do change your Token Code immediately upon your uncertainty as to whether your Token Code is known by any other person(s) or not;
  • do not allow or authorize anyone to use your Token Device and Token Code as you will have to be responsible for all actions and transactions executed by using those Token Device and Token Code; and
  • keep your Token Device in a safe place from where any other persons may not steal or know.

 

Additional Technology Used for Security

In addition to general security measures and procedures stated above, the Bank also employs the following leading edge technologies to protect your private information:

  • Intrusion Detection: Intrusion Detection is a system software used for checking up and detecting any intrusion into the system without authorization. The most efficient intrusion detection system is employed by the Bank and such system is regularly updated.
  • Firewall: Firewall is a software system that will allow only the person authorized by the Bank to access the information. In this regard, Double Firewall Protection is employed by the Bank.
  • Scan Virus: In addition to high efficient scan virus software installed onto all computers of the Bank which has been regularly updated), Scan Virus Software for the server is also specifically installed.
  • Secured Socket Layer ("SSL"): SSL is an encryption technology for information access. This encryption technology is applied in order to prevent any information from being detected while transmitted via Internet. By using this technology, any person wishing to detect or grasp information will not be able to understand the information detected or grasped. Moreover, this technology is used for confirmation as to the existing of the Bank's website. The Bank uses 128 Bits Secured Socket Layer for transferring data.
  • Data Encryption: Data Encryption is employed in respect of vital information; such as, Password which is the information on where stringent security is concentrated by the Bank. Complex algorithm is always used prior to transferring those data into the Bank's databases. In this way, there will be no person knowing such vital information, including the Bank's officers.
  • Cookies: Cookies are small computer files that temporarily collect necessary information in your personal computer in order to facilitate and expedite your communication. The Bank recognizes your privacy right; therefore, the Bank tries to avoid using Cookies. If the Bank deems that using Cookies is necessary in some certain aspects, due care in using Cookies will be rendered, and your security and privacy right are first priority of the Bank.
  • Auto Log Off: You should log off every time when you have completed your transactions via the Bank's services. Should you forget to log off, the system will, for your security, be automatically logged off within an appropriate period of time for each use of the services.

 

Security Tips

Although high security standards, technologies and procedures are employed by the Bank to help unauthorized access to your private or confidential information as discussed above, it is envisaged by everyone that there is currently no security measure that could absolutely prevent your information from being attacked by computer virus or worm or being accessed by unauthorized persons. Therefore, the Bank recommends that the following procedures should also be observed and followed:

 

  • be careful when download freeware via the Internet. Always check the address of the website that you enter before login to prevent accessing to false website;
  • anti-virus software should always be installed on your personal computer and be updated regularly;
  • personal firewall software should be installed for protection against any crackers or hackers;
  • keep yourselves updated in respect of computer news;
  • check your financial status regularly for security purpose; such as, account balance, transaction date, etc.;
  • always sign off the system after completing your transaction. Do not leave your computer unattended during the transaction;
  • keep your personal information, financial status or credit card number confidential. Personal information should not be disclosed on websites that are not certified by a trusted Internet security solution provider; and
  • avoid opening Junk mail.

 

Changes to this Privacy Policy

You can access to the latest Privacy Policy of the Bank via this website. The Bank reserves its rights to make any changes to this Privacy Policy at any time. The Bank shall inform you as soon as possible, in case the Bank has made any substantial change that may affect to your privacy right.

 

Communication with the Bank

If you want any assistance from the Bank regardless of whether such assistance is required in respect of any additional information, any errors, any doubts of your account movement, or any transactions previously executed without your permission, you yourselves shall have to inform the Bank by contacting SCB Call Center at +662-777-7777 or by writing a letter to the Bank's department by which the relevant service is being or was previously provided without any delay. In connection with this, you shall have to provide the Bank with the following details:

 

  • your name and account number;
  • estimated amount of errors;
  • type of transaction or activity, including the date and time of occurrence thereof;
  • details of errors and reference code (if any); and
  • your reachable contact name and address, including your e-mail address (if any).

After the Bank receives information of any errors or irregular activity incurred as stated above, the Bank will investigate such error or irregularity promptly and inform you the result of such investigation as soon as possible.