Read the notice in PDF format
Danske Bank A/S, Finland Branch, Danske Invest Fund Management Ltd, Danske Mortgage Bank Plc
Effective from December 1 , 2022
This privacy notice applies to the processing of personal data by the Finnish branch of Danske Bank A/S (Danske Bank A/S, Finland Branch).
This Privacy Notice is also applicable on Danske Invest Fund Management Ltd’s and Danske Mortgage Bank Plc´s processing of personal data. Both companies are wholly owned subsidiaries of Danske Bank A/S.
Danske Bank A/S, Danske Invest Fund Management Ltd and Danske Mortgage Bank Plc are all separate data controllers for the processing of personal data described in this privacy notice.
Danske Bank A/S, CVR no. 61126228, Holmens Kanal 2-12, DK-1092 København K, DENMARK
Danske Bank A/S, Finland Branch, Business ID 1078693-2, Televisiokatu 1, 00075 DANSKE BANK
Danske Invest Fund Management Ltd, Business ID 0671602-6, Televisiokatu 1, 00075 DANSKE BANK
Danske Mortgage Bank Plc, Business ID 2825892-7, Televisiokatu 1, 00075 DANSKE BANK
More information about the data controllers and the Finnish branch is available on respective website www.danskebank.fi.
When “Danske Bank” or “we” is used below it includes Danske Bank A/S, Danske Bank A/S, Finland Branch, Danske Invest Fund Management Ltd´s and Danske Mortgage Bank Plc’s processing of personal data where applicable.
In the course of our business, we process information about you (personal data).
This privacy notice applies to private customers, potential private customers, sole trader customers, guarantors, pledgers and where applicable other individuals connected to a customer such as guardians, authorized representatives, holders of a power of attorney and other private individuals with whom we interact and collaborate with.
This privacy notice sets out how and why Danske Bank processes your personal data and protects your privacy rights.
Depending on your relation with the bank and depending on the services and products we are offering, we process different kinds of personal data, including
We process other personal data as necessary to provide you with specific products or services or if we are required by law to do so
Our ability to offer the best advice and solutions for you very much depends on how well we know you. Consequently, it is important that the information you provide is correct and accurate and that you inform us of any changes.
We process data about you to provide the best advice and solutions, protect you against fraud and fulfil our agreements with you.
We process personal data to provide you, or the customer of us you are related to, with the financial services or products that has been requested, including
We process personal data for the following purposes:
We must have a legal basis (lawful reason) to process your personal data. The legal basis will be one of the following:
Some of the information we hold about you may be sensitive personal data (also known as special categories of data).
In particular, we may process the following types of sensitive personal data:
We also process sensitive personal data that may appear in the information you give us and transactions you ask us to execute.
We will process sensitive personal data only when we need to, including
We may process sensitive personal data about you on the legal basis of
We collect information directly from you or by observing your actions, including when you
When you call us or when we call you at your request or to follow up on your inquiry, conversations may be recorded and stored for documentation and security purposes. Before an employee answers a call or before you enter the queue, you will be notified if the call will be recorded. In a few situations, for example in case of a long waiting time, your call may be redirected to a non-recorded employee without notification to you. If we talk with you about investment services, we are obliged to record and store our telephone conversation.
We receive and collect data from third parties, including from
We will keep your information confidential but we may share it with the following third parties (who also have to keep it secure and confidential):
Some third parties that we share personal data with may be located outside the EU and the EEA, including in Australia, Canada and India.
When Danske Bank transfers your personal data to third parties outside the EU and the EEA, we ensure that your personal data and data protection rights are subject to appropriate safeguarding by
You can get a copy of the standard contract by contacting us (see contact details in section 13)
Profiling is a form of automated processing of your personal data to evaluate certain personal aspects relating to you to analyse or predict aspects concerning, for example, your economic situation, personal preferences, interests, reliability, behaviour, location or movements.
We use profiling and data modelling to be able to offer you specific services and products that meet your preferences, prevent money laundering, determine prices of certain services and products, prevent and detect fraud, evaluate the likelihood of default risk and value assets and for marketing purposes. If you are a sole trader, we use profiling and data modelling to assess the environmental, social and governance (ESG) risk of your business.
With automated decision-making, we use our systems to make decisions without any human involvement on the basis of the data we have about you. Depending on the specific decision, we might also use information from public registers and other public sources.
We use automated decisions, for example, to approve loans and credit cards, to prevent and detect money laundering and to prevent and detect fraud. Automated decision-making helps us make sure that our decisions are quick, fair, efficient and correct, based on what we know.
In relation to loans and credit cards, we consider information about your income, your expenses and how well you have kept up on payments in the past. This will be used to determine the amount we can lend you. In relation to the prevention and detection of money laundering, we perform identity and address checks against public registers and sanctions checks.
In relation to fraud prevention and protection, we do our best to protect you and your account against criminal or fraudulent activity by monitoring your transactions (payments to and from your account) to identify unusual transactions (for example payments you would not normally make or that are made at an unusual time or location). This may stop us from executing a payment that is likely to be fraudulent.
You have rights relating to automated decision-making. You can obtain information about how an automated decision was made. You can ask for a manual review of any automated decision. Please see section 11. “Your rights” and “Rights related to automated decision-making”.
We keep your data only for as long as it is needed for the purpose for which your data was registered and used.
When your business relations with us have terminated, we normally keep your data for another seven years. This is due primarily to our obligations under the Finnish Bookkeeping Act, the Finnish Anti-Money Laundering Act and requirements from the Danish and Finnish Financial Supervisory Authority. In certain circumstances, we keep your information for a longer period of time. This is the case, for example,
If you, as a potential customer, have asked for an offer for a loan or another product or service, but refuse the offer and do not become a customer, your personal data will normally be stored for six months, but may for some purposes be stored longer to comply with other legal obligations, for example due to regulatory requirements.
Your rights in relation to personal data are described below. To exercise your rights, you can
See section 13 for more information on how to contact Danske Bank about data protection.
You may request access to the personal data we process and information about where it comes from and what we use it for. You can obtain information about the period for which we store your data and about who receives data about you, to the extent that we disclose data in Finland and abroad. Your right of access may, however, be restricted by legislation, protection of other persons’ privacy and consideration for our business and practices. Access to video surveillance may be restricted due to the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to employees. Our know-how, business secrets as well as internal assessments and material may also be exempt from the right of access.
Under the “Profile” section of the Danske Mobile Banking app, you can get an overview of the personal data you have given us. You will find your contact details and information you have given us about your household, income, debt and so on. You can update the information if changes have occurred in your life.
You can make an access request via our webpage at danskebank.fi/gdpr.
You can obtain information on how an automated decision was made and the effects of the decision, you can express your point of view, you can object to the decision, and you can request a manual review of any automated decision.
In certain circumstances, you have the right to object to the processing of your personal information. This is the case, for example, when the processing is based on our legitimate interests.
You have the right to object to our use of your personal information for direct marketing purposes, including profiling that is related to such purpose.
You can always contact us and request a block concerning all types of direct marketing.
If data is inaccurate, you are entitled to have the data rectified. If data is incomplete, you are entitled to have the data completed, including by means of providing us with a supplementary statement.
You are entitled to have your data erased, if the data is no longer necessary in relation to the purposes for which it was collected.
However, in the following cases, we may or are required to keep your data:
If you believe that the data we have registered about you is incorrect, or if you have objected to the use of the data, you may demand that we restrict the use of the data to storage. Use will be restricted to storage only until the correctness of the data can be verified, or it can be checked whether our legitimate interests outweigh your interests.
If you are entitled to have the data we have about you erased, you may instead request us to restrict the use of the data to storage. If we need to use the data solely to assert a legal claim, you may also demand that other use of the data be restricted to storage. We may, however, be entitled to use the data for other purposes, for instance to assert a legal claim or if you have granted your consent to this.
Where consent is the legal basis for a specific processing activity, you may withdraw your consent at any time. Please note that if you withdraw your consent, we may not be able to offer you specific services or products. Note also that we will continue to use your personal data, for example to fulfil an agreement we have made with you or if we are required by law to do so.
If we use data based on your consent or as a result of an agreement, and the data processing is automated, you have a right to request a copy of the data you have provided in a digital machine-readable format.
We may change or update this privacy notice on a regular basis. In case of a change, the “effective from” date at the top of this document will be amended. If changes to how your personal data is processed will have a significant effect on you personally, we will take reasonable steps to notify you of the changes to allow you to exercise your rights (for example to object to the processing).
You are always welcome to contact us if you have questions about your privacy rights and how we process personal data.
You can contact us on our main telephone number (0200 2590 Mon–Fri 8–16 (local network charge/mobile call charge)). You are also welcome to contact your adviser directly.
You can contact our Data Protection Officer by email at dpofunction@danskebank.com.
If you are dissatisfied with how we process your personal data, and your dialogue with the Data Protection Officer has not led to a satisfactory outcome, you can contact our complaints handling unit by contacting directly our customer service or branches, via eBanking message or by filing your complaint on www.danskebank.fi/sinulle/asiakaspalvelu/anna-palautetta/reklamaatiot. You can also lodge a complaint with the Data Protection Agency: Tietosuojavaltuutettu, Lintulahdenkuja 4, 00530 Helsinki, email: tietosuoja@om.fi