Privacy Policy

What information can you find here?

We, Bethmann Bank AG (hereinafter “the Bank” or “we”), want you to understand how we process your personal information in the publicly accessible areas of Bethmann Bank AG's web pages (in particular, www.bethmannbank.de, tenor.bethmannbank.de (hereinafter “website” or “websites”)) and to inform you about your rights as data subjects. Which of your personal data we might process depends to a substantial extent on the functions of our website you use. If the processing of personal data for some functions differs from the details set out in this Privacy Policy (for example, in protected areas of the website after you log in) you will be informed separately.

 

Contents

What information can you find here?

  • Who is responsible for your data?
  • What is personal data, and which of your personal data do we use?
  • To what end (purpose of processing) do we process your data?
  • Use of our website purely for information purposes
  • Use of enhanced features of our website
  • Use of digital communication tools
  • Use of your data for direct marketing purposes
  • Cookies
  • Cookies overview
  • Use of social media on our website
  • Use of Google Maps on our website
  • What is the legal basis for our use of your personal data?
  • Who receives your data?
  • Is personal data transmitted to a third country or to an international organisation?
  • To what extent is my personal information used for profiling (scoring)?
  • To what extent does automated individual decision-making take place?
  • How long do we store your personal data?
  • What are your rights under data protection law?
  • Information on your right to object pursuant to Art. 21 GDPR
  • Individual right to object
  • Right to object to the processing of data for marketing purposes
  • Do you have a complaint, or is there something that remains unclear?
  • Why has the Privacy Policy changed?
 

Who is responsible for your data?

The party responsible for your personal data and provider of this website is Bethmann Bank AG, Mainzer Landstrasse 1, 60329 Frankfurt am Main.

You can find further information on the Bank in our Legal notice.

You can also contact us at the address below with any data protection-related queries:

Bethmann Bank AG

Privacy Officer

Mainzer Landstrasse 1

60329 Frankfurt am Main

Phone: +49 69 2177-0

Email: datenschutz@bethmannbank.de

 

Our contact for your data protection-related questions

Our group of companies has a Chief Privacy Officer who you can reach at the following address:

ABN AMRO Bank N.V.

Chief Privacy Officer

Gustav Mahlerlaan 10

1082 PP Amsterdam, Netherlands

Email: privacy.office@nl.abnamro.com

 

What is personal data, and which of your personal data do we use?

This Privacy Policy relates to the processing of personal data (Art. 4 II of the European General Data Protection Regulation (hereinafter “GDPR”)) on our websites. Personal data is any information relating to an identified or identifiable natural person. In other words personal data is Information that says something about you as a person. Personal data includes, for example, your personal details (first name, surname, address, date of birth etc.), all types of contact details (e.g. phone, email address), sex, marital status, other information you might find in an application or a CV (e.g. about your education, work experience) and all other information we are able to associate with you as a natural person (e.g. data concerning your use of the telemedia we offer, e.g. date/time you accessed our website, app or newsletter, pages you have clicked on and entries made).

 

To what end (purpose of processing) do we process your data?

Anyone who processes personal must be authorised to do so. The law refers to this as the “basis provided for the processing” of your personal data. We process your personal data in accordance with statutory provisions, particularly the German Telemedia Act (TMG), the GDPR and the Federal Data Protection Act (hereinafter “BDSG”), for the following purposes:

 

Use of our website purely for information purposes

If you use our website purely for information purposes (i.e. you do not transmit information to us via the contact function or use other features of the website), we use cookies to process the data transmitted by your browser in order to allow you to visit our website, both for statistical purposes and in order to improve our Internet offerings.

For further information please see “Cookies” below.

Use of enhanced features on our website

In addition to the use of our website purely for information purposes we offer various services and features which you can use if interested, such as password-protected areas for online banking, a contact form and functions and features provided by social media and other third parties (e.g. maps from Google).

Personal data is collected and processed in connection with password-protected areas only if this has been agreed beforehand – please feel free to contact us about this.

If you contact us via email or the contact form, the information we process varies depending on the type of your enquiry. As a minimum, we will ask for your email address but we may also need other personal data in order to respond to your enquiry. Information we require is marked with an asterisk (*); additional information can often be added but is not marked. Information you send to us via the contact form is encrypted and cannot therefore be viewed by third parties.

We provide information on functions and features offered by social media and other third parties in a separate section, see below.

Use of digital communication tools

Furthermore, we process your personal data in the following contexts:

  • in order to remain in personal contact with you in the course of digital events,
  • in order to offer you video banking,
  • in order to ask you for your opinion on our products and services using ad hoc surveys.

Such applications typically use the following data, in particular:

  • information on the participant, such as first name and surname or email address
  • metadata, such as the IP address or length of the online session
  • for chat, audio or video use: text data for display and, if applicable, logging, and recording data of the microphone

We will inform you separately and in advance of the applications we use and all the information associated with their use, e.g. purpose of processing, legal basis, deletion periods, recipients of the data and your right to withdraw your consent.

Use of your data for direct marketing purposes

We would like to offer you relevant products and services which we deem appropriate. To allow this to happen we will process your personal data we have received from you (e.g. in the context of a specific enquiry via the contact form) and data from other sources.

We use our internal bank systems to allow us to offer relevant products and services. All relevant information we hold about you is, among other things, also collected for direct marketing purposes. We use client selection processes to allow us to present relevant offers to you.

Where the use of your personal data for direct marketing purposes is not in the bank’s legitimate interest, we will obtain your consent to this. Whatever the case, you have a right to object and a right to withdraw your consent. We will notify you of this separately. You also have the right to object to the creation of a personalised client profile for direct marketing purposes.

 

Cookies

Cookies are small data packages which are stored on your hard drive when using the browser. Cookies cannot execute programmes or transmit viruses to your PC.

We use cookies and similar technologies required for the website to function and which serve the secure use of the website as intended (“functional cookies”). Moreover, with your consent we also use “marketing and analytical cookies”. Such cookies are employed to analyse your use of our website and to personalise content and marketing in order to tailor them to your needs and interests. By clicking on “Accept” or “Decline” in the cookies notice on our website, you decide the extent to which Bethmann Bank AG is able to use marketing or analytical cookies.

Please note: If you delete cookies or set your browser to reject cookies, this may have an adverse impact on the functions and features of the website. Merely setting cookies to be declined does not, however, mean that cookies you or your browser accepted in the past no longer work – if in doubt you must actively delete these cookies.

Instructions on how deactivate or delete cookies in the browser you are using, either in full or in part, and further information on use and functionality can be found in the online help or user instructions of your browser or end device.

Cookies overview

Functional cookies

Name Type Description Retention period

Aab_login_check

abnamro Stores the user's connection settings (such as the browser version) for functional purposes. 13 Months
firstLoadQR abnamro Cookie enabling login. 13 Months
LBCSS abnamro Cookie which allows the user disruption-free use of the web pages (load balancing). 13 Months
rpLoginPreference abnamro Cookie enabling the user's login preferences to be stored. 13 Months
CONSENTMGR Tealium IQ Implemented by the Cookie Consent Manager (programme) so that acceptance or refusal of cookies is retained in the memory. 13 Months
Homepage Tealium IQ Storage of the relevant homepage to be displayed on return. 13 Months
utag_main Tealium IQ This cookie name is associated with the Tealium data platform and is used to calculate the audience of a website in anonymised form. 13 Months
s_cc Adobe SiteCatalyst A cookie to determine whether cookies are activated in the browser. 13 Months
s_vi_hkghdx7Bfge Adobe SiteCatalyst This cookie is used to identify a visitor. Each visitor receives a unique identifier with the time and date of their visit. 13 Months
Mbox Adobe Target Cookie used to identify the browser and the current session cookie issued on the visit to the website and to measure the performance of the page content using the A/B test. A/B testing is a method used to compare two versions of a website or app to establish which generates the stronger performance. The two versions are called A and B and displayed to users on a randomised basis. 13 Months

Analytical cookies

Name Type Description Retention period
s_pers Adobe SiteCatalyst A cookie which stores analytical information on use of the website. 24 Months
AMCV_0861467352782C Adobe The cookie is connected to the Adobe Marketing Cloud. It stores a unique identifier for every visitor and generates a user-specific identifier. 13 Months
TAPID Tealium IQ Cookie to record user activities (e.g. page views) of website users. 13 Months
UVID Tealium IQ Enables the user activities of website visitors from various systems (e.g. Adobe Analytics and DoubleClick) to be matched. 13 Months
Demdex Adobe Audience Manager This cookie allows Adobe Audience Manager to perform specific basic functions such as visitor recognition, synchronisation of access data, segmentation, modelling, report creation etc. 13 Months
Dpm Adobe Audience Manager Cookie to record information on the ID synchronisation. 13 Months

Marketing Cookies

Name Type Description Retention Period
Twitter Twitter This cookie enables us to show you targeted adverts on Twitter. 13 Months
Facebook Facebook This cookie enables us to show you targeted adverts on Facebook. 13 Months
_ga Google Analytics This cookie is a service used to calculate audience numbers. This cookie is used to differentiate unique users by allocating a randomly generated number to them as a client identifier. It is integrated in each page request on a website and is used to calculate visit, session and campaign data for web analysis reports. 13 Months
_gat_gtag_UA_66293666_1 Google Analytics This cookie is used to limit the number of requests on doubleclick.net in order to avoid a system overload. 13 Months
_gid Google Analytics The name of this cookie is associated with Google Universal Analytics. It is able to distinguish between users through their identifying features (e.g. IP address). 13 Months
NID Google Doubleclick This cookie is implemented in order to store whether the visitor's current browser accepts cookies. 13 Months
_sm_au_d Google Doubleclick We use this cookie to establish a profile of interest by recording user activity (for example, page views) in order to display relevant adverts on third-party websites. 13 Months
test_cookie Google Doubleclick This cookie is implemented in order to store whether the visitor's current browser accepts cookies. 13 Months
Bcookie LinkedIn This cookie stores the browser used to log into LinkedIn. 13 Months
JSESSIONID LinkedIn This cookie stores user statuses for page requests. 13 Months
Lang LinkedIn This cookie is used to record the standard language setting and to display the content in the language recorded. 13 Months
Lidc LinkedIn This cookie is used to share the information from the website on LinkedIn (social network). 13 Months
UserMatchHistory LinkedIn This cookie enables visitor activity on the website to be monitored to offer them the most recent adverts according to the visitor's preferences. 13 Months
LinkedIn LinkedIn This cookie allows us to show you targeted adverts on LinkedIn. 13 Months
 

Use of social media on our website

On our website we have implemented social network buttons with a link to social networks such as XING, LinkedIn, Facebook, Google+ and Twitter, in particular. By using your mouse to click on one of the buttons, the login page of the social network in question opens if you are not yet logged in at the time of the mouse click, or our web page opens in the relevant social network.

If, at the time you click on one of our social network buttons, you are already logged into the relevant social network, the social network in question is able to collect data about you; in particular, it is able to identify the website from which you came.

If you do not want a social network to collect data about you in the manner described above, you must log out of the relevant social network before the mouse click on one of our social media buttons; depending on the social network, this may mean, however, that even the simple use of the “Recommend” function will be restricted or even excluded.

For further details on data protection at the social networks to which our pages contain links we recommend you consult the most recent privacy policies of the operators of the social networks in question:

XING AG, Dammtorstr. 30, 20354 Hamburg, Germany.

The XING privacy policy is available to view on:

https://www.xing.com/privacy

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

The LinkedIn privacy policy is available to view on:

https://www.linkedin.com/legal/privacy-policy

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The data policy is available to view on:

https://de-de.facebook.com/about/privacy/

Google, Amphitheatre Parkway, Mountain View, CA 94043, USA.

The Google privacy policy is available to view on:

http://www.google.com/intl/de/policies/privacy/index.html

Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

The Twitter privacy policy is available to view on:

https://twitter.com/privacy?lang=de

YouTube 

The YouTube privacy policy is available to view on:

https://policies.google.com/privacy?hl=de

 

Use of Google Maps on our website

The Google Maps interface has been integrated into our website in order to present geographical information on our group companies in visual form. When visitors use Google Maps, Google also collects, processes and uses data on the use of the maps functions. Further information on the processing of data by Google can be found in Google’s privacy policy at https://www.google.com/intl/de/policies/privacy/index.html. Third-party provider information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001. Additional conditions of use for Google Maps: https://www.google.com/intl/en_US/help/terms_maps.html.

 

What is the legal basis for our use of your personal data?

We process your data which we receive via the website either for the purposes of legitimate interests within the meaning of Art. 6 I (f) GDPR or, provided that you have granted your explicit consent, on the basis of this consent (Art. 6 I (a)). If you contact us in order to conclude an agreement with us, Art. 6 I (b) GDPR provides an additional legal basis for processing of your data.

 

Who receives your data?

Within the bank, access to your data is granted to those who require your data in order to communicate with you (for example, in order to process your contact enquiries), to initiate an agreement with you or to safeguard our interest in optimising our website, for example with regard to user friendliness and the client-oriented design of content. In addition, any processors in the sense of Art. 4 VIII GDPR we use may receive personal data for the said purposes (Art. 28 GDPR). In particular, such processors may be companies in the following categories: lending services, IT services, logistics, printing services, telecommunications, advice and consulting, sales and marketing. We select these companies carefully. In a contract with them we clearly agree on sufficient guarantees to implement appropriate technical and organisational measures in order to process your data lawfully and in the intended way. We remain responsible even when involving another company which acts on our behalf.

If you are a client of our Bank, there are situations where we are obliged to pass on your personal data to other recipients outside the Bank. Regarding the passing on of data to recipients outside the Bank it is worth noting, first of all, that according to the General Terms and Conditions agreed between us, we are obliged to maintain secrecy regarding all client-related facts and evaluations of which we gain knowledge (banking secrecy). We are not allowed to pass on information unless statutory provisions require us to do so, you have granted your consent or we are authorised to issue bank information. Subject to these requirements, recipients of personal data may include, for example:

  • public agencies and institutions (e.g. Deutsche Bundesbank, Bundesanstalt für Finanzdienstleistungsaufsicht (Federal Financial Supervisory Authority), European Banking Authority, European Central Bank,
  • tax authorities) if a statutory or official obligation exists.
  • Other banking and financial service institutions or comparable institutions to which we transmit your personal data in order to implement the business relationship (depending on the agreement: for example, correspondent banks, custodian banks, stock markets, credit reporting agencies). If, for example, you transfer funds to another bank, your data will of course also be received by that bank. Otherwise payment transactions would not be possible

Other recipients of data may include the persons/bodies for who/which you have granted us your permission to transmit data and/or for which you have exempted us from banking secrecy pursuant to the agreement or consent.

 

Is personal data transmitted to a third country or to an international organisation?

We use services whose providers are, in some cases based in third countries and whose data protection level may not correspond to that in the EU. Where this is the case we will take provisions to ensure an adequate data protection level for any data transfers. This includes for example: standard EU contract clauses. Where this is not possible, we base transmission of data on derogations stipulated in Art. 49 GDPR, in particular on your explicit consent or the necessity for the performance of a contract.

Where the transmission of data to a third country is planned and no adequacy decision and no adequate guarantees are available, there is a possibility that the authorities in the third country may gain access to the transmitted data and that enforcement of your rights as a data subject cannot be guaranteed.

 

To what extent is my personal information used for profiling (scoring)?

We process your personal data in part automatically in order to evaluate specific personal aspects (hereinafter “profiling”), namely if an agreement is due to be, or has been, completed with you. For example, we use profiling in the following cases:

Due to statutory or regulatory requirements, we are committed to combating money laundering, terrorist financing and asset-destroying crimes. In this process, data evaluations take place (including in payment transactions). These measures are also designed to protect you.

We use evaluation tools to enable us to inform you about products and advise you in a targeted manner. These tools allow communication and adverts that meet the demands of users, including market research and opinion polling.

We use scoring as part of assessing your creditworthiness. Scoring calculates the probability of a client meeting their payment obligations in accordance with the contract. The calculation may include, for example, income, expenses, existing liabilities, employment, employer, length of employment, experience from the business relationship to date, repayment of previous loans in accordance with the contract, and information from credit reporting agencies. The scoring is based on a recognised and proven mathematical and statistical procedure. The calculated scores support our decision-making in the context of product signings and are incorporated into the ongoing risk management.

 

To what extent does automated individual decision-making take place?

As a rule, we do not use automated individual decision-making pursuant to Art. 22 GDPR in order to establish and implement a business relationship. Should we use these procedures in individual cases, we will inform you of this separately where this is required by law.

 

How long do we store your personal data?

We process and retain your personal data for as long as is required in order to fulfil the relevant purpose. We have set out the retention periods for cookies above. We have no control over the retention period of data held by third parties if we have no contractual relationship with them (e.g. in the social media area), here, the storage periods result from the provider's relevant provisions.

Where necessary and permitted by law we process your personal data for the duration of our business relationship, which includes the initiation and processing of an agreement. It is worth noting in this context that our business relationship is a continuing obligation scheduled to extend over a period of years.

If the data is no longer required in order to fulfil contractual or statutory obligations, it will be deleted on a regular basis unless its further processing or retention – for a limited period – is required for the following purposes, in particular:

  • Fulfilment of retention and documentation obligations resulting among other things from the German Commercial Code (HGB), the Fiscal Code (AO), the Lending Act (KWG), the Money Laundering Act (GwG) and the Securities Trading Act (WpHG).
  • Preservation of evidence in the context of statutory limitation periods, particularly pursuant to sections 195 et seqq. of the German Civil Code (BGB).

What are your rights under the general data protection regulation (GDPR)?

Every data subject has the right of access pursuant to Art. 15 GDPR, the right of rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR and the right to data portability pursuant to Art. 20 GDPR.

In addition, data subjects have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR in conjunction with section 19 BDSG).You have the right to revoke your consent to the processing of personal data by us at any time. (Art. 7 III GDPR)

 

Information on your right to object pursuant to Art. 21 GDPR

Individual right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6 I GDPR (data processing on the basis of the weighing up of interests), including profiling based on this provision within the meaning of Art. 4 IV GDPR which we use for assessing your creditworthiness or for marketing purposes.

If you object, we will stop processing your personal data unless we are able to demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.


An objection can be lodged informally and should, where possible, be addressed to:

Bethmann Bank AG

Privacy Officer

PO Box10 06 32

60006 Frankfurt am Main

Phone: +49 69 2177-0

E-Mail: datenschutz@bethmannbank.de

Right to object to the processing of data for marketing purposes

In individual cases we will process your personal data for direct marketing purposes. You have the right to object at any time to processing your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, we will no longer process the personal data for such purposes.

Furthermore, you can inform us at any time that you do not wish to receive offers for our products and services.

An objection can be lodged informally and should, where possible, be addressed to:

Bethmann Bank AG

Privacy Officer

PO Box 10 06 32

60006 Frankfurt am Main

Phone: +49 69 2177-0

E-Mail: datenschutz@bethmannbank.de

 

Do you have a complaint, or is there something that remains unclear?

Please contact us if you have any questions about this Privacy Policy. We are happy to help. In addition to the Privacy Officer, our Complaints Management department will be happy to assist you. In particular, if you do not agree with the way we handle your data you can lodge a complaint with:

Bethmann Bank AG

Complaints Management

PO Box 10 06 32

60006 Frankfurt am Main

You also have the right to lodge a complaint with the competent Data Protection Agency. For the Bank, this is the Data Protection Officer of Hesse, Gustav-Stresemann-Ring 1, 65189 Wiesbaden; the competent data protection supervisory authority; further information can be found at https://www.datenschutz.hessen.de

 

Security of our IT systems

We are working continuously to improve our systems and processes and thus make online banking for you as secure and reliable as possible. Should you nevertheless notice a vulnerability, we would be grateful if you could let us know. Despite all care taken, mistakes can happen. Should you notice or suspect a vulnerability in our IT systems, we would ask you that you let us know first and thereby support us in finding a solution. Thanks to your help, we will be able to improve continuously in order to prevent fraud and system outages. If you make these vulnerabilities in our IT systems public without having alerted us first, this may have serious consequences. Criminals may use your information for Internet fraud, for example.

Reporting weak spots in IT systems - ABN AMRO

 

Why has the Privacy Policy changed?

This Privacy Policy is amended on a regular basis in order to bring it in line with changes to the law and/or the processing of personal data by Bethmann Bank AG. You can see this by the date this document was last updated, as shown below. We recommend that you check this Privacy Policy on a regular basis.

 

Last updated: 22 March 2021