We collect and process personal data in accordance with data protection legislation, guidelines provided by data protection authorities, and the good information management and processing practices applied in the financial sector.

Appropriate, secure and careful processing of personal data ensures that no unauthorised use of personal data takes place and that your privacy is not put to risk under any circumstances. Personal data is protected using the appropriate technical and organisational means.

Personal data is only processed by employees who need them for performing their work duties. These employees are bound by an obligation of professional secrecy. The regularly provide training for our personnel and monitor the use of systems that contain personal data. All processing of personal data is strictly confidential, follows good information processing practices and is limited to what is necessary considering the purpose of the personal data.

We only retain personal data as long as it is needed for the purposes mentioned in the privacy statement, or required by legislation or an agreement. We strive to maintain the correctness and currency of the personal data by removing and rendering anonymous any personal data that is no longer necessary, and by updating outdated data.

Personal data is not disclosed to other parties without the consent of the customer, or a legal obligation. In the case of any transfers to third countries outside the EU/ETA we manage the adequate level of personal data protection as required by legislation.

If subcontractors are used for processing personal data, we carry the responsibility for the actions of the subcontractors. All service providers that process personal data on our behalf are carefully selected, and the highest possible level of data protection is required from them. Agreements are signed with any subcontractors to commit them to act in compliance with data protection legislation.