Bank of Ceylon (referred to as ‘we’, ‘us’, ‘our’, ‘Bank of Ceylon’ or the ‘Bank’) is committed to protecting the privacy and security of personal information. This Privacy Statement explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services. By accessing or using our services, you consent to the practices described in this Privacy Statement.
Throughout this statement, "personal data" or "personal information" refers to any information that identifies or can identify you, including but not limited to your name, address, and identification number. Actions involving your personal data, such as handling, collecting, protecting, and storing, are collectively referred to as "processing."
This Privacy Statement is designed in relation to the collection, use and disclosure of any personal data, including special or sensitive personal data. It also applies to individuals who have had a previous business relationship with the Bank.
We hold, collect and process personal data that you provide to us directly or indirectly, such as your name, contact details, identification information, date of birth, financial information, transaction data, payment card information, gender, nationality, information received from third parties, the public domain, collected through use of our website, cookies, and our electronic banking services which we believe it is reasonably required for ordinary business purposes. This data is essential for offering you our services and ensuring a seamless banking experience.
We use and process your personal data to manage your accounts; to deliver banking services; to process transactions; to administer, evaluate and improve our products and services; to market our products and services; to manage our risks; to perform accounting,
auditing and other internal functions and to fulfill and comply with legal and regulatory requirements, relevant industry standards, contractual obligations. We may also use your personal data for communication purposes, such as sending you account updates, relevant promotions, and other service-related notifications.
At Bank of Ceylon, we are dedicated to provide you with the products and services you request. To ensure the fulfillment of our contractual obligations and to provide you with the best possible service, we process your personal data for various essential purposes as follow but not limited.
We process your data to handle applications for products and services, process payments, conduct transactions, and fulfill your instructions or requests promptly and accurately. This includes every channel we use including providing electronic banking services to enhance your banking experience.
We evaluate your suitability for our products and services to tailor our offerings to your specific needs and requirements.
We conduct credit assessments, including credit checks and setting credit limits, to ensure responsible lending practices and financial stability.
Your data is used for operational and statistical purposes, enabling us to improve our services and meet regulatory requirements effectively.
We establish, continue, and manage banking relationships and accounts, and monitor our premises and ATMs to ensure your safety and security.
To provide you with our services and uphold our contractual obligations, the Bank discloses your Personal Data to the following parties for the purposes specified above.
We share your personal data with professional advisers, consultants, credit rating agencies, insurers, insurance brokers, auditors, third-party service providers, agents, corresponding banks and financial institutions and exchange houses to conduct credit checks, and independent contractors who support for Bank's business operations subject to Non- Disclosure agreements/confidentiality obligation with such parties to ensure that our services meet the highest standards.
We share your personal data with our business alliance partners who offer products or services that could be of interest to you, enhancing the range of options available to meet your needs.
We disclose your personal data to merchants or members of the Card Association to facilitate payment card transactions.
We disclose your personal data with your attorney who is appointed by you through a Power of Attorney.
In the case of a child, we disclose child’s personal data to the parent or legal guardian of such child.
Upon your death or contractual incapacity, we share your personal data with your legal representatives, legal heirs and immediate family members as applicable, allowing them to act on behalf of you.
We disclose your personal data to any court, tribunal, regulator, law enforcement agency, exchange body, tax authority, or any other authority (including any authority investigating an offence) or their agents/officials as required or permitted by law.
We also disclose your personal data to any person to whom disclosure is allowed or required by local or foreign law or regulation.
We reserve the right to share your personal information in connection with a corporate change including a merger, acquisition or sale of all or any relevant portion of our business or assets.
These disclosures may occur in any jurisdiction and are carried out with the utmost care and in compliance with applicable laws and regulations.
Ensuring the security of your personal data is a paramount concern for us at Bank of Ceylon. We want you to be confident that your information is protected regardless of where they are stored or transferred. Following is how we prioritize your data security.
We have implemented rigorous and accepted standards of technical and organizational security measures to safeguard your personal data. These measures are designed to protect your information from unauthorized access, disclosure, alteration, and destruction.
When we engage with external service providers, we ensure that they adhere to the stringent security standards mandated by Bank of Ceylon. We enforce these standards through contractual provisions, as required by privacy regulators/authorities, and maintain oversight to ensure compliance.
Your personal data may be transferred to locations outside Sri Lanka, including countries without data protection laws comparable to Sri Lanka while adhering to the provisions of Personal Data Protection Act and the applicable regulations. We take every reasonable step to ensure that, regardless of the location, your personal data remains securely protected.
Although we use appropriate security measures, transmitting personal data over the internet carries inherent risks, including the potential for access and interference by unauthorized third parties.
Information transmitted over the internet may pass through various countries, even if the sender and recipient are located in the same country. Some of these countries may have privacy and data protection laws that are less robust than those in your country of residence.
Despite these challenges, we endeavor to mitigate these risks. We employ the latest security technologies and protocols to protect your data during the transmission and storage.
We aspire to maintain the confidentiality and integrity of your personal data. Your trust is invaluable to us, and we are committed to earning and preserving it through our unwavering dedication to your privacy and security.
If you have any concerns or questions about the security of your personal data, please do not hesitate to contact us. Your privacy and peace of mind are of utmost importance to us.
We retain your personal data in accordance with legal and regulatory requirements, and for essential business and operational needs. Typically, this retention period spans twelve years from the conclusion of your association with us unless applicable law requires a longer retention period.
We value your trust and privacy, and we want to keep you informed about our products and services. To achieve this, we may use your Personal Data for specific purposes.
Conducting market research and surveys enable us to better understand your needs and preferences. This insight helps us enhance our products and services, ensuring they align with your expectations.
We use your data for marketing purposes, including promotional events, competitions, and lucky draws. These initiatives are designed to provide you with exciting opportunities and valuable offers.
Your preferences matter to us. If you have asked us not to send you marketing material, rest assured, we respect your choice. You have the right to opt out of receiving marketing communications at any time.
To exercise this right, please reach out to your branch. We are here to promptly accommodate your preferences.
If you change your mind and decide not to receive marketing material or any other promotional or research material you previously subscribed to, we will honor your request. However, for record-keeping purposes, we may retain a record confirming your preference. This ensures that you do not receive any further communications, respecting your choices and privacy.
In our commitment to upholding the highest standards of compliance, we may, within the limits of the law, record and monitor your electronic communications with us. This practice is in place to ensure strict adherence to our legal obligations and internal policies, aligning with the purposes previously outlined.
By monitoring electronic communications, we maintain a secure and compliant environment, fostering trust and reliability in our interactions. Your understanding and cooperation in this regard are essential as we work together to ensure the integrity and legality of our services.
Your privacy is of utmost importance to us, and we are dedicated to ensuring you have control over your personal data. In accordance with applicable laws, regulations, and banking industry guidelines, you have the following rights:
You have the right to request a copy of the personal data that pertains to you. Please note, under certain circumstances, there might be a fee associated with this request, as allowed by law.
We take reasonable steps to rectify any inaccurate or outdated personal data, without undue delay in order to keep such data up to date and accurate manner. Accordingly, if you believe your personal data needs correction, you can request us to rectify any inaccuracies. This can be done conveniently at your branch.
You can ask us to delete your personal data, particularly unless otherwise if there is no any prevailing law directed to maintain the records further.
We take your concerns about the processing of your Personal Data seriously. If you have a complaint and feel dissatisfied with how it is being addressed, we encourage you to take the following steps
Initially, we recommend discussing your complaint with your branch. They are equipped to assist and address your concerns directly.
For further details or assistance, you can reach out to us by emailing [email protected]
Your written requests can be made:
Data Protection Officer
11th Floor
Bank of Ceylon
Head Office
Colombo 01
We are committed to resolving your concerns promptly and effectively, and we are here to support you throughout the process.
As an additional avenue, you have the right to file a complaint with the data protection authority.
As Bank of Ceylon, we strive to keep your personal data protection at the forefront. To ensure you are informed about how your data is handled, our Privacy Policy may undergo updates periodically. We encourage you to revisit this site regularly to stay abreast of any changes or amendments
Last Updated: 12.01.2024
Please be noticed that our Privacy Policy is specific to our platform and services. It does not extend to third-party websites where you might encounter our online advertisements, nor does it apply to linked third-party websites that we don't operate or oversee. When you navigate to external websites through links provided, please be aware that their privacy policies and practices are entirely separate from ours.
Stay ahead with PIEZE. Unveiling the latest updates and enhancements.