Privacy Statement

Quick links

1. About this Privacy Statement

We treat your privacy very seriously and are committed to protect your personal information no matter where you are located. We collect and handle your personal information in accordance with the prevailing laws and regulations.

In this Privacy Statement, "We", "Us", "Our", and “Bank Commonwealth” means PT Bank Commonwealth.

PT Bank Commonwealth is incorporated and licensed in Indonesia with limited liability and a subsidiary of the Commonwealth Bank of Australia (“CBA”), an Australian company. CBA is an Authorised Deposit-taking Institution (“ADI”) with authority granted by the Australian Prudential Regulation Authority (“APRA”) under the Banking Act 1959 (“Commonwealth of Australia”). PT Bank Commonwealth is a separate entity to CBA and is not an ADI under APRA definition. Unless otherwise disclosed, PT Bank Commonwealth is not guaranteed by the CBA and, accordingly, the obligations of PT Bank Commonwealth do not constitute deposits or other liabilities of CBA.

PT Bank Commonwealth is an established bank serving Retail and SME customers. Bank Commonwealth offers a range of products and/or services to meet the financial needs of customer, and seeks to maintain high levels of customer service satisfaction.

PT Bank Commonwealth is licensed and supervised by the Financial Services Authority (OJK) and is a member of Indonesia Deposit Insurance Program (LPS).

As an institution offering financial services, We need to collect, hold and use personal information about You in the course of providing our products and services.

This Privacy Statement describes how Your personal information and credit information is collected and handled by PT Bank Commonwealth.

In this statement and Our official website, We may include links to various third-party websites. Where We do so, the third-parties are solely responsible for their own content and for what they do with any personal information they may collect from their websites.


2. Collection, Use, and Sharing

2.a. What information do we collect?

We collect Your personal information directly from You most of the time, however We may also collect information about you from other parties.

We collect personal information when You:

  • enquire about, apply for, or use Our products or services
  • contact Us to make an enquiry or give Us feedback
  • visit Our website or use Our digital services
  • participate in other activities We offer, such as competitions or surveys
  • communicate with Us or do business with Us.

We are required to collect certain types of your personal information to fulfil Our obligations to the prevailing laws and regulations in Indonesia. However We do attempt to limit Our collection of your personal information to what is necessary to offer you the products and/or services you need. Depending on those products and services, or your interactions with Us, We may collect the following types of personal information:

  • Personal and contact details

    This may include your name, address, email address, phone number, and date of birth.

  • Identity documents
    • These may include your identity card (such as KTP or passport), KITAS/KITAP, NPWP/Tax File Number (TFN), country of tax residency
    • Citizenship, birth, death and marriage certificates (for example, to verify your identity).
  • Financial information

    This may include:

      • details of your employment, income, assets, liabilities
      • copies of bank statements and credit card statements from other financial institutions
      • information from third parties about your credit history.
  • Credit information

    See “Your credit information” section for the types of credit information that We collect.

  • Transaction information

    This includes information about transactions that you have made using Our products and services. For example, your debit card transactions or ATM fund withdrawals.

  • Socio-demographic information

    This may include your marital status, age, gender, religion, number of dependents, occupation and nationality. For example when you open an account or apply for a home loan. 

  • Interaction information

    This includes details of your interactions with Us, such as when you visit a branch, call Us, use Our online or digital services, make an enquiry, provide feedback, or make a complaint.

  • Digital information

    We collect information from you electronically when you use Our online and digital services, which includes information such as:

      • location information (if enabled on your device)
      • IP (internet protocol) address
      • details of the device used to access Our digital services (including mobile and tablet)
      • details of the wi-fi network or mobile network used by your device
      • type of authentication used (for example touch ID or face ID).
  • Biometric information

    Biometric information (such as fingerprints or face), where this information is collected and used for the purpose of automated biometric verification or biometric identification.

  • Behavioural information

    This includes information that We generate about how you use Our products and services. For example, if you use Our banking services, We may generate information about your spending patterns so We can help you manage your money.

  • Call recordings

    On occasion, We monitor and record Our calls with you. We will let you know if We are doing this.

  • Camera surveillance

    For the safety of Our staff and customers, We use camera surveillance, such as CCTV, to monitor Bank Commonweath premises.

  • Publicly available information

    On occasion, We may collect and handle information that is available publicly, such as from:

      • online forums, websites, Facebook, Twitter, YouTube or other social media (for example, if you use social media to interact with Us)
      • public registers (for example information of citizens registered in Dukcapil, or information of companies registered in Ministry of Law and Human Rights database).

Further information (if any) regarding the collection and handling of personal information related to Our products and/or services is available in the terms and conditions of the producs and services that We provide.

2.b. How do we use your information?

We’re careful about how We use and handle your information. We use it to deliver Our products and services. We also use your information for other reasons such as to better understand you and your needs, and to let you know about other products and/or services you might be interested in.

Below is the explanation on how We may use your personal information. 

  • Serving Our customers

    We use your information to deliver Our products and/or services including to:
    • assess and process your applications for Our products and services
    • administer and manage existing products or services you have with Us
    • manage Our relationship with you or your business
    • improve Our service to Our customers
    • let you know about other products and/or services that may be of interest to you. 
  • Improving Our quality

    We use your information to improve the products and/or services We provide through activities such as:
    • reviewing customer feedback and assessing how you use Our products and services
    • testing and validating the effectiveness of products, services and system enhancements
    • monitoring and reviewing call recordings, online chats and other business activity for quality assurance, training and compliance purposes.
  • Managing Our operations

    We use your information to manage Our operations including to:
    • deliver Our products and services
    • make and manage customer payments and transactions
    • manage fees and interest due on your products and services
    • collect and recover credit that We provided
    • respond to complaints and seek to resolve them
  • Managing security, risk and crime prevention

    We use your information to:
    • prevent, detect and investigate suspicious or fraudulent activities
    • monitor Our properties, for example using camera surveillance to ensure the safety of Our employees and customers
    • investigate health and safety incidents involving Our employees  and customers
    • support the management of Our information security and network to prevent cyber-attacks, unauthorised access and other criminal or malicious activities.
  • To comply with Our obligations to prevailing laws

    Where required, We use your personal information to comply with the law, including Our regulatory obligations, including to:
    • confirm your identity
    • share relevant information with law enforcement agencies, tax authorities and other regulatory bodies
    • screen applications and monitor accounts to identify criminal activity such as fraud, terrorist financing, bribery, corruption and money laundering
    • investigate financial crime.
  • Managing Our business

    We use your information to run Our business in an efficient and proper way. For example to manage Our financial position, business capability planning, testing systems and processes, as well as managing communications, corporate governance, and audit.
  • Performing analytics activities

    We may combine information We have about you and Our other customers (for example transaction information) with data from other sources, such as third party websites. We use this information to:
    • help Us understand trends in customer behaviour including how products and/or services are used
    • improve the products and/or services We offer
    • improve the quality of Our data
    • develop products and/or services that better meet Our customers’ needs and behaviours
    • understand and manage Our risks better.
  • Determine your eligibility for credit

    See “Your credit information” section for how We use your credit information.

We may also collect, use and exchange your information for other reasons where the law allows or requires Us to.

Bringing you new products and services

From time to time, in accordance with the requirements of prevailing laws, We may also use your information, to tell you about products or services We think you might be interested in. To do this, We may contact you by:

  • Email
  • Phone
  • SMS
  • Social media
  • Advertising through Our apps, websites, or partner third-party websites
  • Mail.

If you don’t want to receive direct marketing messages, or want to change your contact preferences, you can do so by contacting Us. Information on how to contact Us is available in the “We’re here to help you” section.

We may first require to identify yourself before changing your preference.

2.c. Who do we share your information with?

We may share your personal information with Our related companies. We may also share your information with Our partner third parties (both in and/or outside of Indonesia), where this is permitted by law or for any of the purposes described in the “How do We use your information?” section. If We do this, We make sure there are arrangements are in place to protect your information.

Information on who We share your information with is set out in the terms and conditions that apply to the products and/or services We provide to you.

3. Keeping your information safe

Our staff are trained in how to keep your information safe and secure. We use secure systems and buildings to hold your information.

We store your hard copy and electronic records in secure buildings and systems, or use trusted third parties. We use a range of physical, electronic and other security measures to protect the security, confidentiality and integrity of the personal information We hold about you.

We aim to keep personal information only for as long as We need it–for example for business or legal reasons. When We no longer need information, We take reasonable steps to destroy or de-identify it.

4. Your credit information

We collect credit information about you when you apply or use Our credit related products or services.  

What is credit information?

Credit information is personal information that is about credit that has been provided to you or that you have applied for. This includes credit for personal purposes and credit in connection with a business. It can also cover information about you as a guarantor of a loan.

Types of credit-related information we collect, hold, and disclose

We collect credit information directly from you when you apply for a credit related product or service. We also collect credit information about you from third parties, including Credit Information Management Agency (hereafter referred to as “LPIP”)

The types of credit information we collect and handle are set out below:

  • Identification information

    This includes your name (including any aliases), gender, date of birth, and address.
  • Credit liability information

    This is information about any loans that you currently have open or may have had in the past. It includes the type of account, the open and/or close date, as well as the credit limit.
  • Repayment history

    This includes a history of your repayments, including whether you have made payments when due, or information of overdue payment (if any).
  • Default information

    Details of any defaults or other credit related infringements (for example fraud).
  • Public information

    Public record information such as:

    • court judgments
    • directorship and business proprietorship details
    • bankruptcy.
  • Information about credit worthiness

    Information about your credit worthiness such as credit scores, credit risk ratings, summaries and evaluations.

Why we collect and handle your credit information?

When you apply to Us for credit or act as a guarantor, We need to know if you’re able to meet repayments under your agreement with Us. We also try to avoid giving you further credit if this would put you in financial difficulty.

We use credit information to:

  • Confirm your identity
  • Assess your credit applications
  • Assess your ability to manage credit
  • Manage credit provided to you
  • Assist you to manage your credit related obligations and to consider any financial hardship requests
  • Derive scores, ratings, and evaluations relating to your credit worthiness which are used in Our decision-making processes and ongoing reviews
  • Support the collection of overdue payments
  • Share information with LPIP, where the law permits Us to do so.

We keep your credit information with your other information. For more information, refer to section “2.c. Who do we share your information with?

Credit Information Management Agency (LPIP)

If you apply to Us for credit or act as a guarantor, We may collect or share your information with LPIP. This information is used to determine your eligibility for credit.

LPIP include this information in their reports to help other credit providers to assess your credit worthiness.

We can also ask LPIP to give Us your overall credit score, and may use credit information from LPIP together with other information to arrive at Our own scoring of your ability to manage credit.

5. Accessing, updating and correcting your information

You can contact Us and ask to access your information. For further detailed information, We may ask you to fill out a request form. If your information is not correct or needs updating, let Us know straight away.

How can I access my information?

You can ask Us for a copy of your personal information that We hold by visiting a branch or by calling Us. Information on how to contact us is in the ”We’re here to help” section.

How will we handle your request?

There is no fee for making a request to Us, but sometimes We may charge you for the cost that may be incurred for the process required to put together the information you want. If there's a charge, We'll let you know how much it is likely to be, so you can choose if you want to go ahead.

We will respond to your request as soon as reasonably practical. Before We give you the information, We'll need to confirm your identity

In some cases, We can refuse access or only give you access to certain information. For example We might not let you see information that involves other people. In that case, We will inform it to you.

Can you correct or update your information?

It’s important that We have correct information about you, such as your current home address, email address and phone number. You can check or update your information at branch, via Our online services, or contact Us (see the ”We’re here to help section).

If We don't think the information needs correcting, We'll inform you why. You can ask Us to include a statement with the information that says you believe it's inaccurate, incomplete, misleading or out of date.

6. We’re here to help

If you want to update your personal information, or if you have a concern or complaint related to privacy, need more information, or want to update your preferences — you can contact Us by visiting Our nearest branch or reach the Call CommBank service at 1500 30 or (62-21) 2935 2935 (international access) or by sending an email to

Making a privacy complaint

If you have a concern or complaint about your privacy, let Us know and We’ll try to fix it.

How can you make a complaint?

We try to get things right the first time—but if We don’t, We will do Our best to fix it.

To make a complaint, you can contact one of Our staff or customer service teams. We’ll look into the issue and try to fix it straight away.

What else can you do?

If you're not satisfied with how We manage your complaint after you've been through Our internal complaints process, you are entitled to resolve the dispute through dispute resolution services. For further information, please refer to the following link: penyelesaian-pengaduan-berindikasi-sengketa_1/complaint-indicated-dispute-resolution.


We use technology in order to offer you the most convenient, secure and relevant services. An example of the technology that We use is a "cookie". Cookies are very small text files that your browser stores on your computer when you visit certain websites. When you visit a website that has issued a cookie, your browser sends the data stored in that cookie back to the website's server.

Why do we use cookies?

We use cookies to maintain the secure connection between your browser and Our servers while you are using Our secure websites.

You may be able to configure your browser to notify you when you are offered a cookie and decide whether or not to accept it. You may choose not to accept cookies when browsing Our websites. However, you may be unable to log in to Our secure services without accepting the cookies outlined above.


This Privacy Statement is bilingual, in both Indonesian and English. In the event there are inconsistencies in the explanations or requirements between the Indonesian and English versions or if there is any dispute on the meaning or interpretation, the Indonesian version shall prevail.

Things you should know

This Privacy Statement is last updated on July 28th 2022.

During Our relationship with you, We may tell you more about how We collect and handle your information–for example, when you fill in an application form or receive product terms and conditions. You should always read these documents carefully.

Sometimes We update this Privacy Statement. You can always find the most up-to-date version on Our website.