Top of main content

Privacy and security

This section provides specific details of how we treat any personal information you might wish to provide us when you visit this site.

Table of contents

HSBC's Privacy Principles

Our business has been built on trust between our customers and ourselves. To preserve the confidentiality of all information you provide to us, we maintain the following privacy principles:

  • We only collect personal information that we believe to be relevant and required to understand your financial needs and to conduct our business, as long as we have your consent, which may be removed at any time, by formally informing us.
  • We use your personal information to provide you with better customer services and products.
  • We may pass your personal information to other HSBC Group companies or agents, as permitted by law.
  • We will not disclose your personal information to any external organisation unless we have your consent or are required by law.
  • We may be required from time to time to disclose your personal information to Governmental or judicial bodies or agencies or our regulators, but we will only do so under proper authority.
  • We aim to keep your personal information on our records accurate and up-to-date, for as long as may be required and for the applicable retention period, when no longer required. You may request rectification of your personal information anytime. 
  • We maintain strict security systems designed to prevent unauthorised access to your personal information by anyone, including our staff.
  • All HSBC Group companies, all our staff and all third parties with permitted access to your information are specifically required to observe our confidentiality obligations.

By maintaining our commitment to these principles, we at HSBC will ensure that we respect the inherent trust that you place in us.

Should you wish to submit a complaint with regards to the handling of your data, you may do so at our branches, at our complaints counter, by telephone, by letter and email.

Customers may also contact us by phone from 8.45 am to 10.00 pm everyday on the following Customer Service Lines:
Contact Method
Contact details
Contact Centre for local calls only (Phone)
8001234
Contact Centre for overseas calls (Phone)
+230 4030750
Customers may also contact us by phone from 8.45 am to 10.00 pm everyday on the following Customer Service Lines:
Contact Method
Contact Centre for local calls only (Phone)
Contact details
8001234
Contact Method
Contact Centre for overseas calls (Phone)
Contact details
+230 4030750

Data Subject Rights

  • Right to be informed
  • Right to request/access data
  • Right to request erasure of data
  • Right to rectify inaccuracies
  • Right to object/restrict to the processing

 

Where the personal data are not or have not been collected from you, we shall not be required to provide information where the processing is expressly prescribed by law or this proves to be impossible or involves a disproportionate effort.

We shall not accede to any request where:

  • We have to comply with a legal obligation to process the personal data to which we are subject or for the performance of a task carried out in the public interest; or 
  • For the establishment, exercise or defence of a legal claim

Right to be informed

HSBC is committed to comply with the provision of the law with respect to data protection. As data subject, you will be informed of the purpose/s for which the data are being collected; the identity and contact details of the controller/representative; the intended recipients of the data; where applicable, that the controller intends to transfer personal data to another country and on the level of suitable protection afforded by that country; whether or not the supply of the data is voluntary or mandatory; the existence of automated decision making.

You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

You have the right to lodge a complaint with the Data Protection Commissioner.

Right to request/access data

Upon a written request you have the right to access your personal data. We shall use reasonable means to verify your identity and provide you at reasonable intervals, without excessive delay and free of charge the requested information.

If the request is manifestly excessive, we may charge a fee for providing the information or taking the action requested, or else the requested action will not be taken

Within one month (period may be extended for a further month depending on the complexity and the number of request) of the receipt of your request, we shall inform you in writing, whether or not any action has been taken pursuant to your request;

If no action is taken we shall, within one month of the receipt of your request:

  • inform you in writing of the reason for the refusal and
  • on the possibility of lodging a complaint with the Data Protection Commissioner

Right to request erasure of data

Following a written request and after verification of your identity, we shall erase your personal data where:

  • there are no overriding legitimate grounds for the processing;
  • you withdraw your consent on which the processing is based and where there is no other legal ground for the processing;
  • the data are no longer necessary in relation to the purpose for which they were collected or otherwise processed;
  • the personal data have been unlawfully processed.

We will inform third parties processing the personal data about your request for the erasure of any links to, or copy or replication of, the personal data.

Right to rectify inaccuracies

Following a written request and after verification of your identity, we shall proceed with your request and you will be informed accordingly.

Right to object/restrict to the processing

You have the right to object to direct marketing which includes profiling.

Your privacy matters to us

This section provides specific details of how we treat any personal information you might wish to provide us when you visit this site.

Data security

  • Security is our top priority. The Hongkong and Shanghai Banking Corporation Limited ('the Bank') will strive at all times to ensure that your personal data will be protected against unauthorised or accidental access, processing or erasure. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal data.
  • The secure area of our website supports the use of Secure Socket Layer (SSL) protocol and 128-encryption technology - an industry standard for encryption over the Internet to protect data. When you provide sensitive information such as credit card details, it will be automatically converted into codes before being securely dispatched over the Internet.
  • Our web servers are protected behind "firewalls" and our systems are monitored to prevent any unauthorized access. We will not send personal information to you by ordinary email. As the security of ordinary email cannot be guaranteed, you should only send email to us using the secure email facility on our website.
  • All practical steps will be taken to ensure that personal data will not be kept longer than necessary and that the Bank will comply with all statutory and regulatory requirements concerning the retention of personally identifiable information.

Security assurance

  • Both you and HSBC play an important role in protecting against online fraud. You should be careful that your bank account details including your User ID and/or Password are not compromised by ensuring that you do not knowingly or accidentally share, provide or facilitate unauthorised use of it. Do not share your User ID and/or password or allow access or use of it by others. We endeavor to put in place high standards of security to protect your interests
  • You should safeguard your unique User ID and Password by keeping it secret and confidential. Never write them down or share these details with anyone. HSBC will never ask you for your Internet Banking Password, in order to ensure that you are the only person who knows this information. When choosing your unique User ID and Password for the first time, do not create it using easily identifiable information such as your birthday, telephone number or a recognisable part of your name. If you think your User ID and/or password has been disclosed to a third party, is lost or stolen and unauthorised transactions may have been conducted, you are responsible to inform us immediately.

Collection of personal information

  • Use of "cookies" Your visit to this site may be recorded for analysis on the number of visitors to the site and general usage patterns. Some of this information will be gathered through the use of "cookies". Cookies are small bits of information that are automatically stored on a person's web browser in their computer that can be retrieved by this site. Should you wish to disable these cookies you may do so by changing the setting on your browser. However, you will be unable to enter certain part(s) of our website, including online@hsbc.
  • Marketing Promotions Occasionally we may collect personal information from visitors to this site and those individuals that participate in a contest or promotion (online or over the telephone, or at one of our branches). Such information is only collected from individuals who voluntarily provide us with their personal information. We may use this information to advise them of products, services and other marketing materials, which we think, may be of interest to them. We may also invite visitors to this site to participate in market research and surveys and other similar activities.

You can choose to receive marketing and other promotional materials by e-mail. If you do receive email or promotional direct mailings, you will always have an opportunity to opt-out.

If at any time you would like us to cease sending you direct mailings, please contact our representatives at our Call Centre by calling (230) 800 1234.


If we do ask you to provide personal information, we will always specify the purpose for which such personal information is collected and ensure that it is only used for the purpose specified at the time of collection.

Our information collection statement

a. The Statement is intended to notify you why personal data is collected, how it will be used and to whom data access requests are to be addressed.

b. Why we collect your data - we collect your personal information to carry out and administer our services to you and in an effort to improve your customer experience. Without such data the Bank may be unable to open or continue accounts or establish or continue banking facilities or provide banking services.

c. Data is also collected from customers in the ordinary course of business to continue the banking relationship, for example, when customers write cheques or deposit money.

d. How your data may be used - Data relating to a customer may be used to:

  1. Facilitate the daily operation of the services and credit facilities provided to customers;
  2. conduct credit checks;
  3. assist other financial institutions to conduct credit checks and collect debts;
  4. ensure ongoing credit worthiness of customers;
  5. design financial services or related products for customers' use;
  6. market financial services or related products;
  7. determine the amount of indebtedness owed to or by customers;
  8. collect amounts outstanding from customers and those providing security for customers' obligations;
  9. meet the disclosure requirements of any law binding on the Bank or any of its branches;
  10. enable an actual or proposed assignee of the Bank, or participant or sub-participant of the Bank's rights in respect of the customer to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation; and
  11. to fulfill any other purposes relating thereto.


Disclosure of your personal information - Information held by the Bank relating to a customer will be kept confidential but the Bank may provide such information to the following parties for the purposes set out in paragraph (c):

  1. Any agent, contractor or third party service provider who provides administrative, telecommunications, computer, payment or securities clearing or other services to the Bank in connection with the operation of its business;
  2. Any other person under a duty of confidentiality to the Bank including a group company of the Bank which has undertaken to keep such information confidential;
  3. The drawee bank providing a copy of a paid cheque (which may contain information about the payee) to the drawer;
  4. Credit reference agencies, and, in the event of default, to debt collection agencies;
  5. Any person to whom the Bank is under an obligation to make disclosure under the requirements of any law binding on the Bank or any of its branches; and
  6. Any actual or proposed assignee of the Bank or participant or sub-participant or transferee of the Bank's rights in respect of the customer.

Contact us

Requests for access to data or correction of data or for information regarding policies and practices and kinds of data held should be addressed to:

 

The Webmaster

Icon Ebene,

Level 5, Office 1 West Wing

Rue de l'Institut 

Ebene 72202

Mauritius

 

IMPORTANT: By accessing this web site and any of its pages you are agreeing to the terms set out above. Thank you for choosing HSBC.