Transport and Development Bank ensures the security of customer information by complying with international standards, including the Information Security Standard ISO27001:2022 and the Payment Card Industry Data Security Standard (PCI DSS).

The Bank’s privacy policy is aimed at safeguarding customer information and the Bank’s information assets against internal and external, intentional or unintentional threats, while ensuring confidentiality, integrity, and availability.

We strictly adhere to the Law on Cybersecurity, the Law on Personal Data Protection, and other laws and regulations of Mongolia, as well as policies and guidelines issued by regulatory authorities, and continuously improve our practices.

Our Principles

Transport and Development Bank takes all necessary technical, technological, and procedural measures to ensure the security and confidentiality of customer information.

The Bank fully complies with the requirements of ISO27001:2022, the international standard for information security, and PCI DSS v4.0.1, the standard for payment card data security, implementing them in line with organizational and protective measures.

When cooperating with external service providers, the Bank ensures that customer information is managed in accordance with leading international practices and information security standards.

Transport and Development Bank utilizes personal data for the following purposes:

• Providing services and offering new banking products
• Meeting legal and regulatory requirements
• Improving service quality and security

Personal Data Protection Policy

We are fully committed to protecting the confidentiality, integrity, and security of customer personal information. In particular:

• Personal data will not be disclosed to others without consent.
• Data will not be transferred to third parties, except to government authorities on legal grounds.
• Technical and organizational measures to safeguard information security are implemented on a continuous basis.