HomeCustomersData Privacy
Data Privacy

Data Privacy

We respect and safeguard the privacy and rights of our customers throughout our services and across our operations.

Protecting personal data and privacy


Data protection at UOB is interwoven into various policies and guidelines, which apply Group-wide and are approved by senior management committees. These include the UOB Code of Conduct, reviewed annually by the Bank’s Human Resources Committee, as well as the following policies reviewed annually by the Operational Risk Management Committee (ORMC):

  • the Group Information Technology Security Management and Cyber Resiliency Policy;
  • the Group Operational Risk Management Policy; and
  • the Enterprise Data Governance Policy.

Further, our Guidelines on Responding to Personal Data Breaches and the Standard Operating Measures for Data Leakage Crisis/Non-Crisis Management provide a roadmap for handling data breaches. Similar policies and guidelines are implemented in our subsidiaries in relevance to local regulations and compliance requirements.

Our policies and processes reflect our respect of our customers’ interests and preferences. We are committed to honouring their privacy rights, including providing:

  • channels for feedback such as email, online contact forms and phone hotline; and
  • access to and correction of personal data, as well as issue resolution.

We also have processes in place to ensure timely resolution of grievances.

UOB’s Privacy Notices, privacy and security practices and the contact details of the Bank’s Data Protection Officer are publicly available online on the UOB Privacy and Security webpage. Through regular mandatory training, we ensure that our people understand the importance of upholding data privacy and are kept abreast of the Bank’s policies and processes.

Personal Data Protection Policy


UOB’s Personal Data Protection Policy sets out the structure for compliance with the Singapore Personal Data Protection Act 2012. This policy is reviewed annually by the ORMC. The policy’s principles are:

  • Personal data must only be collected and used for purposes the customer has consented to, or as may be permitted by law;
  • Personal data is used responsibly in accordance with our ethical standards and corporate values;
  • Access and disclosure are subject to strict controls;
  • Integrity and security of personal data are paramount; and
  • Personal data that is no longer required for legal or business purposes must be anonymised or destroyed, in accordance with document retention policies.

Data protection officers


Line data protection officers at functional and business levels in Singapore and locally-appointed officers at overseas locations report to the Franchise Data Protection Officers in Singapore, who in turn report to the ORMC. These officers ensure compliance with local regulations and Group requirements, as well as assist in the investigation of alleged breaches as and when required.

Group Operational Risk Management, as well as the Data Protection Office under Group Legal, review any incidents and consider whether the incidents need to be reported and/or affected persons notified. Breach reporting and data leakage protocols are clear, and are designed to ensure timely breach management and mitigation of harm to data subjects. Post-incident action plans are pursued to closure to address any weaknesses in process that resulted in the incidents.

Data ethics and quality


UOB’s Enterprise Data Governance and Quality team from the Data Management Office (DMO) governs the data life cycle from creation and consumption to eventual deletion. This function brings together subject-matter experts from across UOB to focus on the continual improvement of data health, powered by innovations in processes and technology.

Our multi-disciplinary Data Ethics taskforce formulates and guides the integration of the Monetary Authority of Singapore’s (MAS) Fairness, Ethics, Accountability and Transparency (FEAT) principles in the design and validation of the Bank’s key artificial intelligence (AI) and analytical models.

UOB’s Data Management Committee provides oversight on data quality and data governance and privacy initiatives. This committee comprises senior representatives from DMO, Group Technology and Operations, Group Compliance, Group Risk Management, Group Human Resources, Group Finance and Corporate Services, as well as the business segments and functions.


Fair Dealing

Fair Dealing

We put our customers and their financial goals first as we grow our business through conscious and concerted efforts across our entire franchise.

Information security

Information security

We protect our data and assets from potential cybersecurity risks and threats, ensuring reliable and efficient services for our customers.

Financial inclusion

Financial inclusion

We are committed to making our banking products and services accessible and affordable.