Effective Date: 03rd June 2025
Hatton National Bank PLC (“HNB”, "we," "our," or "us") is committed to safeguarding your personal data (which is defined in 1(A) and 1 (B) below) and ensuring your privacy. This Privacy Notice explains what information we collect about you, how we will use that information, who we will share it with, the circumstances under which we will share it and what steps we will take to make sure it stays private and secure.
We may collect the following types of personal data (hereafter referred to as 'Personal Data') to serve you better:
(A). For customers:
We may require to collect special categories of Personal Data about you sometimes, but this information is only collected if necessary and with your consent or where allowed by law. This may include:
Your Personal Data is directly collected from you, but we may also obtain your Personal Data from other sources as required, which includes but are not limited to people you know:
(B). For Employment Candidates and Employees:
In addition to the information above we may also collect:
We may require to collect special categories of Personal Data about you sometimes, but this information is only collected if necessary and with your consent or where allowed by law. This may include:
Your Personal Data is directly collected from you, but we may also obtain your Personal Data from other sources as required, which includes but are not limited to:
We collect your Personal Data in order to manage our services and operate our business. We generally process your Personal Data in line with one or more of the following lawful bases as provided for by applicable Laws:
We may use your Personal Data for the following purposes, which may include but is not limited to:
(A). For customers:
(B). For Employment Candidates and Employees:
In addition to the purposes given in 3 (A) above, we may also use your Personal Data for the following purposes, this may include but is not limited to:
Note: we may not be able to proceed with your job application if you do not provide us with or want us to process the Personal Data that we consider is necessary and/or is required to meet our legal and regulatory obligations.
We may share your Personal Data within the HNB and its Group and our advisors, consultants, service providers, business partners and third parties (including but not limited to their employees, sub-contractors, service providers, directors and officers, etc.) for the purposes given in 3(A) and 3(B) above or as required by law or requested by any authority. We may share your Personal Data with both local or foreign entities, depending on the nature of the services and the requirements of your banking relationship with us, in compliance with applicable data protection laws for data sharing and cross border transfers.
We do limit how and whom we share your Personal Data with and we take necessary steps to ensure Personal Data shared is kept confidential and protected when we share it. The parties with whom your Personal Data is shared may vary based on your banking relationship and on your interactions with us as an individual. We will not disclose your Personal Data to anyone unless we have your consent, are required to do so by law or have previously informed you of such sharing
We may share your Personal Data with the following: This may include but is not limited to:
We may collect and store your Personal Data in electronic or physical form, depending on the requirement. We may store, share and transfer your Personal Data within HNB and its Group and with other third parties in order to improve and support our processes, business operation and to comply with legal and regulatory obligations. This may include cloud storage and cross-border transfers to jurisdictions with different data protections laws outside of Sri Lanka but only in compliance with applicable data protection laws.
We are committed to retaining your Personal Data for only as long as necessary to fulfill the purposes for which it was collected and in accordance with applicable laws and regulations. The specific retention periods may vary depending on the type of data and legal or statutory requirements, but as a general guideline:
We regularly review our data retention practices to ensure compliance with our policy and relevant regulations. After the retention period expires, we will securely and permanently delete or pseudonymize your Personal Data as per the guidelines provided by the Data Protection Authority (hereinafter referred to as the “DPA”) created under the Personal Data Protection Act No. 09 of 2022 (as amended).
We implement adequate technical, physical and organizational security measures to protect your Personal Data against unauthorized access, disclosure, alteration, or destruction. We also ensure our practices are, in compliance with legal and regulatory requirements. We require and train our staff to maintain our privacy and security standards, and we will procure any third parties who carry out any work on our behalf to comply with appropriate compliance standards including obligations to protect any information and applying appropriate measures for the use and transfer of information.
Some of our affiliates’ websites have their own privacy and information handling practices. Refer to the relevant privacy notices of those affiliates in relation to how they handle and use your Personal Data.
Our Privacy Notice does not apply to other third-party websites, where our advertisements are displayed or to linked such other third-party websites which we do not operate/control. However, our web sites may contain links to third party websites. Whilst such links are provided for your convenience, you should be aware that the information handling practices of the linked websites might not be the same as ours. These websites should have their own privacy notices, which you can read and understand how they collect and process your Personal Data and your rights.
Subject to applicable laws, you have the following rights concerning your Personal Data:
To exercise these rights, please contact our customer service hotline or if you have questions about your data, please contact our Data Protection Officer (“DPO”) using the details given below.
We may update this Privacy Notice from time to time to reflect changes in our practices or for legal and regulatory reasons. Our privacy notice is available on www.hnb.net for your reference. Please visit the website periodically for the latest version.
If you require any further information or require to contact our Data Protection Officer (where applicable).
If you have any questions or concerns about this Privacy Notice or your Personal Data, please contact us at:
Contact No: +94 112 462462
Email: [email protected]
Address: Head of Customer Experience,
HNB Towers,
Level 19, No. 479,
T B Jayah Mawatha,
Colombo 10.
Sri Lanka.
If you have any questions or concerns regarding your Personal Data or this Privacy Notice and require to contact our Data Protection Officer:
Email: [email protected]
Address: Data Protection Officer,
HNB Towers,
Level 11, No. 479,
T B Jayah Mawatha,
Colombo 10.
Sri Lanka.
Welcome to HNB's website. This Cookie Policy explains how we use cookies and similar technologies to enhance your browsing experience. By using our website, you consent to the use of cookies as described in this policy.
Cookies are small text files that are stored on your device when you visit a website. They help the website recognize your device and remember information about your visit, such as your preferences and settings.
We use cookies for the following purposes:
Essential Cookies: These cookies are necessary for the proper functioning of our website. They enable basic features, such as page navigation and access to secure areas, etc.
Analytical/Performance Cookies: These cookies allow us to analyze how visitors use our website. We use this information to improve the user experience and optimize our site's performance, etc.
Functional Cookies: These cookies enable enhanced functionality and personalization, such as remembering your preferences and choices etc.
Some cookies on our website may be set by third-party services. We have no control over these cookies, and they are subject to the privacy policies of the third parties providing them.
You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse or accept cookies and to delete them. The "Help" section in your browser provides information on how to manage your cookie settings. Please note that if you refuse all cookies, you may not be able to use our website.
We may update this Cookie Policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. Our cookie policy is available on www.hnb.net and www.hnb.lk for your reference. Please visit the website periodically for the latest version.
If you require any further information or require to contact our Data Protection Officer (where applicable).
If you have any questions or concerns about this Privacy Policy or your Personal Data, please contact us at:
Contact No: +94 112 462462
Email: [email protected]
Address: Head of Customer Experience,
HNB Towers,
Level 19, No. 479,
T B Jayah Mawatha,
Colombo 10.
Sri Lanka.
If you have any questions or concerns regarding your Personal Data or this Privacy Policy and require to contact our Data Protection Officer:
Email: [email protected]
Address: Data Protection Officer,
HNB Towers
Level 11, No. 479,
T B Jayah Mawatha,
Colombo 10.
Sri Lanka.