Rabobank processes personal data. We wish to inform you about this clearly and transparently. This privacy statement will answer your most important questions about the processing of personal data by Rabobank.
In this privacy statement we will use certain terms. Below is an explanation of those terms.
- Personal data:
Data that directly or indirectly identifies an individual such as employees or directors of your organisation. Examples include names and addresses.
Any acts that can be performed in relation to personal data. These may include collection, but also storage, use and removal of data from our records.
1. Whose personal data are processed by Rabobank?
We process personal data of persons with whom we have, wish to have, or used to have, a direct or indirect relationship. These may include personal data of:
- Clients and their representatives e.g. employees and directors;
- Persons who show an interest in our products and services; or
- Persons who are associated with a business or organisation with which we have, wish to have, or used to have, a relationship.
Please note: if during the course of our relationship, your business or organisation provides us with personal data of employees or directors, you are obliged to inform your employees and directors thereof. You may provide them with this privacy statement, so that they can understand how Rabobank treats their personal data.
2. Who is responsible for the processing of my personal data?
Rabobank processes personal data. Any reference in this privacy statement to Rabobank will refer to Rabobank Dublin.
3. For what purposes does Rabobank process personal data?
We process personal data for the following purposes:
a. To be able to enter into a relationship with your organisation
If your organisation wishes to become a Rabobank client, or wishes to enter into a transaction, purchase a new product or a new service, we will require personal data of your employees or directors. In addition, we can also obtain personal data from third party sources such as the Company Registration Office.
b. To maintain the relationship with you and to execute orders
If you are a Rabobank client, we want to provide your organisation with a quality service. For that purpose, we process personal data. We will use your employees’ and directors’ name and address details, for example, to maintain contacts with your business. We may also disclose their names to other organisations, e.g. in the context of payment transactions.
c. To protect your business interests as well as our own
To protect your business interests as well as our own and the security and integrity of the financial sector, we may process personal data. For instance, to combat or investigate fraud. For this purpose, we may consult, and enter personal data in, the incident registers and alert systems of the financial sector. Furthermore, we may also for this purpose consult public sources such as public registers, newspapers and the Internet.
d. For purposes of development and improvement of our products and services
In order to be able to continue to provide your organisation with a quality service, we are constantly developing and improving our products and services. In some cases, this may involve the processing of personal data, for example if your employee has a question about a product.
e. For promotional and marketing purposes
We may process your employees’ or directors’ personal data for promotional or marketing purposes. For example, to inform your organisation about a new product that may be of interest, or to better anticipate your business’ wishes. This relates to promotional and marketing purposes to your organisation, not to individual employees or directors in a personal capacity. If your organisation does not wish to be contacted for commercial purposes, please advise us.
f. To enter into, and to perform, agreements with suppliers and corporate clients
If your organisation has business contacts with Rabobank, we may process their personal data. For example to be able to ascertain that they are authorised to represent your organisation or to grant them access to our offices.
g. To perform statutory obligations
We are required by certain national and international laws and regulations to collect data about your organisation and its employees and directors. For example we are sometimes required to initiate a (further) investigation if your business has certain assets or in the event of an unusual transaction in your account. Furthermore, we might be required to ascertain who the ultimate beneficial owner (UBO) is of a company with which we have a relationship. Laws and regulations may also require us to disclose data about your organisation to a government or regulatory body.
h. For purposes of our operations
As a financial service provider, it is important to us, and necessary, to have a good overview of our client relations. That includes knowing whether you collaborate with other parties that may pose a risk.
4. Does Rabobank also process sensitive data?
Sensitive data are special types of personal data, for example data concerning physical or mental health, criminal data or racial or ethnic data.
Rabobank participates in incident registers and alert systems for the financial sector, and may process data concerning criminal records for that purpose. The purpose of an incident register or alert system is to protect the interests of financial institutions and their clients, e.g. by detecting fraud.
Furthermore, we will process sensitive data only if so required by law, with your employees’ or directors’ consent, or at your request. If you request us to record sensitive data about your employees or directors, or if your organisation disclose such data itself, we will only process it if that is necessary for our services.
5. How does Rabobank treat personal data?
Personal data is stored carefully and for no longer than necessary for the purpose for which it was processed. Within Rabobank, personal data can be used only by employees who require access to such data for the performance of their duties. Our employees are subject to a confidentiality obligation.
For business purposes and in order to monitor compliance with legal and regulatory obligations, we will to the extent permitted by local law, review the content of emails and instant messages passing through our IT systems, and to record telephone calls routed via our telephone systems.
If we wish to use data for a purpose other than that for which they were originally processed, then we may only do so if the two purposes are closely related. Personal data may also be shared between the various Rabobank locations, but only if this is reconcilable with the purpose for which the personal data was collected and if this is compliant with other requirements following from applicable privacy laws and regulations.
We sometimes engage third parties to process personal data on our behalf. We can engage third parties only if this fits the purpose for which we have requested personal data. In addition, such third parties may only obtain our engagement if they have demonstrably taken appropriate security measures and warrants confidentiality.
Personal data may also be shared with third parties that we engage in our operations or the provision of our services. This may, for example in the context of payment transactions, include transfer to third parties in countries that do not have the same level of protection for personal data as in the European Union or other countries considered to have an adequate data protection level. Personal data may, both during and after processing, be subject to investigation by competent national authorities in the countries where such data are located for purposes of processing. Personal data will not be sold or hired out.
6. What rules must Rabobank observe in the processing of personal data?
When processing personal data in Ireland, Rabobank is subject to laws and regulations including the Data Protection Acts 1988 and 2003.
7. Can I view or access the personal data that Rabobank processes about me?
Yes, you may request a summary of the personal data processed about you from Rabobank.
You may request a copy of your personal data processed by Rabobank upon written request and payment of a small fee. A written request known as a data access request for information should be forwarded to: The Privacy Officer, Compliance Department, Rabobank, Charlemont Place, Dublin 2.
If you feel that personal data has been processed incorrectly or incompletely, or if your organisation’s employees or directors feel that such processing was unnecessary, you can file a request for editing, supplementation or removal of personal data with the relevant Rabobank location.
8. Who can I turn to if I have a question or a complaint?
If you have any questions or complaints about Rabobank's processing of personal data, please contact: The Privacy Officer, Compliance Department, Rabobank, Charlemont Place, Dublin 2.
9. How long does Rabobank hold my data for?
Save where there is a legal requirement to retain data for an alternative timeframe, Rabobank shall retain data in respect of its clients for no longer than necessary following the end of the relationship between Rabobank and the client. These retention periods exist to ensure compliance with any obligations that Rabobank may have.
We do not use or issue ‘cookies’ on this Website. ‘Cookies’ are small text files that a website can use to identify visitors.