Policy Documentation

Privacy Policy

We are fully committed to protecting your personal data and in particular your privacy-sensitive data. We ensure that this takes place in accordance with all relevant legislation and regulations such as General Data Protection Regulation (hereinafter: AVG).

Who are we?

FIBR is a trade name of the Amsterdam Trade Bank N.V. FIBR is fully committed to protecting your personal data and in particular your privacy-sensitive data.

Why do we process your personal data?

The bank needs personal information of you when applying for an account and to execute an agreement with you. The Bank also processes personal data, which is necessary; for statistical analysis, to be able to comply with legal obligations, such as on the basis of (inter) national Sanctions Acts, for analysis related to enlargement of the customer base, to improve the range of products and services, and to better respond to the personal situation of a customer in the product range and services, for marketing activities intended to establish relationships with customers, and to maintain or expand relationships with existing customers, to investigate complaints, for training and assessing employees and to improve services, to prevent and combat fraud, to request data from other authorities. We do this, for example, to properly assess your application for a product or service, for screenings or to conduct a so-called "personal inquiry". In connection with a responsible acceptance policy, we consult data managed by various research agencies, organisations and social media. The purpose of this is to reduce risks control and to prevent fraud. 

What information do we collect from you and others?

Information about you when you come onto the website (see cookies), information provided by you, information from your device, information about your location, is not stored, but derived from the browser you are using to access the website, information from Third parties about you, information from publicly available sources about you.

How long do you keep my personal data stored?

For the execution of an agreement with you, on the basis of a legitimate interest of us, to comply with a legal obligation.

On the basis of which legal grounds do we process personal data?

The period for which we store your data depends largely on how we acquired the data. We distinguish between a person who has no FIBR, person who has one active account or a person who has multiple active accounts.

Download detailed data storage and retention policy.

Who has access to your information and where is it stored?

FIBR ensures that relevant measures are taken to prevent unauthorized access to your personal data. Access will be granted to the following:  FIBR employees who need access due to their role and for official business purposes. All these employees are bound by a duty of confidentiality. Suppliers: To help us provide our services to you, this includes banking and lending partners, banking intermediaries and international payment-service providers. We also share your personal data with fraud-prevention agencies to check your identity, protect against fraud, keep to anti-money laundering laws and confirm that you are eligible to use our products and services. On the basis of legal grounds, for example when providing information to tax authorities, supervisory authorities and other governments or on the basis of previously (contractually) agreed principles with you Suppliers who provide us with IT, payment and delivery services. Our banking and financial-services partners and payments networks. Analytics providers and search information providers. To help us improve our website or app. Customer-service providers, survey providers and developers. To help us to provide our services to you. Communications services providers. To help us send you emails, push notifications and text messages. Your personal data is stored in accordance with EU bases as included in the GDPR. This can be within the EU or countries with an adequate level of protection as determined by the European Commission. In some cases this is outside the EU, but in all cases in accordance with the established framework of the GDPR.

Will my data go outside of Europe?

As we provide an international service, we may need to transfer your personal data outside the European Economic Area (EEA) in order for us to provide our services. For example, if we have to send your personal data outside of the EEA to keep to global legal and regulatory requirements, and to provide ongoing support services. We may share your personal data with credit-reference agencies and fraud-prevention agencies that are based outside of the EEA. We will take all reasonable steps to make sure that your personal data is handled securely and in line with this privacy policy and data protection laws. If you would like more information, please contact us through the website or by sending an email to info@fibrbank.com.

What are your rights?

Know what we do with your personal data We provide this privacy statement to explain how we use your personal data. If we change the way we use your personal data, we will update this policy and, if appropriate, let you know by email or through our website. We can’t give you any personal data about other people, personal data which is linked to an ongoing criminal or fraud investigation, or personal data which is linked to settlement negotiations with you. We also won't provide you with any communication we've had with our legal advisers. Ask us to delete your personal data You can ask us to delete your personal data if: there's no good reason for us to continue using it; you gave us consent (permission) to use your personal data and you have now withdrawn that consent; you have objected to us using your personal data; we have used your personal data unlawfully; or the law requires us to delete your personal data. Just to let you know, we may not be able to agree to your request. As a regulated financial services provider, we must keep certain customer personal data even where you ask us to delete it (we've explained this in more detail below). If you've closed your account, we may not be able to delete your entire file because these regulatory responsibilities take priority. We will always let you know if we can't delete your personal data. Ask us to correct your personal data You can have incomplete or inaccurate personal data corrected. Before we update your file, we may need to check the accuracy of the new personal data you have provided. You can object to us processing your personal data for marketing purposes. You can tell us to stop using your personal data for marketing You can object to us processing other personal data (if we are using it for legitimate interests). if our legal basis for using your personal data is 'legitimate interests' and you disagree with us using it, you can object. However, if there is an overriding reason why we need to use your personal data, we will not accept your request. If you object to us using personal data which we need in order to provide our services, we may need to close your account as we won’t be able to provide the services. You can ask us to suspend using your personal data if: you want us to investigate whether it is accurate; our use of your personal data is unlawful but you do not want us to delete it; we no longer need your personal data, but you want us to continue holding it for you in connection with a legal claim; or you have objected to us using your personal data (see above), but we need to check whether we have an overriding reason to use it. If you ask us to transfer personal data to you or another company, we will send you the information via email.   Your ability to exercise these rights will depend on a number of factors. Sometimes, we will not be able to agree to your request (for example, if we have a legitimate reason for not doing so or the right does not apply to the particular information we hold about you).

How do I exercise my rights?

To exercise any of your rights set out in the previous section, you can contact us through the secured environment or send us an email at info@fibrbank.com. We will respond to your request within 1 month.  For security reasons, we can't deal with your request if we are not sure of your identity, so we may ask you for proof of your ID. If you are unhappy with how we have handled your personal data you can complain to your local data protection authority, via the Autoriteit Persoonsgegevens (https://www.autoriteitpersoonsgegevens.nl).