ESG Information

Personal Finance

Savings

Savings and Deposits

Renminbi and Foreign Currency Team Deposit

Deposit Certificates

Loans

Personal Housing Mortgage Loan

Personal Automobile Loan

Personal Composite Loan

Minyi Loan

more+

Debit Cards

Featured Services

Card User Guide

Settlement

Individual Deposit Certificate

Convenient Finance

Appointed Remittance

Domestic Remittance

Payment and Collention Agent Card

Clearing

more+

Safe Deposit Box Service

VIP Services

Salary and Welfare Agent Card

Self-Service Bank

Automatic Inquire Machine

Cash Recycling System

Point of SalePOSTerminal

Security Card Tips

more+

Card Swallowing Procedures

E-Banking

Personal Internet Banking

Personal Mobile Banking

Telephone Banking

Self-service Banking

more+
MSE Finance

MSEs Payment and Settlement Products

Corporate Card

Govementtal Unit Card

Cross-bank Cash Concentration

E-Banking

MSE Internet Banking

MSE Mobile Banking

Telephone Banking
E-Banking

Telephone Bank

Business Introduction

Financial Information Instant Messenger

Appointment on Large Sums of Cash
Corporate Finance

Deposits

Contracted Deposit

Agreement Deposit

Call Deposit

Corporate Term Deposit

more+

Corporate Current Deposit

Loans

Medium and Long-term Loans

Short-term Working Capital Loans

Gross Settlement

Electronic Receipt Cabinet

Corporete Remittance and Cashing

Commissioned Collection

Collection with Acceptance

more+

Intermediate

Wages Distribution Agency

Letter of Guarantee

Cash Management

Account Management

Liquidity Management

Wealth Management

Settlement

more+

Financing Services

Convenience Platform

Trade Finance

Products and Services

CMBC Factoring

BG/Standby LC Record

International Credit

Overseas Investment Loan

Syndicated Loan

Export Seller Credit

Export Buyer Credit

more+

Import Credit

Export factoring covered by

Industrial Chain Finance

Composite Financing

Receivable Financing

Prepaid Financing

Real Estate Finance

more+

Financial Service Solution

E-Banking

Corporate Internet Banking

Corporate Mobile Banking
Interbank Finance

Accommodation of Funds

Comprehensive Credit Granting

Bank-Bank Cooperation

Financial Product Investment
Credit Card

About Credit Cards

Explore All Cards

Information

Installment Plan

Learn about Credit

more+

Mobile Banking

China Minsheng Bank Creditcard APP Service

E-Banking
CMBC Today

About CMBC

Introduction to CMBC

Board of Directors

Board of Supervisors

Management Team

more+

Organizational Chart

Investor Relations

Investment Value

Investor Services

Financial Information

Announcements and Disclosures

more+

Corporate Governance

ESG

ESG Information

ESG Report

CSR Report

Contact us

Contact Information
London Branch

London Branch

Your location： Home > CMBC Today > ESG > ESG Information

ESG

Key Points of China Minsheng Bank's Policies on Privacy and Data Security Protection

China Minsheng Bank (the Bank) strictly abides by the requirements of relevant laws, regulations and regulatory provisions regarding customer information security protection, including the Civil Code of the People's Republic of China, the Data Security Law of the People's Republic of China, and the Personal Information Protection Law of the People's Republic of China. The Bank has been committed to ensuring the compliance and security of customer information processing to safeguard the legitimate rights and interests of customers.

Ⅰ.Scope of Application

The Bank has established an information security protection system applicable to the whole bank and all types of users of branches and sub-branches, guiding all employees to comply with requirements for customer information security protection and implement the relevant measures. The Bank has disclosed the policies for privacy and data security protection through various channels to all customers, including the Privacy Policy of China Minsheng Bank (for Offline Channels), the Privacy Policy of China Minsheng Bank for Portal Website, the Privacy Policy of China Minsheng Bank for Mobile Banking, the Privacy Policy of China Minsheng Bank for Weixin Bank, and the Privacy Policy of China Minsheng Bank for Personal Online Banking, etc. (For details, please refer to official channels such as the official website and the mobile Apps of the Bank.)

Ⅱ.Basic Principles

The Bank abides by the following principles in protecting customer information: legality and legitimacy, necessity, integrity, openness and transparency, and accountability.

The policies require to demonstrate personal information processing rules, such as the purpose, method, scope and retention period of individual customers’ information, in a clear, understandable and reasonable manner, and to obtain customer's independent authorization and consent in accordance with laws. No institution or employee is allowed to illegally collect, use, process or transmit other people's information, or illegally buy, sell, provide or disclose other people’s personal information.

Ⅲ.Customer Information Protection Statement

1. Customer rights regarding information security

Customers of China Minsheng Bank are legitimately entitled to access, correct and delete their privacy information. In its customer privacy policies, China Minsheng Bank has clearly outlined the definitions, scope, authorized contents, collection and use, and relevant protection of personal information, and spares no effort to safeguard customer rights to access, copy, delete, request account cancellation, change authorization scope, refuse personalized advertisement and respond to requests and withdraw consent, in order to ensure that customers have adequate capability and channels to protect their personal information security and exercise their rights related to personal information .

2.Customer privacy data security protection

2.1 Customer privacy data security protection system

China Minsheng Bank has established and improved the organizational structure of data security management, formulated a series of policies in regard to data security management and personal information protection, and outlined security management strategies and technical protection for the full life-cycle of data. Taking into account the actual circumstances of its financial products and services, the Bank adopts technical measures, such as access control, identity verification and encryption, to protect data at the stages such as collection, storage, transmission, use and deletion, and to effectively implement privacy and data security control measures to improve data security management.

Meanwhile, China Minsheng Bank conducts consumer protection inspections on financial products or services to be provided to natural persons, updates and discloses the relevant personal information processing rules, in order to ensure that the contents of privacy policies comply with legal requirements and to protect the security of customer information.

2.2 Minimizing data collection and retention

When collecting privacy and data of customers, China Minsheng Bank follows the principle of “minimum and necessity.” It adopts effective measures, such as graded authorization, permission control and technical control, to strengthen the protection of personal financial information and safeguard the legitimate rights of customers regarding personal information. The Bank has also established corresponding supervision and emergency response mechanisms to guard against information leakage and misuse.

When terminating financial business, product services or contracts and agreements, or when responding to legitimate rights and interests of individuals or organizations, the Bank will immediately cease data collection, unless otherwise stipulated by laws or administrative regulations.

3.Data protection plan for suppliers and business partners

When collecting data from external institutions, China Minsheng Bank follows the principles of legality and legitimacy, clearly outlines the responsibilities and obligations of all parties in data security protection through contractual agreements. It explains the purpose, scope, method and retention period of data collection in a prominent way and in clear and understandable language (except for the circumstances where no explanation is required as clearly stipulated by administrative regulations), in order to make reasonable use of data only within the contracted scope with compliant and secure protection measures.

4.Data leakage/incident response plan

China Minsheng Bank has established an efficient emergency response mechanism for data leakage incidents, with clear division of responsibilities and deployment of personnel. The Bank have formulated the Emergency Response Plan of China Minsheng Bank for Data Leakage and conducted regular emergency drills. In case of an actual or potential data leakage, the emergency response teams and personnel will follow the process encompassing monitoring and early warning, analysis and judgment, notification and early warning, emergency response, coordination and synergy, and source-tracking, to carry out emergency response and recovery actions in an orderly manner, in order to fully safeguard customer information security and avoid or reduce potential losses and impacts.

5. Complaints and supervision

Should customers have any questions or suggestions regarding the contents of the privacy policies of China Minsheng Bank, they may contact the Bank via the official channels of privacy policy disclosure.The Bank will give timely feedback and handle them properly.

For details of complaints and handling channels, please refer to: http://www.cmbc.com.cn/sy/lxwm/kfjtslc/index.htm.