At Danske Bank we store and use your information to manage your accounts and to provide services that suit your needs. This includes payments, customer advice, customer care, customer administration, credit assessment and marketing as well as compliance with statutory obligations.
General Data Protection Regulation (GDPR)
What is GDPR?
The General Data Protection Regulation (GDPR) is intended to strengthen and unify data protection for all individuals.
At Danske Bank (which is a trading name of Northern Bank Limited, Donegall Square West, Belfast. Registered in Northern Ireland R568), we are committed to ensuring the protection of your personal information.
In line with our aim of making more possible, we have enhanced the procedures we have in place to safeguard your privacy and ensure that you feel confident about the security of your personal information, in line with GDPR guidelines.
What does it mean for me?
Some of the key benefits for you are that:
- You have greater control over your personal information and data
- You have new rights in terms of accessing your information free of charge, and if you notice that any of the information we hold on you is inaccurate, we’ll put this right
- We will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary
- We’ll only send you marketing messages if we have your consent to do so
Data Protection Privacy Notice
This notice explains how we use your personal information, sets out your rights under the new laws and explains how the law protects you.
If we provide you with an account or other banking services then we will use your personal and, if you are a business customer, your business information, in the ways set out in this notice. If you are not content that we will use your information in these ways we may not be able to provide you with an account or other banking services.
As well as using your information to manage the products and services we provide to you, we may need to use your data for a number of other reasons. These include the following:
Assessing the suitability of products or services
We will use your information to assess whether our products and services are suitable for you, including making credit decisions about you. This may involve credit scoring and regular statistical analysis to produce management information relating to risk.
If you are financially linked to another account holder within the Group, we may look at your information when deciding whether to approve an application for credit by the person you are linked to, including when that person applies on behalf of a business that he or she owns. For a full list of companies in the Group, please contact your branch or write to the Data Protection Officer:Data Protection Officer
Donegall Square West
We may link information about your accounts with us to information about other products and services we provide you. We may also link your information to the information relating to other people you are financially linked to, if you make a joint application or if you tell us that you have a husband, wife, civil partner or partner. You should make sure you have shared the relevant information from this notice with them.
Preventing fraud or recovering debt
We may use your information to prevent fraud and recover debts. We may use credit reference and fraud prevention agencies to help us make decisions when you apply for a loan or for a product which allows you to get credit.
If you provide false or inaccurate information and we find that you have committed fraud, we will pass your details to fraud prevention agencies.
Law enforcement agencies may also access and use this information. We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
- Checking details on applications for credit and credit related accounts or other facilities;
- Managing credit and credit related accounts or facilities;
- Recovering debt;
- Checking details on proposals and claims for all types of insurance; and
- Checking details of job applicants and employees.
If you want to receive details of the relevant fraud prevention agencies, please contact your branch or use the contact details at the end of this notice.
We and other organisations may access and use from other countries the information the fraud prevention agencies record.
Before we provide you with credit, we will carry out credit searches using credit reference agencies. These checks are necessary before we enter into a contract for credit related products or services with you. During our business relationship with you, we may also share your information with credit reference agencies as part of our legitimate interests to promote responsible lending and prudent account management. To learn more about what credit reference agencies do, what information they hold and what your rights are, go to the Experian - Credit Reference Agency Information Notice (CRAIN) website.
We will provide you with further information when you ask us for credit.
We may use your information to protect you in the following ways:
- We may record or monitor phone calls to confirm details of our conversations, for your protection, to train our staff and to maintain the quality of our service
- We use CCTV to record images in and around our premises to prevent and detect crime
- Before we provide any service, we will carry out anti-money laundering checks, which may include searches to confirm your identity
Using your personal information in this way allows us to comply with our legal obligations and meet our legitimate interests.
We may also use your information for research purposes and undertake automated decision making including profiling to understand your buying preferences.
Using your personal information in this way allows us to develop, improve and market our products and services to meet our legitimate interests.
Sharing your information
There are other circumstances where we need to provide information to other people to help us and you to run your accounts. We do so when it is in your interests as well as ours. We have set out these circumstances below.
- We may provide information about you to someone you nominate or authorise to act on your behalf
- If we provide you with products and services involving insurance, we must pass your details to insurers. Insurers may keep a record, on a register of claims, of information you provide in connection with any claims made under the insurance. Insurers may use this register to prevent fraudulent claims. You can get a list of companies who use the register, and details of the register operator, from the insurers.
- We may exchange information about you with other companies in the Group to assess credit risk, to prevent fraud or manage risk, or to help us run your accounts. We may also share your information within the Group to prepare research and analyse statistics (including analysing risk and credit) so that we can improve our services.
- We will sometimes arrange for service providers, agents and subcontractors, including from outside the EEA, to provide services and process your information on our behalf. We will make sure that these service providers, agents and subcontractors have a duty to keep your information confidential and secure, and that they only process your information as set out in a written contract.
- To meet our duties to regulators, we may allow authorised people to see our records (which may include information about you) for reporting, compliance and auditing purposes. For the same reason, we will also hold the information about you when you are no longer a customer.
- To meet our legal obligations under the Payment Services Regulations, if we have received a request to return a payment that has been made into your account where the Payer has told his/her bank that the payment was made by mistake, we must, on receipt of a written request, provide to the payer all relevant information in order for the payer to claim repayment of the funds from you. This means that we can provide your name and address to the payer’s bank. The payee’s bank should inform you before disclosing your name and address to the payee.
- We may also share information with certain statutory bodies, e.g. the Financial Services Compensation Scheme (FSCS) if required by law.
How long do we keep your information?
We will keep your personal information during the lifecycle of you being our customer and thereafter for as long as we are required to do so by regulation/law.
Your privacy rights
You have a number of rights under the Data Protection Laws in relation to the way we process your personal data, which are set out below. We will aim to respond to any request received from you in relation to exercising your rights within one month from your request, although this may be extended in some circumstances in line with Data Protection Laws.
You have the right to access the information that we, as a bank, are processing about you and to be told where the information comes from and what we use it for. You also have the right to be informed about how long we store your information and about those with whom we share your information. Your right of access may, however, be restricted by law, the need to protect another individual’s privacy or consideration for the bank’s commercial business strategies and operations. You must write to us if you want to see this information at this address. Access to your data will usually be provided free of charge, although in certain circumstances we may make a small charge where we are entitled to do so under Data Protection Laws.
The right to ask us to correct your information if you think the information that we hold about you is wrong or incomplete.
The right to object to our use of your information, or to ask us to delete, remove or stop keeping it if there is no need for us to keep it. This is known as the ‘right to object’, the ‘right to erasure’ or the ‘right to be forgotten’. There may however be legal or regulatory reasons why we need to keep or use your information. We may sometimes be able to restrict the use of your information so that it is only used for legal claims or to exercise legal rights. In these situations we would not use or share your information while it is restricted.
Profiling and automated decision making. Danske Bank uses automated decision making, including profiling, to approve applications for loans or credit cards, to prevent fraud and, in the case of profiling, to be able to offer you specific services and products that meet your preferences and to target our marketing in general. You have the right not to be subject to automated decision making (including profiling), where it affects your legal rights or has an adverse impact on you, for example, the refusal of an online credit application.
If you have given us your consent to process your data and the processing is automated, you have the right to get your personal information from us in an electronic format that can easily be reused. You can also ask us to pass your information in this format to other organisations.If you wish to exercise any of these rights, please write to the Data Protection Officer; Data Protection Officer
Donegall Square West
Or contact us at: email@example.com.
If you wish to request access to the information that we, as a bank process about you, you can do so by using the below link.
To help us improve and measure the quality of our products and services we undertake market research from time to time. This may involve sharing your information with specialist market research companies. If you do not want to take part please contact us and we will record this.
Keeping you up to date via emails and text message
We are keen to keep you up to date with changes to the service we provide (for example, if we extend our opening hours at your local branch) or interruptions to our service, or also to remind you to activate and use the online services for which you have registered.
If we have your email address or mobile number, we will use these to send you messages. If you do not want us to contact you by text message or email, please contact us and we will delete these details from our records. If you are a personal customer you can delete the details yourself through eBanking (under the heading ‘Are your details correct?’).
Marketing and customer experience
Through our marketing programme, we will identify and tell you about products and services supplied by us or other chosen organisations that we consider may be of interest to you. We may do this by phone, mail, email, text or through other digital media where you have given us your consent to being marketed by these methods. You can decide how much direct marketing you want to accept. We will also use the information we have gathered on you to personalise your experience on digital media such as websites, apps, ATMs, social media sites, mobiles and tablet devices. This may include giving you product and service content we believe might be of interest to you.
You do not have to accept the products or services we offer. You can tell us in writing at any time if you do not want to receive marketing information.
How to complain
If you are unhappy with how we have handled your personal information, you have the right to complain to the Information Commissioner’s Office. You can contact them by writing to the:Information Commissioner's Office
Data Protection Officer
We have appointed a Data Protection Officer to advise us about our data protection obligations and to monitor compliance. You can contact the Data Protection Officer by writing to:Data Protection Officer
Donegall Square West
Or by emailing us at firstname.lastname@example.org.