5 Recipients of personal data
Our technical and organisational measures ensure that your data can only be accessed by those employees who need it to fulfil their duties or our legal and contractual obligations.
Personal data is transferred to external recipients only where required in fulfilment of statutory or contractual obligations. Examples of transfer to external recipients may include:
- External service providers whose services we use and which receive or gain knowledge of personal data for this purpose. In such instance, a special processor agreement is concluded with each provider in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act. This agreement governs and periodically monitors all data protection obligations. Of particular note in this context is the processor’s duty to maintain bank or data secrecy. Examples in this regard may include system maintenance performed by external specialists (system updates or troubleshooting measures) or the mailing of bank statements.
- Reporting requirements for public entities, agencies or authorities
- Other banks, financial institutions or investment companies