You are leaving the site
ttbbank.com to another website
TMBThanachart Bank Public Company Limited (the “Bank”) realizes about the importance of the security of your personal data as (1) you are a person who has used the Bank’s products and services whether you are existing customer, former customer or to-be customer (“prospect customer”) or (2) a person apart from the definition including in (1) but not limited to employees, candidates, staff, officer, legal representative, contact persons, service providers, visitors, guest, representative, shareholders, directors, or authorized persons acting on behalf of their organization. Therefore, the Bank provides advanced personal data security measures and strict operating procedures to ensure that the security of your personal data is in place to prevent unauthorized access, misuse, unlawful process with dishonest intent that may cause damage, change or loss of personal data in accordance with the Personal Data Protection Act B.E. 2562 ("Personal Data Protection Act"), relevant laws and regulations.
“Personal data” under applicable law means any data of an individual person which can identify yourself whether directly or indirectly (except for the deceased) that the Bank has received it from you directly or obtained from any reliable sources, such as Department of Business Development (DBD) under Ministry of Commerce, Department of Provincial Administration under Ministry of Interior, Department of Consular Affairs under Ministry of Foreign Affairs, Legal Execution Department under Ministry of Justice, National Credit Bureau, including but not limited to financial institutions and companies in ttb financial group, business partners and financial advisors, etc.
There are two kinds of personal data that the Bank collects, uses and discloses customer’s data; general personal data and sensitive data hereinafter referred to “data” with the following details:
Sensitive Data means any personal data that considered as a private information that may cause unfair treatment such as race, religion, politic opinion, criminal record, labor union, disability record, genetic information, health record, credit information, biometric information used for verification purpose i.e. fingerprint, facial recognition, iris scan, or voice recognition etc.
The Bank may collect your personal data including but not limited to the personal data as follows:
Slide for more information.
|Identifiable information or status||Contact information||Products information and others|
The Bank may receive personal data from:
In the event that the Bank cannot use contractual basis for collecting personal data or apply legal obligation or legitimate interest for such activity, the Bank may request your consent for the collection, use or disclosure of your personal data in order to provide you with the best benefit that fits with your need. The bank is obliged to clearly state the purpose of collecting your personal sensitive data, latitude and longitude etc.
However, to consider giving consent in this item will not affect any benefits that you will receive from holding products and services under the contract. The benefit that you will receive from giving consent is that the Bank can offer products or services that truly meets your needs. However, if you do not give consent to the Bank, the Bank may not be able to offer products or services that meet your needs. In other hands, it might cause losing opportunities of receiving full benefits you deserve.
The Bank will collect, use and disclose your personal data by taking into account the accuracy and completeness of your personal data.
The Bank will not disclose your personal data to anyone except (a) you gave the permission to the Bank via your consent or (b) that processing activities are prescribed in Term and Condition of Agreement (T&C) or according to your purpose before signing a contract with the Bank or (c) in compliance with the applicable laws or the order of regulatory authorities, governmental sections or any related regulatory authorities or (d) the Bank’s legitimate interest or (e) other applicable lawful basis
Regarding the abovementioned rights to disclose your personal data to other parties, the Bank will disclose your personal data to the following persons:
Slide for more information.
|The recipient of personal data from the bank||Details|
|ttb financial group||The Bank may disclose your personal data to subsidiaries within the financial group for the specified purposes or according to your consent under this policy (refer to Business Group Structure at https://www.ttbbank.com/en/about-us/corporate-group-structure)|
|Third parties or service providers/contractors||
The Bank may hire third parties such as service providers, business partners, subcontractors including but not limited to the Bank’s representative in abroad to act on behalf of the Bank or support the Bank’s selling activity to serve you. For this event, the Bank may disclose your personal data to these parties, for example:
|Interested parties in right transferred and/or transactions right transferred assignees or mergers and acquisitions of the Bank||
In the event that the Bank has conducted reorganization, debt restructuring, merger, right transfer, liquidation or any other event of the same nature, the Bank may have to disclose your personal data to
|Government sectors and regulators||
In order to comply with laws and regulations, the Bank is obligated to disclose your personal data to
|Consultant or professional advisors||
The Bank may disclose your personal data to below parties for banking operations purposes:
For your best interest in receiving the best products and services, the Bank may disclose your personal data to
When you visit our website, cookies with different purposes will be applied based on the categories listed below.
In addition, the Bank also would like to use Targeting & Advertising Cookies to gather information about your browsing statistic in order to provide you with the advertisements that may interest you and to offer you the most relevant benefits. You can voluntarily choose to allow our website to collect these cookies by clicking the 'allow us' button. Declining these cookies will not impact your surfing activity on ttb’s website. However, by doing so, you may find the online advertisements you encounter may be less relevant to you.
If you would like to delete the Targeting & Advertising Cookies on ttbbank.com, please click here.
The Bank has set policies, guidelines and minimum standards for your personal data management covering administrative safeguard, technical safeguard and physical safeguard to implement proper measures for personal data processing activities and data breach prevention, for instance, IT Security Standard or Data Protection Operating Procedures, etc.
The Bank has updated the policies, operating procedures and minimum standards on a regular basis in line with relevant laws. Besides, the Bank requires the Bank’s employees, outsources and service providers to maintain the confidentiality of your personal data in accordance with the agreements signed with the Bank.
In the event that the Bank has to send or transfer your personal data outside Thailand as part of the banking operations process, for example, sending or transferring personal data to be stored on the platform or on Cloud or servers located in foreign countries, sending or transferring international money transfer transactions (SWIFT) information to other financial institutions located abroad through service providers that act as intermediaries for handling international money transfers, etc. and the Bank realizes that the destination country has a lower data protection standard than the Bank, the Bank will take necessary and appropriate measures to protect personal data in line with confidentiality and security standard including signing agreements with those countries to ensure that your personal data will be protected under personal data protection standards that equivalent to Thailand’s.
As you are the owner of your personal data in accordance with the Personal Data Protection Act, you can exercise your rights as follows:
You have the right to withdraw your consent for collecting, using and disclosing your personal data at any time unless there is a legal limitation or it states in the agreement that benefits you. The consent withdrawal will not affect the use of the products or services you have or any of your benefits as prescribed in the agreement.
You have the right to know and obtain a copy of your consent for the collection, use and disclosure of personal data (PDPA consent) and the latest version of Market Conduct Consent for marketing purposes provided to the Bank including but not limited to the personal data the Bank obtained from other sources.
You have the right to obtain information about you from the Bank in PDF (standard) format, which will be delivered to you directly via the defined channel you have provided to the Bank.
In the case that you request the Bank to transfer your personal Data to another data controller, the Bank will only process the information you directly gave to the Bank or from the agent who can legally act on your behalf, but it does not cover the information the Bank generates for internal use as well as for operating activities within the ttb financial group in accordance with the law and as a hedge against potential risks to assets, ttb staff and reputation of the Bank, etc.
You have the right to object to the collection, use and disclosure of personal data for direct marketing through specific channel such as email, SMS or letter for marketing purpose covering both products and services of the whole financial group and the Bank’s business partners.
You have the right to ask the Bank to delete or destroy or make personal data to be non-identifiable information in the event that your personal data is no longer necessary, its retention period ends prescribed by related laws or regulations, or when personal data has been unlawfully collected, used and disclosed.
You have the right to request the Bank to suspend the use of personal data in the event that the Bank is in the process of reviewing your request or you change your mind to ask the Bank to suspend the use of personal data instead of deleting it from the Bank's storage after data retention period is expired for the establishment of legal rights, exercise of statutory claims or litigation of statutory claims.
You have the right to ask the Bank to rectify the information so that the data is accurate, up-to-date, complete and does not cause misunderstanding.
You have the right to file a complaint to the Bank and its data processor in the case of data privacy infringement and data breach.
In the event that you are not over 20 years of age or are limited in the ability to do legal acts, you can request to exercise your right by your parents or the authorized persons to act on your behalf.
In addition, you have the right to file a complaint to the committee specialists in the event of the Bank or data processors including employees or contractors of the Bank violate or not comply with the Personal Data Protection Act including but not limited to the secondary laws, ministerial regulations or any regulation issued under such laws.
Nevertheless, the Bank has the right to refuse your request if such request is contrary to law or court order, or it affects the rights and liberties of other people, or it is a request that does not specify a valid reason, or the Bank has technical limitations that cannot process your request. The Bank is obliged to notify you in writing with the reason for the refusal.
The Bank has the right to collect, use and disclose your personal data that the Bank has collected prior to the date of the Personal Data Protection Act shall full enforcement on 1 June 2022 according to the original purpose that you have given consent to the Bank.
If you do not want the Bank to collect, use and disclose your personal data anymore and that request is not against any law and not infringe on the privacy rights of others, you can request the Bank to withdraw your consent via the Bank’s provided channels at any time.
As a data subject, you can contact the Bank to exercise your rights prescribed in PDPA via the following channels:
Slide for more information.
|Data Subject Rights||Channels|
|ttb website||DPO email||RM|
|1. Right to withdraw consent||●||●||-||-||-|
|2. Right to object||●||●||-||-||-|
|3. Right to complain||●||●||-||-||●|
|4. Right to rectification||●||●||-||-||-|
|5. Right to get copy (fill-in request form) *||●||-||-||-||-|
|6. Right to access (fill-in request form) *||●||-||●||●||●|
|7. Right to data portability (fill-in request form) *||●||-||●||●||●|
|8. Right to be forgotten when data retention is expired as required by law (fill-in request form) *||●||-||●||●||●|
|9. Right to restriction of data processing (fill-in request form) *||●||-||●||●||●|
Remark: To exercise data subject rights under item 6-9, please fill-in the request form and submit to DPO for consideration via email to email@example.com or via post to Data Protection Officer (DPO), TMBThanachart Bank Public Company Limited, 3000, Phaholyothin Road, Chomphon Sub-district, Chatuchak District, Bangkok 10900
For any complaint that are not related to your personal data, such as reporting problems about ttb applications, unpleasant manners of the Bank staff, interest rates inquiry, or asking for loan application status, you can contact ttb contact center at 1428 or +66 2241 1428 for customers in abroad, ttb branches nationwide at your convenient location or email firstname.lastname@example.org and email@example.com
In this regard, the Bank may review or update this policy from time to time to comply with the Personal Data Protection Act or secondary laws, regulations, new announcements of government agencies and will publish it on the bank's website (https://www.ttbbank.com/en/policy/privacy) as soon as possible
Version [February 2023]