www.commerzbank.de
Open in
urlscan Pro
212.149.50.185
Public Scan
URL:
https://www.commerzbank.de/portal/en/footer1/datenschutzhinweise/Datenschutzhinweise.html
Submission: On December 12 via api from UA — Scanned from PL
Submission: On December 12 via api from UA — Scanned from PL
Form analysis 2 forms found in the DOM
Name: searchform — POST
<form method="post" action="" name="searchform" onclick="window.open('https://service.commerzbank.de/search/?utm_source=portalsucheob', '_self')">
<a class="SucheLbl">search
<img class="SucheLupe" src="/portal/media/system/images/lupe.png" name="SucheISDirekt">
</a>
</form>POST /lp/login?default
<form id="headerLoginForm" action="/lp/login?default" method="post" style="text-align:right;">
<div style="float:left;">
<button id="headerLoginSubmit" class="b-01 b-a-04 b-g-01 login" type="submit" title="Login">Login</button>
</div>
</form>Text Content
Bezahlen
search
* Group
* Deutsch
Login
* Private & Business Clients
* My online banking
* PERSONAL HOMEPAGE
FINANCE OVERVIEW
TRANSACTION OVERVIEW
FINANCIAL ANALYSIS
PORTFOLIO STATEMENT
MY INBOX
GLOBAL PAYMENT PLUS
* ACCOUNTS
* Transfer
* Foreign Transfer
* Standing Orders
* BillOnline Business Card
* SEPA Direct Debit Input
* Direct Debit Objection
* File-Upload
* Order Overview
* INVESTMENTS
* Portfolio Statement
* Securities Transactions
* Order Book
* Buy Securities
* Sell Securities
* Initial Public Offering
* Securities Saving
* Corporate Actions
* ONLINE-ACCESS
* Login Name / User Number
* Change PIN
* TAN Management
* Lock Access
* Activate HBCI
* Additional Services
* Change Transfer Limit
* TAXES
* Tax Information
FORMS & APPLICATIONS
* Change Address
* More
FOREIGN EXCHANGE
* FX Live Trader
* Request Access
MY OPEN ORDERS
* Products & Offers
* PRIVATE CLIENTS
* Advice
* Bank
* Save
* Borrow
* Invest
* BUSINESS CLIENTS
* Advice
* Products
* SERVICES
* Safe Online Banking
* Forms & Applications
* Rates & Charges
* CONTACT
* Branch Locator
* Phone and email support
* Make an appointment
Login
Transaction Overview Finance Overview
PLEASE ACTIVATE JAVASCRIPT TO USE THIS WEBSITE.
INFORMATION ON DATA PROTECTION FOR CLIENTS AND OTHER DATA SUBJECTS¹ - VALID FROM
25/05/2018
With the following information, we would like to give you an overview on the
processing of your personal data by us and your rights under data protection
law. Which data are processed in detail and the manner in which they are used is
predominantly determined by the services requested or agreed. Therefore, not
every element of this information may be applicable to you.
* deutsche Version
Who is responsible for data processing and who can I contact?
Responsibility lies with
Commerzbank AG
Kaiserplatz, 60261 Frankfurt am Main
Telefon: +49 69 98 66 02 08
meinebank@commerzbank.com
You can reach our internal Data Protection Officer under
Commerzbank AG
Datenschutzbeauftragter
Kaiserplatz, 60261 Frankfurt am Main
Telefon: +49 69 98 66 02 08
datenschutzbeauftragter@commerzbank.com
Which sources and which data do we use?
We process personal data which we receive from our clients and other concerned
parties in connection with our business relationship. Moreover, we process
personal data legitimately obtained from publicly accessible sources (such as
debtors‘ lists, land registers, registers of commercial establishments and
associations, press, Internet) or which have been legitimately transmitted to us
from other companies of the Commerzbank Group or third parties (for example a
credit bureau) to the extent necessary for rendering our services.
Relevant personal data are personal details (name, address and other contact
data, date and place of birth and nationality), legitimisation data (such as
data from ID cards) and also authentication data (such as a specimen signature).
In addition, these may also be contract data (such as a payment order), data
resulting from the performance of our contractual obligations (such as turnover
data in payment transactions), information about your financial status (such as
data on credit standing, data on scoring or rating, origin of assets), data
relevant for loans (such as revenues and expenditures), advertising and sales
data (including advertising scores), documentation data (such as a protocol on
consultations) and other data comparable with the above-mentioned categories.
What is the purpose of processing your data (purpose of personal data
processing) and on which legal basis does this take place?
We process personal data in accordance with the provisions of the EU General
Data Protection Regulation (GDPR) and the German Federal Law on Data Protection
(BDSG)
a) in order to comply with contractual obligations (Art. 6 (1 b) GDPR)
Data are processed for the purpose of providing and arranging banking services
and financial services in connection with the performance of our agreements with
our clients or for performing precontractual measures as a result of queries.
The purposes of data processing are primarily determined by the specific product
(such as an account, a loan, home purchase savings plans, securities, deposits,
agency services) and may, among other things, include needs assessments,
consultation, asset management and administration and the execution of
transactions. For further details on the purposes of data processing, please
refer to the pertinent contractual documents and our General Terms and
Conditions.
b) within the scope of the balancing of interests (Art. 6 (1 f) GDPR)
To the extent necessary, we will process your data beyond the scope of the
actual performance of the contract so as to protect justified interests of our
own and of third parties. Examples:
* Consultation of and exchange of data with credit bureaus (such as SCHUFA) so
as to determine credit standing or default risks in connection with loans and
the requirements in connection with exemption from seizure or basic accounts,
* analysis and optimisation of processes for needs analysis for the purpose of
the direct approach of clients,
* advertising or market and opinion research unless you have objected to the
use of your data,
* lodging legal claims and defence in case of legal disputes,
* ensuring IT security and the IT operation of the bank,
* prevention and investigation of criminal acts,
* video surveillance to exercise domiciliary rights, to collect evidence in
case of attacks or fraud or as proof of disposals and deposits, for example
at ATMs (also see Sec. 4 BDSG),
* measures for securing buildings and systems (such as admission control),
* measures to protect our domiciliary right,
* measures for business management and advanced development of services and
products,
* risk management within the Commerzbank Group.
c) as a result of your consent (Art. 6 (1 a) GDPR)
To the extent you have consented to the processing of personal data by us for
certain purposes (such as passing on data within the Commerzbank Group, analysis
of payment transaction data for marketing purposes, photographs taken in
connection with events, mailing newsletters), such processing is legitimate on
the basis of your consent. Consent once given may be revoked at any time. This
also applies to the revocation of declarations of consent given to us before the
effective date of the GDPR, i.e. before 25 May 2018. Revocation of consent has
an effect only for the future and does not affect the legitimacy of the data
processed until revocation.
d) on the basis of statutory regulations (Art. 6 (1 c) GDPR) or in the public
interest (Art. 6 (1 e) GDPR)
Moreover, we, as a bank, are subject to various legal obligations, i.e.
statutory requirements (such as the Banking Act, the Law on Money Laundering,
the Securities Trading Act, tax laws) and regulations relating to the
supervision of banking (e.g. of the European Central Bank, the European Banking
Supervisory Agency, the German Federal Bank and the Federal Agency for the
Supervision of Financial Services). The purposes of processing include, among
others, the assessment of creditworthiness, checking identity and age,
prevention of fraud and money laundering, compliance with obligations of control
and reporting under tax law and the assessment and management of risks in the
bank and in the Commerzbank Group.
Who will receive my data?
Within the bank, those units will be granted access to your data that need them
in order to comply with our contractual and statutory obligations. Service
providers and agents appointed by us may also receive the data for these
purposes on the condition that they, specifically, observe banking secrecy.
These are companies in the categories banking services, IT services, logistics,
printing services, telecommunication, collection of receivables, consultation as
well as sales and marketing.
As far as passing on data to recipients outside our bank is concerned, it must
first be kept in mind that we, as a bank, are obliged to keep all client-related
facts and assessments we become aware of in strict confidence (banking secrecy
pursuant to no. 2 of our General Terms and Conditions). As a matter of
principle, we may pass on information about our clients only if this is required
by law, the client has given his consent or we have been granted authority to
provide a bank reference. Under these circumstances, recipients of personal data
may, for example, be:
* Public authorities and institutions (such as the European Central Bank, the
European Banking Supervisory Agency, the German Federal Bank, the Federal
Agency for the Supervision of Financial Services, tax authorities,
authorities prosecuting criminal acts, family courts, land register
authorities), provided a statutory obligation or an official decree is in
place,
* other loan and financial services institutes or comparable institutes to whom
we transmit your personal data for the purpose of performing transactions
under our business relationship (depending on the agreement, for example,
correspondent banks, depositary banks, stock exchanges, information bureaus),
* other companies belonging to the Commerzbank Group for the purposes of risk
management on the basis of statutory or official obligations,
* creditors or liquidators submitting queries in connection with a foreclosure,
* service providers in connection with credit or bank cards or businessmen
submitting queries if payment by card is denied,
* third parties involved in loan granting processes (such as insurance
companies, building societies, investment companies, funding establishments,
trustees, service providers carrying out value assessments),
* partners in the credit card business (such as American Express, Tchibo,
Deutsche Bahn, TUI),
* service providers whom we involve in connection with contract data processing
relationships.
Other recipients of data may be those bodies for which you have given us your
consent to data transfer or, respectively, for which you have granted an
exemption from banking secrecy on the basis of an agreement or consent or to
which we may transfer personal data on the basis of the balancing of interests.
Will the data be transferred to a third country or an international
organisation?
Data transfer to bodies in states outside the European Union (so-called third
countries) will take place to the extent
* this is required to carry out your orders (such as payment or securities
orders),
* it is required by law (such as obligatory reporting under tax law) or
* you have given your consent.
Moreover, transfer to bodies in third countries is intended in the following
cases:
* If necessary in individual cases, your personal data may be transmitted to an
IT service provider in the United States or in another third country to
ensure that the IT department of the bank remains operative, observing the
European data protection rules.
* With the consent of the data subject the personal data of parties interested
in bank products can be processed in the course of a CRM system also in the
United States.
* With the consent of the data subject or as a result of statutory provisions
on controlling money laundering, the financing of terrorism and other
criminal acts and within the scope of the balancing of interests, personal
data (such as legitimisation data) will be transmitted, observing the data
protection level of the European Union.
For how long will my data be stored?
We process and store your personal data as long as this is required to meet our
contractual and statutory obligations. In this respect, please keep in mind that
our business relationship is a continuing obligation designed to last for years.
If the data are no longer required for the performance of contractual or
statutory obligations, these will be erased on a regular basis unless –
temporary – further processing is necessary for the following purposes:
* Compliance with obligations of retention under commercial or tax law which,
for example, may result from the German Commercial Code (HGB), the German
Fiscal Code (AO), the German Banking Act (KWG), the German Law on
Money-Laundering (GwG) and the German Law on Trading in Securities (WpHG). As
a rule, the time limit specified there for retention or documentation is 2 to
10 years.
* Preservation of evidence under the statutory regulations regarding the
statute of limitations. According to Secs. 195 et seqq. of the German Civil
Code (BGB), these statutes of limitations may be up to 30 years, the regular
statute of limitation being 3 years.
What are my rights with regard to data protection?
Every data subject has the right of access pursuant to Article 15 GDPR, the
right to rectification pursuant to Article 16 GDPR, the right to erasure
pursuant to Article 17 GDPR, the right to restriction of processing pursuant to
Article 18 GDPR, the right to object pursuant to Article 21 GDPR and the right
to data portability pursuant to Article 20 GDPR. As far as the right to obtain
information and the right to erasure are concerned, the restrictions pursuant to
Secs. 34 and 35 BDSG are applicable. Moreover, there is a right to appeal to a
competent data protection supervisory authority (Article 77 GDPR in conjunction
with Sec. 19 BDSG).
Your consent to the processing of personal data granted to us may be revoked at
any time by informing us accordingly. This also applies for the revocation of
declarations of consent given to us before the effective date of the GDPR, i.e.
before 25 May 2018. Please keep in mind that such revocation will be effective
only for the future with no impact on processing carried out before the date of
revocation.
Am I obliged to provide data?
Within the scope of our business relationship, you are obliged to provide those
personal data which are required for commencing, executing and terminating a
business relationship and for compliance with the associated contractual
obligations or the collection of which is imposed upon us by law. Without these
data, we will generally not be able to enter into agreements with you, to
perform under such an agreement or to terminate it.
Under the statutory regulations in connection with money laundering, we are
especially obliged to identify you by an ID document before entering into
business relations with you and, especially, to ask for and record your name,
place of birth, date of birth, nationality, address and identity card details.
So as to enable us to comply with these statutory obligations, you are obliged
to provide the necessary information and documents in connection with the
anti-money laundering law and to report any changes that may occur in the course
of our business relationship. If you should fail to provide the necessary
information and documents, we are not permitted to enter into the desired
business relationship or to continue with such a relationship.
To what extent will decision-making be automated?
As a matter of principle, we do not use fully automated decision-making
processes pursuant to Article 22 GDPR for establishing and performing a business
relationship. In the event that we should use such processes in individual cases
(for example when applying for credit cards) we will inform you of this and of
your rights in this respect separately if prescribed by law.
Will profiling take place?
Your data will be processed automatically in part with the objective of
evaluating certain personal aspects (profiling). For example, we will use
profiling of the following cases:
* As a result of statutory and regulatory regulations, we are obliged to fight
money laundering, the financing of terrorism and criminal acts jeopardising
property. In that respect, data (among others, data in payment transactions)
will be analysed. These measures also serve to protect you.
* So as to be able to inform you selectively about our products and to provide
advice to you, we use analysis tools. These permit communication according to
your needs and advertising including market and opinion research.
* In connection with the assessment of your credit-worthiness we use scoring.
By scoring the probability of a client meeting his/her contractual payment
obligations is calculated. This calculation, for example, may take into
account a client‘s income and expenditures, existing financial obligations,
the profession, employer, time of employment, previous experience from the
business relationship, due redemption of earlier loans as well as information
from credit bureaus. Scoring is based on a proven and recognised
mathematical-statistical method. The resulting score values assist us in
decision-making in connection with product transactions and will become part
of the ongoing risk management.
--------------------------------------------------------------------------------
INFORMATION ABOUT YOUR RIGHT TO OBJECT PURSUANT TO ARTICLE 21 GDPR
Right to object based on individual cases
You have the right to object, on grounds relating to your particular situation,
at any time to the processing of personal data concerning you which is based on
point (e) of Article 6 (1) (data-processing in the public interest) and point
(f) of Article 6 GDPR (data-processing on the basis of the balancing of
interests); this also applies for profiling as defined in Article 4 point 4
GDPR.
If you do object, we will no longer process your personal data unless we have
compelling justified reasons for such processing which take precedence over your
interests, rights and freedom or, alternatively, such processing serves to
assert, exercise or defend legal claims.
Right to object to processing data for the purpose of direct marketing
In individual cases, we will process your personal data for the purpose of
direct marketing. You have the right to object at any time against the
processing of your personal data for the purposes of such marketing; this also
applies for profiling to the extent it is connected to such direct marketing.
If you do object to processing for the purposes of direct marketing, we will
refrain from using your personal data for such purposes henceforth.
Recipient of an objection
Such objection may be submitted informally under the heading "objection"
indicating your name, your address and your date of birth and should be
addressed to:
Commerzbank AG
Kaiserplatz, 60261 Frankfurt am Main
Telefon: +49 69 98 66 02 08
widerspruch@commerzbank.com
Information to print
* Information on data protection
1 e.g. authorised representatives, potential customers of products,
non-customers such as providers of third-party collateral
* Terms
* Legal Notices
* Imprint
* Consent Management
* Group
* Career
* Data Protection
BRIEFLY AGREE TO COOKIES AND COMPARABLE WEB TECHNOLOGIES
To provide you with an optimal website experience in particular, we use cookies
and web technologies with your consent for functional, statistical, convenience
and marketing purposes, as well as for the display of personalized content. In
detail, these are (details under following links):
Tag Management: Management of technologies that require consent.
DoubleClick Floodlight: Analysis of user behavior to optimize the user
experience.
Meta: Tracking behavior after clicking on Meta ads and personalizing Meta ads.
Google Ads: Tracking behavior after clicking on Google ads and personalizing
Google ads.
LinkedIn: Tracking behavior after clicking on LinkedIn ads and personalizing
LinkedIn ads.
Google Analytics: Reach measurement to improve the user experience of the
website and optimization of marketing campaigns.
Snowplow: Measurement of user behavior and used technology for technical and
content optimization of the Commerzbank´s Service portal.
If you are at least 16 years old, you can confirm that we may use these web
technologies by clicking "Accept All". Otherwise, click "Deny All". You can
revoke or adjust your consent settings at any time by clicking "Individual
Settings".
You can find further information in our privacy policy and in our imprint.
* Accept all
* Deny all
Individual Settings
Privacy policy Imprint
CONTROLLER ID
Commerzbank uses your controller ID to document, prove and display your consents
in the history.
Controller ID: