Datakeeper is a product of Rabobank. With Datakeeper you get control over your own data. Datakeeper is an app that stores all that data for you in a data vault and keeps it safe there. You can easily share this data with the parties you trust. You decide for yourself what you want to share. Safe and above all: easy. In addition, only the most necessary data is shared.
Rabobank processes personal data in the context of the Datakeeper service. We would like to inform you about this clearly and transparently.
In this privacy statement we explain how we handle the processing of personal data in the context of Datakeeper. We also provide examples to make this explanation as clear as possible. Do you have questions about this privacy statement? Then you can contact us via firstname.lastname@example.org.
1. What does Rabobank mean by the processing of personal data?
This privacy statement concerns the processing of personal data. What do these words mean?
This is data that directly or indirectly says something about you. For example your name and email address.
Everything that can be done with personal data. For example, collecting, but also storing, using, passing on and deleting data.
We process personal data of people who use the Datakeeper app.
2. Which personal data does Rabobank process?
Rabobank processes various types of personal data in the context of offering Datakeeper:
We do not have access to the (personal) data that you store in your Datakeeper Wallet while using Datakeeper. Read more about this at www.datakeeper.nl.
3. How does Rabobank obtain your personal data?
We receive your data from your use of Datakeeper.
4. What are the purposes and bases for the processing of personal data by Rabobank?
For the development and improvement of products and services
In order to serve you well and to innovate, we are constantly developing and improving. We do this for ourselves or other parties.
We process data when analyzing your use of Datakeeper. We do this to improve Datakeeper.
We also conduct research to improve our products and services. This way we can ask you what you think of Datakeeper. You do not have to cooperate with such an investigation.
We sometimes use other parties to process your data for this purpose. For example, to measure or to ask you how we can improve our services. These other parties then act on behalf of Rabobank.
We process your data because we have a legitimate interest in doing so. We may also ask for your consent to process data in order to contact you.
To enter into a relationship and to be able to enter into an agreement with you.
If you want to become a customer with us, or if you are already a customer and want to purchase Datakeeper, or if you contact us, we need your personal data and we have to process it.
We usually process your data because we have a legitimate interest in processing your data for the above purpose. We must then be able to demonstrate that our interest in using your personal data outweighs your right to privacy. We therefore weigh up all interests. We can also process the data because this is necessary for the conclusion of the agreement.
For the execution of agreements and assignments
If you have become a customer of ours, we are happy to provide you with good service. And we execute the agreement with you. We can also contact you if this is necessary to be able to perform our services, we offer you the possibility to create a Datakeeper and we must provide the services to you. For this we process personal data.
We process data because this is necessary to execute the agreement. If you do not provide us with some information, we will not be able to perform the agreement.
For entering into and executing agreements with suppliers and other parties with whom we work.
When supplying Datakeeper to you, we sometimes use suppliers and other parties where it is necessary that your personal data is provided to those third parties for the correct delivery of Datakeeper to you. We make agreements with these third parties about lawful processing by them of your personal data.
We process your data here to perform the agreement we have concluded, because we are legally obliged to do so or because we have a legitimate interest in doing so.
For compliance with legal obligations
The tax authorities, the police and the Public Prosecution Service, but also, for example, intelligence services or supervisors can request data from us. We then have a legal obligation to cooperate with investigations and to pass on data about you that we have in our possession (see section 2).
We process your data here because this is necessary to comply with a legal obligation. If we have no direct legal obligation to process your data, we rely on the legitimate interest.
5. How long does Rabobank keep your personal data?
We do not keep your data longer than we need it for the purposes for which we collected it or the purposes for which we reuse it.
6. Who has access to your data within Rabobank?
Within Rabobank, only people have access to your personal data who need it in view of their position. All these persons have a duty of confidentiality.
7. Does Rabobank also use personal data for other purposes?
Do we want to use data for a purpose other than that for which we received it? Then we may only do so if there is a close connection between the two goals.
Is there insufficient relationship between the purpose for which we obtained the data and the new purpose? Then we ask you for permission. You can always withdraw your consent by sending an email to email@example.com.
8. Does Rabobank make automatic decisions about me?
Automatic decisions are decisions about you that are made by computers, and not (anymore) by humans. Rabobank is allowed by law to make use of automated decisions, including profiling. But there are certain rules.
Rabobank does not currently use fully automatic decision-making. If we do, you will be informed about this.
9. Does Rabobank pass on your personal data to others?
Sometimes we engage other parties/business partners who process personal data on our behalf. For example, parties that scan your proof of identity in the Datakeeper for us.
These parties must first be deemed sufficiently reliable by us, they must make certain agreements with us and have demonstrably taken appropriate security measures and guarantee confidentiality. We can only engage other parties if this fits the purpose for which we have processed your personal data.
In the Datakeeper we have built a technique that allows you to receive and share your personal data with the Issuing and Receiving Parties as defined in the General Terms and Conditions Datakeeper 2022. Rabobank has no influence on that receiving or sharing, you determine this yourself together with the Issuing and Receiving Parties. Parties.
If we pass on your data ourselves to other parties outside the European Union, we take extra measures to protect your data. Not all countries outside the European Union apply the same rules to protect your data as is required within Europe. Do we use third parties outside the EU? And does the country where this party is located, according to the European Commission, offer insufficient protection with regard to the processing of personal data? Then we only pass on personal data if there are other appropriate safeguards, such as contractual agreements approved by the European Commission ('Standard Contractual Clauses').
10.What rights do you have at Rabobank?
a. right to information
With this privacy statement, Rabobank informs you about what it does with your data. If there are other reasons to inform you in addition to the privacy statement, we will do so in a manner chosen by us.
b. right of access and rectification
You can ask us via firstname.lastname@example.org whether and which data we process about you. If that is the case, we can give you access to the data that we have processed about you. Do you think that your personal data has been processed incorrectly or incompletely? Then you can ask us via email@example.com to change or supplement the data (rectification).
c. right to erasure
You can ask us via firstname.lastname@example.org to delete data that we have recorded about you. For example, if you object to the processing of your data. Your interest must also take precedence over Rabobank's interest in processing the data. You know how to delete your data as it is included in your Datakeeper from your Datakeeper.
d. right to restriction
You can ask us via email@example.com to limit the personal data that we process about you. This means that we process less data from you.
e. right to data portability
You have the right to ask us via firstname.lastname@example.org to obtain or transfer data that you have provided to us in the context of contact with us or with your consent in a structured and machine-readable form to another party. Are you asking to transfer data directly to another party? This is only possible if it is technically possible.
f. right to object to processing based on a legitimate interest
Do we process your data because we have a legitimate interest in doing so? Then you can object to that. We will then make a new assessment to determine whether your data may indeed no longer be used for this purpose. We will stop processing if your interest outweighs our interest. We will inform you of our decision in a motivated manner.
g. right to object to direct marketing
You have the right to ask us via email@example.com to no longer use your data for direct marketing. We will then ensure that you are no longer contacted via that channel.
Have you made one of the requests described above to us? Then we will answer such a request within one month after we have received this request.
We may ask you to further specify your request for access. In very specific cases, we can extend the term within which we respond to a maximum of three months. We will then keep you informed about the progress of your request.
We may ask you to identify yourself when you make a request to us. For example, with a request for access and data portability, we want to be sure that we provide your data to the right person. We then ask you, for example, to make your identity known and to have it checked by us. Even if we have doubts about whether we can safely send the data to you. Even then we can ask you to come to us to collect your data.
We may not be able to accommodate your request. For example to that the rights of others are harmed, or because this is not allowed by the law or the police, the public prosecutor or another government agency. Or because we have weighed up interests in which the interests of Rabobank or others in processing the data take precedence. Then we will let you know.
Do we adjust your data? Or do we delete your data at your request? Then we will let you know. And where possible also inform the recipients of your data about this.
11. Where can you go with a question or complaint or about personal data at Rabobank?
For questions about the processing of personal data by us, please contact:
1. Rabobank: via firstname.lastname@example.org
2. the data protection officer: email@example.com
If you have a complaint about the processing of your personal data by Rabobank, please contact:
1. Rabobank via firstname.lastname@example.org
2. the data protection officer: email@example.com
3. the Dutch Data Protection Authority.
12. Can Rabobank change this privacy statement?
Yes, our privacy statement may change from time to time. If there are new data processing operations, we will adjust the privacy statement accordingly. And if these changes are also important to you, we will draw your attention to them or make the changes known to you in a prominent way. The most current version of our privacy statement can always be found in the Datakeeper App.