Privacy

Security of personal information:

Keeping your personal information secure is our priority. We protect this information by maintaining physical, electronic, and procedural safeguards that meet applicable law. We train our employees in the proper handling of personal information. When we use other companies to provide services for us, we require them to protect the confidentiality of personal information they receive.

Personal Data Protection Act

PDPA

Singapore has enacted the Personal Data Protection Act (the “PDPA”) in 2012 and the Act came into full effect on 2 July 2014 (the “Effective Date”).

The PDPA essentially sets out the personal data protection regime of Singapore and Bordier & Cie (Singapore) Ltd (“Bordier Singapore”) like all organisations that collect, use and disclose Personal Data will be subject to nine (9) data protection obligations in relation to its collection, use and disclosure of Personal Data. “Personal Data” means any information which relates or identifies an individual, and can include voice recording, video or photographs of the individuals. “Data intermediaries” referred to below would include Bordier Singapore’s vendors and service providers who handle and process Personal Data on our behalf.

The nine data protection obligations are:

    1. Consent obligation – Bordier Singapore may only collect, use or disclose Personal Data for purposes which an individual has given his consent. If an individual withdraws his consent to the collection, use or disclosure for any purpose, Bordier Singapore must cease such collection, use or disclosure of the Personal Data.
    2. Purpose Limitation Obligation – Bordier Singapore may collect, use or disclose Personal Data about an individual for the purposes that a reasonable person would consider appropriate in the circumstances and for which the individual has given consent, and must limit its collection, use or disclosure of personal data only to such purpose.
    3. Notification Obligation – Bordier Singapore must notify an individual of the purposes for which it is intending to collect, use or disclose his Personal Data on or before the collection, use or disclosure of Personal Data.
    4. Access and Correction Obligation – Bordier Singapore must, upon request, provide an individual with information about the ways in which his Personal Data has been or may have been used or disclosed within a year before the request. Upon request, Bordier Singapore is also required to correct any error or omission in an individual’s Personal Data; and send the corrected data to other organisations to which the Personal Data was disclosed by Bordier Singapore within a year before the correction is made.
    5. Accuracy Obligation – Bordier Singapore must make reasonable effort to ensure that Personal Data collected by or on its behalf is accurate and complete, if it is likely to be used to make a decision that affects the individual, or if it is likely to be disclosed to another organisation.
    6. Protection Obligation – Bordier Singapore must make reasonable security arrangements to protect the Personal Data that it possesses or controls to prevent unauthorised access, collection, use, disclosure or similar risks. This obligation is also extended by the PDPA to data intermediaries of Bordier Singapore who process Personal Data on its behalf.
    7. Retention Limitation Obligation – Bordier Singapore must cease to retain Personal Data or remove the means by which the Personal Data can be associated with an individual when it is no longer necessary for any business or legal purpose. This obligation is also extended by the PDPA to data intermediaries of Bordier Singapore who process Personal Data on its behalf.
    8. Transfer Limitation Obligation – Bordier Singapore may transfer Personal Data to another country only according to the requirements prescribed under law, to ensure that the standard of protection provided to the Personal Data so transferred will be comparable to the protection under the PDPA, unless exempted by the Personal Data Protection Commission.
    9. Openness Obligation – Bordier Singapore must make information about its data protection policies, practices and complaints process available on request.

Access Requests

If you would like to request access to your personal data held by Bordier Singapore, please contact your Relationship Manager.

Withdrawal of Consent

If you prefer not to receive marketing materials by Mail, Email, SMS or Voice Calls, please notify your Relationship Manager.

For further enquiries, please reach out to our Personal Data Protection Office:

Personal Data Protection Officer
Bordier & Cie (Singapore) Ltd
CapitaGreen Point #14-00
138 Market Street
Singapore 048946
Email: enquirysingapore@bordier.com

Security

Internet Security: Recommendations for Safe Surfing

The Internet is a public area and an excellent communications instrument. However, it is also susceptible to fraudulent activities. But with due caution you can largely eliminate the risks. These recommendations include a number of guidelines for navigating the Internet safely, and in particular some hints on how to use our eServices platform.

Security tips for using eServices

Always enter https://eservices.bordier.com in your browser

To get to the login page, enter https:/eservices.bordier.com in your browser. Then the following URL will appear in the address bar of your browser:

security

Do not use any links from a website or an e-mail that lead you direct to this URL.

Always ensure that you are on a secure website before submitting your information via your web browser. It will be “https://” rather than “http://” and it will contain a padlock icon on the status bar at the top of the browser.

Pay attention to padlock in status bar and “https” sites

In bordier.com, data is transferred with a SSL security certificate. Current browsers support this encryption technology. You can see for yourself whether and how your connection is protected. A closed padlock symbol in the status bar indicates that you are working with encryption. Clicking on the padlock shows you the version of encryption software being used.

Always leave eservices.bordier.com via the logout button

Leave eServices using the logout function. Simply closing the browser window is not sufficient to terminate the secure Internet connection. Do not save your online banking login details on the browsers by clearing your browser’s cache and history after each session.

Never tell anyone your user-id and password, store one-time-signature devise safely

Bordier & Cie provides users with a user-id and password as well as the One Time Signature Devise (Smart Card and Calculator) so that they can access eServices. The user-id is defined by Bordier & Cie and sent to the user by hard mail. The password is sent by separate cover, and must be personalized by the user the first time they log in. We recommend changing your personal password regularly. The new password must have between 8 and 16 characters. You should avoid personal telephone numbers, dates of birth, car license numbers, etc. Do not under any circumstances save the password on your computer or reveal it to anyone else. Please note that for security reasons, Bordier & Cie will never ask you for your password by phone, e-mail, letter, SMS or social media. Always keep the One Time Signature Devise provided to you by Bordier & Cie in a safe place.

Bordier & Cie shall be entitled to consider any person who gains access to the eServices using the above to be an authorised used without further inquiry or investigation. Consequently, any loss or damage sustained by you by reason of an unauthorised access to the eServices shall be borne by you, and you will indemnify Bordier & Cie against all loss, damage, costs or expenses incurred by the Bank as a result of the provision of the eServices.

Bordier & Cie should be informed immediately in the event of loss, disclosure, theft, fraud, misuse of the above.

Always use a device that you can trust

Do not use a shared computer or device that cannot be trusted for internet banking such as the computer at an Internet café and other public places. These devices may be installed with certain software that could capture your personal information without your knowledge and approval. If you have to use such shared computer or devise, never leave the PC unattended, always leave Bordier & Cie eServices via logout, and make sure you clear the browser cache.

Cookies

Cookies are not really dangerous. They can’t take up programs (viruses), nor can they be used to spy out data that is not known in any case. Most cookies are a convenient way for websites to adapt to the needs of users. Cookies must be activated for you to gain access to Bordier & Cie eServices.

Do not open additional browser windows

Even when you have a secure Internet connection (https://), opening additional browser windows can give other people access to your computer. If at all possible you should avoid non-https sites for online transactions.

Different e-mail addresses for different purposes

We recommended using your regular e-mail address for communicating with people and companies that are known to you. But if you absolutely have to communicate with unknown websites, to reduce spam you should create an alias for your e-mails and use this alias for e-mail correspondence with these unknown websites.

Different SSL Certificate Warning Messages

Digital certificates provide security to websites by encrypting sensitive data and verfying the identity of the websites that are secured.
Certificates are provided to website owners to ensure the security of online communications.

SSL problem messages and warnings are often displayed in an attempt to protect website users from potentially compromising situations. However, an SSL error message may also indicate a problem that is entirely innocuous in nature. In this second case, there is often an issue either with the website you are connecting to or even possibly a misconfiguration on your own end.

If you ever encounter an SSL related warning (such as a security certificate mismatch, certificate not trusted, or secure and non-secure items, see below), you may want to hold off on entering your login details or credit card information until you can make sure you are not in a compromising online situation.

certificate_msg

To resolve a problem that you may be having, the first thing that you want to check is that your computer’s time and date are accurate. Because expired or not-yet-valid security certificates throw up warnings, having the date on your machine wrong could potentially cause security errors on many secure sites that you access.

Additionally, if you have recently enabled new secure settings in a website, try disabling those settings and seeing if the warning messages go away. While this is not fix, it can give you a point to work from when communicating with the website owner to help them know how to fix the problems.
One of the best things you can do if you encounter an error is to call your Relationship Manager or report the problem to:

E-mail: cs@bordier.com
Telephone: +65-6239-9988
Operating Hours: Mondays to Fridays, 9 am to 6 pm (Singapore)

Ultimately, make sure to exercise discretion and never enter personal information in a website that throws an SSL error message.

General rules of behaviour on the Internet

Warning: fraudulent e-mails (phishing)

“Phishing” e-mails are sent by conmen to lure surfers on to fake web pages designed to look like the websites of service providers such as banks and financial services companies. Users are asked to reveal passwords and access information, which the conman then uses to gain access to their account. Please also note that you should never send details of your secret eServices information via e-mail. Bordier & Cie will never ask you for such information by e-mail or letter. For this reason you should ignore e-mails asking you to reveal confidential data, even when the sender of the e-mail seems familiar.

SMS Spoofing

SMS spoofing uses the short message service (SMS) to set who the message appears to come from by replacing the originating mobile number (sender ID) with alphanumeric text. Spoofing has both legitimate uses (setting the company name from which the message is being sent, setting your own mobile number, or a product name) and illegitimate uses (such as impersonating another person, company or product).

If you suspect any SMS spoofing, you should notify Bordier & Cie immediately by calling your Relationship Manager. Bordier & Cie will never request for your personal details via SMS.

Spyware

It is a software inserted onto your computer that collects information about you and your internet traffic. It usually gets stored onto your computer unknowingly when you download software, games, screensavers, etc. from unknown websites and it claims to improve your computer’s performance. It can be used maliciously to gain access to your confidential personal data such as your passwords, PINs and internet browsing history.

If you have installed any software that claims to speed up your internet connection, or have additional third-party toolbars on your browsers, then you may be using software that has the ability to track your internet sessions. We recommend that you uninstall this software.

Keylogging

Keylogging is a form of Spyware online fraud where the keys inputted on a keyboard is captured, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored.

The using of One-Time Signature generated by your Devise (Smart Card and Calculator) is keylogger safe as each PIN is invalidated as soon as it is used. Install anti-spyware applications which are able to detect and disable/cleanse keylogging software.

Keylogging on mobile phone captures and transmit information including email, SMS and keystrokes on the cell phone without the user of the phone being aware of it. Think before downloading applications. Review the privacy policy and understand what data (location, access to your social networks) an application can access on your device before you download it.

If you did not expect any message or connection attempt to your mobile device, take precaution by declining the connection as this may be an attempt to send a malicious program to your mobile device. Always decline such attempts in connection when in doubt.

Avoid downloading Bordier & Cie Mobile application from any site unless it is from the Apple App Store.

Pretext Calling

Pretext calling is defined as a deceptive means of obtaining personal information and unauthorised disclosure of customer financial information. Fraudsters may pretend as bank officers to obtain your account number or credit card number and other information required. Upon obtaining such information, the fraudsters may call your bank posing as you, using the information stolen to take over your identity in order to perform transactions using your account.

Another form of pretext calling is when fraudsters request victims to confirm transactions that were purportedly made on victims’ credit cards. When victims inform fraudsters that they do not have such credit cards, the victims are provided with a fake Bank telephone number in order to lodge a report. Upon calling, the fraudsters will request for victims’ personal information which will subsequently be used for fraudulent activities. Be aware that Bordier & Cie will never request for your personal or financial information through SMS or telephone calls and will never ask anyone to transfer money to any third party account.

Monitor and pay attention to your regular credit card and bank statements to ensure your transactions are accurate.

Do not share personal information, such as account numbers, passwords, National Registration Identity Card (NRIC) number and other personal information over the telephone, email, SMS or internet, unless you know who you are dealing with.

Store your personal information in a safe place and shred your old account statements, and any other correspondences prior to disposing them.

Pharming

Pharming is a scamming practice in which a malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent. Pharming can be conducted either by changing the host file on a victim’s computer by exploitation of a vulnerability in DNS server software. If you access websites which requires your personal information, ensure the website address has a https:// in its URL.

Telephone Tapping

Telephone Tapping is the unauthorized monitoring of telephone and internet conversations and/or key tone by a third party. Telephone Tapping is possible on a public switched telephone network and can be difficult to detect. To minimize the risk, consider disabling your mobile telephone’s Bluetooth connection to prevent any unauthorized access to signal sent from and to your telephone.

Protect your PC

Keep your virus protection software up to date

Install an anti-virus program on your computer and ensure that updates are downloaded regularly (at least once a week). Most programs have an automatic update function. These will help prevent unauthorized access to your computer.

Install a firewall

A firewall is a kind of electronic protective wall between the Internet and your computer. It monitors and controls the data entering and leaving your computer. There are various different firewalls available on the market, some more comprehensive than others. Windows systems have an integrated firewall built in, but it offers only basic protection compared with other specialized products.

Update your browser and operating system

Always use the most recent version of your browser and operating system, and take particular care to install the latest security patches. Microsoft offers regular updates on its own website, and your operating system can be set to search for relevant updates automatically. Apple offers a similar service. Modern browsers offer such a wide range of functions that they are very complex and vulnerable to programming errors, some of which can pose a security threat. For this reason you should install the latest patches whenever possible, and deactivate functions you don’t need. You should also consider whether another browser may give you better security.

You will find the latest versions of common browsers at the following addresses:

Microsoft Internet Explorer : http://windows.microsoft.com/en-us/internet-explorer
Mozilla/Firefox : https://www.mozilla.org/firefox
Safari : http://www.apple.com/safari/
Chrome : https://www.google.com/chrome

Reporting

If you suspect that there has been any unauthorized breach of your accounts online, or that an online transaction has taken place that you did not initiate, it is important for you to inform us first hand. Not only that, immediately notify the bank should you encounter any issues, difficulties or irregularities.

Security incidents will be escalated to our technical support staff for evaluation. If any breach of security appears to have occurred, the bank will investigate it further.

It is strongly advised that you check your accounts on a regular basis to ensure they are authorized activities on their account, and if you notice something suspicious to contact the customer service immediately.

You are always encouraged to login to E-Services from your browser by typing https://eservices.bordier.com into the address bar or add Bordier & Cie to your list of favourites. Do not follow links from an email, letters, etc.

Protecting our customers’ accounts and personal information is one of our highest priorities. You can contact our client services at the following contact details:-

E-mail: cs@bordier.com
Telephone: +65-6239-9988
Operating Hours: Mondays to Fridays, 9 am to 6 pm (Singapore)

It is important that you do your part to ensure banking online is done in a safe and secure manner. Bordier & Cie shall neither be liable for acting upon instructions nor obliged to investigate the authenticity or authority of persons effecting your instructions or verify the accuracy and completeness of your instructions. Such instructions shall be deemed irrevocable and binding on you upon receipt by Bordier & Cie notwithstanding any error, fraud, forgery, lack of clarity or misunderstanding in respect of the terms of such instructions.