I. Introduction

This statement relates to P.T. Bank Negara Indonesia (Persero) Tbk Singapore Branch ("BNI SG"), and outlines BNI SG's policy in respect of compliance with the obligations under the Personal Data Protection Act 2012 (the "PDPA") in relation to the collection, use and disclosure of personal data. This statement relates to personal data supplied by you to BNI SG on this website, as well as to personal data supplied by you to BNI SG in the form of hard copy mediums.

II. Objective

The fundamental objective of this policy is to simultaneously establish and affirm BNI SG's commitment to protecting the personal data and consequently the privacy rights of individuals in accordance with BNI SG's obligations under the PDPA.

III. Definition

"Personal data" means data, whether true or not, about an individual who can be identified: (a) From that data; or (b) From that data and other information to which the organisation has or is likely to have access. It does not include business contact information, unless such information was given solely for personal purposes.

IV. Data Protection Principles under the PDPA

BNI SG is committed to performing its obligations with the Data Protection Principles contained in the PDPA. In short, unless exceptions under the PDPA apply, BNI SG will:

1. Obtain consent of an individual before collecting, using, or disclosing the personal data for a purpose;
2. Collect, use or disclose personal data only for purposes that a reasonable person would consider appropriate in the given circumstances;
3. Inform the individual of the purposes for the collection, use, or disclosure of the personal data, on or before collecting the personal data;
4. Allow individuals to verify and correct the personal data that is in BNI SG's possession or control;
5. Make a reasonable effort to ensure that personal data collected by BNI SG is accurate or complete, if it is likely to use the personal data to make a decision affecting the individual concerned, or to disclose the personal data to another organisation;
6. Put in place reasonable security measures to protect the personal data in BNI SG's possession or control;
7. Destroy personal data as soon as it is reasonable to assume that the personal data no longer serves the purpose of collection and the retention is no longer necessary for legal or business purposes;
8. Not transfer personal data outside Singapore unless the transfer complies with the PDPA requirements;
9. Develop data protection policies and dispose information about such policies to the public; and
10. Be responsible for the personal data in BNI SG's possession or control, including personal data that is being processed by its data intermediaries.

V. How BNI SG uses your information

The personal data collected from you by BNI SG is valuable in improving BNI SG's range of services. In this regard, BNI SG would like to provide its assurance that your personal data will be treated as confidential. BNI SG will also use your personal data for the purposes of ensuring our services to you are kept at the highest level and also for keeping you informed about our products, services and other opportunities within BNI SG that you might be interested in.

VI. Data security

BNI SG has put into place security measures which protect personal data from manipulation, loss, destruction, and which protect personal data from being accessed in an unauthorized manner.

VII. Retention

The personal data collected from you by BNI SG is retained for the period of time that the purpose for which the personal data was collected continues. Thereafter, BNI SG will destroy the personal data, unless it is necessary to retain the personal data longer for BNI SG's satisfaction of legal, regulatory or accounting requirements, or to protect BNI SG's interest.

VIII. Disclosure

BNI SG will not disclose your personal data to an external party, unless BNI SG has your consent or is under a legal obligation or any other duty to do so.

IX. Transfer of data to other countries

The personal data collected from you by BNI SG may be transferred within the BNI Group. This will include transfer to other parts of the Group in other countries which may not have a level of data protection equivalent to Singapore. However, BNI SG pledges its intention to comply with the PDPA and will ensure that organisations in other countries which receive personal data from BNI SG will be aware of the protection as specified by the PDPA. In doing so, we will ensure compliance by our staff with the strictest standards of security and confidentiality.

X. Cookies

It is common practice to use cookies to "remember" information about your preferences when you visit our website. You may set up your web browser to accept or reject our cookies. Most Internet browser software can be set such that all cookies are blocked, or to enable you to receive a warning before the storage of a cookie.

XI. Your rights and how to contact us

You may request access and correction to your personal data that is held by BNI SG under certain circumstances. If you wish to access or request for the correction or deletion of any personal data that is held by BNI SG, or if you wish for clarification on any questions that you may have regarding BNI SG's Data Protection and Privacy Statement, you may write to BNI SG as per the contact details furnished below:

XII. Changes to our website privacy statement

BNI SG updates its Website Privacy Statement from time to time. Hence, we advise that you regularly check this Website for the purposes of familiarising yourself with the latest version of the BNI Singapore Data Protection and Privacy Statement.