When do we use your personal data?

We need your personal data to conclude and also perform an agreement, for example if you want to open an account with us or take out a mortgage. This also applies when we provide innovative services to you, for example as part of payment services for contactless payments.

Are you the representative of your company and does or will your company have an agreement with us? Or are you the contact person, shareholder, director or UBO of this company or one of our business customers? If so, we use your personal data for reasons other than concluding or executing the agreement. We do this even if you are only a beneficiary of a payment from one of our customers.

There are many rules laid down by law that we as a bank must follow. These rules state that we must record your personal data and sometimes give it to others. We give here some examples of legal obligations we have to comply with: 

• Under the Financial Supervision Act (Wft), for example, we have a duty to take measures to prevent overcrediting. This means that we must use your personal data to have a clear picture of your financial situation when you take out a personal loan or mortgage with us and during the term of the agreement. With our product disclosures under our legal duty of care, we keep you informed about changes affecting products, such as changes in interest rates. In addition, we may contact you if we see that certain risks of specific products are different than when you took out the product with us. 
• When granting a loan, we must also comply with European laws and regulations. We are required to disclose both our customers' financial risks and the bank's financial risks when granting loans and assess whether customers continue to meet their payment obligations during the term of a personal loan or mortgage you have taken out with us.
• We need to take measures to prevent and combat fraud, tax evasion, terrorist financing and money laundering. What do you notice? For example, we ask you to identify yourself so that we know who you are. This is why we keep a copy of your identity document with a watermark. In this case, you may not hide the BSN and your passport photograph. Sometimes the bank asks for a copy of your passport, for example to be more certain that contracts have been signed by the right person or when applying for a new product. In that case, you may hide the BSN and photo and we will not keep the copy. 
• We may also ask you questions about certain transactions, what your source of income is or ask for an explanation on what the origin of your assets is. You can find more information on the website of De Nederlandse Bank (DNB) .
• There are laws that require us to retain your personal data, for example, the Civil Code (BW), the Financial Supervision Act (Wft), the Money Laundering and Terrorist Financing Act (Wwft) or the Bankruptcy Act.

Other organisations may sometimes request data from banks or we are obliged to provide data to them. Examples include the Tax Authorities (for information reporting purposes, a reporting obligation with the aim of preventing tax evasion,  CESOP or DAC 6) and investigation services that request data for the purpose of criminal investigations such as financial fraud and in cases of money laundering or terrorism financing. Furthermore, banks, and therefore we too, sometimes have to share personal data with regulators, such as the Financial Markets Authority (AFM), De Nederlandsche Bank (DNB) and the European Central Bank (ECB). For instance, if they are investigating business processes or certain (groups of) customers. In the context of the Banking Disciplinary Act, we sometimes have to provide personal data to the Banking Disciplinary Foundation. 

If the law or the regulator indicates that we must record or use your data, we are obliged to do so. In such cases, it does not matter whether you are a customer with us or not. For example, every bank must check whether customers or representatives of (business) customers are really who they say they are. Identification is again not necessary, for example, if we only use your personal data because you are a beneficiary of a payment from one of our customers and you are not a customer of ours.

We may use your personal data if we ourselves have a 'legitimate interest' in doing so. We must then be able to demonstrate that our interest in using your personal data outweighs your right to privacy. We therefore weigh up all interests. But when is this?

• We protect property and personal data belonging to you, to us and to others. 
• We protect our own financial position (e.g. to assess whether you can repay your loan or if we sell your loan or other obligations), your interest and the interest of others (e.g. in case of bankruptcy).
• We do fraud detection to help prevent losses for you and for us due to fraud.
• You will receive relevant tips and offers on the bank's products and services. Regardless of whether you bank with us privately or professionally.
• We want to run our administration efficiently and improve our data quality. We do this to provide you with the best possible service. We also need to organise our banking systems optimally and efficiently to meet our legal obligations. 
• We research how we can improve our current processes, (further) develop products and services and how we can better comply with legal obligations. To this end, we may use new technologies such as artificial intelligence. For each situation, we will consider which data we can use to develop, train and test new technologies. We are constantly looking for appropriate ways to keep your and our data as secure as possible.
• We do statistical research and sometimes collaborate with universities to do scientific research. The Economic Bureau of ABN AMRO does statistical research on macroeconomic trends such as growth of Dutch industry, consumer behaviour or economic impact on climate change, among others.