General information

Banking Circle as data controller
Controller’s contact details
How do we get information?
Your data protection rights
Sharing your information
Links to other websites
Your right to complain
Changes to this privacy notice

Reason for contacting us

Make an enquiry about our services
Make a complaint
You are the ultimate beneficial owner and /or legal representative of one of our clients
You are the payer or beneficiary of a payment executed via Banking Circle’s infrastructure
Apply for a job
You are the person of contact of an employee of Banking Circle
Respond to our consultation requests and surveys
Attend an event, seminar or workshop
Subscribe to our newsletters
Request our white papers or other publications
You are a visitor to our offices


General information

This privacy notice tells you what to expect us to do with your personal information.

This notice is layered. So, if you wish, you can easily select the reason you may have been in contact with us and why we process your personal information and see what we do with it.

We’ll tell you:

  • why we are able to process your information;
  • what purpose we are processing it for;
  • whether you have to provide it to us;
  • how long we store it for;
  • whether there are other recipients of your personal information;
  • whether we intend to transfer it to another country; and
  • whether we do automated decision-making or profiling.

Banking Circle as data controller

Data Protection, which regulates the use of personal data, applies to only two types of entities – Data Controllers and Data Processors. Banking Circle might be a Controller for some activities and a Processor for others but cannot be both for the same processing activity.

Data Controllers have ultimate control of the processing in question and full responsibility for Data Protection compliance. A Processor by contrast processes on behalf of a Controller, e.g. outsourced payroll providers, and has more restricted liability. The existence of a Data Processor, therefore, implies a Data Controller. The relationship between Controllers and Processors is always a matter of fact but by law must also be documented in a written contract.

The accepted industry position is that banks are controllers not processors in relation to financial services, irrespective of whether the client is a person or an institution and irrespective of the volume of transactions. Banking Circle is fully liable for these processing activities whether done in-house or outsourced.

The basis for this is that as a regulated entity much of Banking Circle’s processing is to meet its statutory obligations and Banking Circle determines the purpose and means of any other processing it carries out in providing financial services, e.g. Banking Circle, not the client, will decide what personal data to collect and apply its own judgement to it when processing payments such as beneficiary name and account information.

Despite the overlap between data protection and payment operations terminology, Banking Circle is not a data processor when processing payment instructions from its clients.

We may also process information on employees of our clients and of any company interested in knowing more about our services as well as of any of our contractors.

Controller’s contact details

You can contact us by sending us an email to privacy@bankingcircle.com

The postal address of our head office is:

Banking Circle S.A.
2 boulevard de la Foire
L-1528 Luxembourg

You can also reach us at the following address:

Banking Circle Denmark, Filial af Banking Circle S.A., Luxembourg

Amerika Plads, 38
2100 Copenhagen
Denmark

Banking Circle S.A. UK Branch

24 King William Street,
London, EC4R 9AT
UK, England

Banking Circle S.A. – German Branch

Oskar-von-Miller Ring 20,
80333 Munich
Germany

For general contact please use this page of our website.
https://www.bankingcircle.com/contact-us

How do we get information?

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You have made a complaint or enquiry to us.
  • You have made an information request to us.
  • You wish to attend, or have attended, an event or a webinar.
  • You have answered a survey on our products & services on behalf of one of our clients.
  • You subscribe to our e-newsletter.
  • You have applied for a job with us.
  • We also receive personal information indirectly, in the following scenarios:
  • One of our clients has shared your contact details to us.
  • You are the ultimate beneficial owner of your organisation that has shared your data with us.
  • You are representing your organisation that has shared your data with us.
  • You have made a payment to our clients or their customers.
  • You have been sent a payment by our clients or their customers.

If it is not disproportionate or prejudicial to Banking Circle, we’ll contact you to let you know we are processing your personal information. ​

As part of Banking Circle’s regulatory and corporate functions, we also process criminal conviction data.

Your data protection rights

Under data protection law, you have certain rights we need to make you aware of. The rights available to you depend on our reason for processing your information.

Your right of access

You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.

Your right to rectification

You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing

You have the right to ask us to restrict the processing of your information in certain circumstances.

Your right to object to processing

You have the right to object to processing if we process your information because the process is in our legitimate interests or for direct marketing purpose.

Your right to data portability

This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.

If we are processing your information for criminal law enforcement purposes, your rights are slightly different. Please see the relevant section of the notice.

You are not required to pay any charge for exercising your rights. We have one month to respond to you.

Please contact us at privacy@bankingcircle.com if you wish to make a request.

Sharing your information

We will not share your information with any third parties for the purposes of direct marketing.

We use data processors who are third parties who provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it.

They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

In some instances, we may share your information with organisations outside the EU/EEA. In this scenario, we’ll satisfy ourselves that there is an adequacy decision made by the EU Commission recognising that the laws of this country provide an adequate level of protection for your information. Should this not be the case, we will implement appropriate safeguards for your information to be held securely by our data processors such as including standard data protection clauses adopted by the EU Commission in our contract.

In some circumstances, we are legally obliged to share information. For example under a court order or where we cooperate with our regulatory supervisory authorities or other public bodies in handling complaints or investigations. In any scenario, we’ll satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.

For a list of our main data processors see our outsourcing addendum available at https://www.bankingcircle.com/terms-of-use

Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.

Your right to complain

We work to high standards when it comes to processing your personal information. If you have queries or concerns, please contact us at privacy@bankingcircle.com and we’ll respond.

If you remain dissatisfied, you can make a complaint about the way we process your personal information to the following authorities:

If you are resident in Denmark:

Datatilsynet
Borgergade 28, 5
1300 København K
Denmark
Telefon +4533193200
Fax +45 3319 3218
Email: dt@datatilsynet.dk

If you are resident in the UK:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow
SK9 5AF Cheshire
The UK
Tel: +44 303 123 1113 (local rate)
or +441625 545 745
Fax: 01625 524 510
Email: casework@ico.org.uk

If you are resident in Germany:

Landesamt für Datenschutzaufsicht
Promenade 18
91522 Ansbach
Germany
Tel: +49 (0) 981 180093-0
Fax : +49 (0) 981 180093-800
Email:poststelle@lda.bayern.de

If you are resident anywhere else:

National Commission for Data Protection (CNPD)
1, avenue du Rock’n’Roll
L-4361 Esch-sur-Alzette
Luxembourg
Tel.: (+352) 26 10 60-1
Contact Link: https://cnpd.public.lu/en/support/contact.html

Changes to this privacy notice

We keep our privacy notice under regular review to make sure it is up to date and accurate.

July 2020

We have published this privacy notice for the first time.

Reason for contacting us

Make an enquiry about our services

Purpose and lawful basis for processing

When you contact us to make an enquiry, we collect information, including your personal data, so that we can respond to it.

The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR.

What we need and why we need it

We need enough information from you to answer your enquiry. If you contact us via email, we’ll need a return address for response.

What we do with it

We’ll set up a file on our system to record your enquiry and so we can get it to the correct area of the business to be dealt with. We’ll also keep a record of our response. We use the information supplied to us to deal with the enquiry.

How long we keep it

We will keep the information for a reasonable period and then delete it. Normally we will not keep this information for more than 12 months after its deletion.

What are your rights?

You have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes. For a list of our main data processors that may process your personal data as part of the services they provide to us see our outsourcing addendum available at https://www.bankingcircle.com/terms-of-use

Make a complaint

Purpose and lawful basis for processing

When you contact us to make an enquiry, we collect information, including your personal data, so that we can respond to it and fulfil our regulatory responsibilities.

The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR.

What we need

We need information from you to investigate your complaint properly such as name, address, issue you have experienced with our services.

When we receive a complaint from you, we’ll set up a case file. This normally includes your contact details and any other information you have given us about the other parties in your complaint such as the beneficiaries of your payments.

Why we need it

We need to know the details of your complaint so we can investigate it and fulfil our regulatory obligations.

What we do with it

We will use your personal information to investigate your complaint. We compile and share statistics showing information like the number of complaints we receive with our regulatory supervisory authorities, but not in a form that identifies anyone.

No third parties have access to your personal information unless the law allows them to do so.

However, if you have made a complaint related to the provisions of services by one of our clients or their customers, we usually have to disclose your identity to them. This is so we can clearly explain to them what you think has gone wrong they can handle your complaint directly. This also means we may receive information about you from them.

If you are acting on behalf of someone making a complaint, we’ll ask for information to satisfy us of your identity and if relevant, ask for information to show you have authority to act on someone else’s behalf.

How long we keep it

We keep the personal information relating to you for as long as is necessary in order to enable us to provide the relevant services to our clients, after which we will delete it or anonymised it. Normally, we will not keep this information for more than 5 years following termination of the relationship with our clients.

What are your rights?

You have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes. For a list of our data processors see our outsourcing addendum.

You are the ultimate beneficial owner and /or legal representative of one of our clients

Purpose and lawful basis for processing

When we enter into a business relationship with our clients, we collect information, including your personal data, so that we can comply with our due diligence obligations on them.

The lawful basis we rely on to process your personal data is article 6(1)(c) of the GDPR, which allows us to process personal data when this is necessary to comply with a legal obligation under any applicable anti money-laundering and counter terrorism financing laws we are subject to as a regulated credit institution.

We also ensure that the person deciding to enter into a business relationship with us on behalf of our clients and signing the contractual arrangement we have with our clients are duly authorised as legal representative to make such decision on behalf of our clients.

What we need:

  • Full name
  • Address
  • Salutation (If applicable)
  • Maiden Name (If applicable)
  • Date of birth
  • Place of birth
  • Nationality
  • Proof of residency
  • Proof of Identity
  • Proof of ID number i.e. (passport number)
  • Job position
  • TIN
  • Tax residency
  • Criminal convictions and offences

Why we need it

For the purpose of identifying the true beneficial owners and legal representatives of our clients and comply with our Know your Clients obligations under any applicable anti money-laundering and counter terrorism financing laws we are subject to as a regulated credit institution.

To satisfy our reporting obligation to the tax authorities under tax cooperation treaty with the United States or other countries of the OECD.

To document our due diligence process on the identity of the true beneficial owners and legal representatives of our clients.

To monitor any adverse media information associated with our clients.

What we do with it

We collect and retain your personal data in our client relationship management system to document the compliance with our legal obligations under any applicable anti money-laundering and counter terrorism financing laws we are subject to as a regulated credit institution.

We process your data through our adverse media screening tool.

We may be obliged to share your personal data as part of a report regarding any suspicious activity or transactions on clients’ activity to our regulatory supervisory authorities in countries where we operate our activities. We may also share your personal data with our correspondent institutions involved in the payment chain upon request.

No other third parties may however have access to your personal data unless the law allows them to do so.

How long we keep it

We keep the personal information relating to you for as long as is necessary in order to enable us to provide the relevant services to our clients, after which we will delete it or anonymised it. Normally, we will not keep this information for more than 5 years following termination of the relationship with our clients.

What are your rights?

As a regulated credit institution, we are acting in our regulatory capacity to process your personal data, so you have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes. For a list of our main data processors that may process your personal data as part of the services they provide to us see our outsourcing addendum available at https://www.bankingcircle.com/terms-of-use

You are the payer or beneficiary of a payment executed via Banking Circle’s infrastructure

Purpose and lawful basis for processing

When we receive or make a payment from or to you for our clients and their customers, we collect information, including your personal data, so that we can respond to it and fulfil our regulatory responsibilities.

The lawful basis we rely on to process your personal data is article 6(1)(c) of the GDPR, which allows us to process personal data when this is necessary to comply with a legal obligation under any applicable anti money-laundering and counter terrorism financing laws we are subject to as a regulated credit institution.

When you contact us to make an enquiry regarding a payment you have sent to or receive from us, we collect information, including your personal data, so that we can respond to it.

The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR.

What we need

Your name and address, bank account as well as transaction details.

Why we need it

For the purpose of detecting financial crimes patterns or criminal behaviour in payment transactions;

For the purpose of screening the same transactions against sanction lists published by governmental organisations in the countries where we operate our activities as a regulated credit institution.

For the purpose of passing on information to our correspondent institutions involved in the payment chain.

If you have made a query related to a payment sent by our clients or their customers, we’ll keep a record of your enquiry and so we can get it to the correct area of the business to be dealt with. We’ll also keep a record of our response. We use the information supplied to us to deal with the enquiry.

We usually have to disclose your identity to them. This is so we can clearly explain to them what you think has gone wrong and they can handle your query directly. This also means we may receive information about you from them.

What we do with it

We collect and retain your personal data in our transaction platforms to document the transactions performed for our clients and their customers. We compile and share statistics showing information like the number of payments we receive with our regulatory supervisory authorities, but not in a form that identifies anyone.

We use your personal data as well as any other information identifying you as payer or as beneficiary of a payment and any information related to the transactions underlying the payment we receive to feed our transaction monitoring and sanction screening tool or applications.

How long we keep it

We keep the personal information relating to you for as long as is necessary in order to enable us to provide the relevant services to our client, after which we will delete it or anonymised it. Normally, we will not keep this information for more than 5 years following its collection.

What are your rights?

We are acting in our regulatory capacity to monitor your transactions, so you have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes. For a list of our main data processors that may process your personal data as part of the services they provide to us see our outsourcing addendum available at https://www.bankingcircle.com/terms-of-use

Apply for a job

Purpose and lawful basis for processing

Our purpose for processing this information is to assess your suitability for a role you have applied for and to help us develop and improve our recruitment process.

The lawful basis we rely on for processing your personal data is article 6(1)(b) of the GDPR, which relates to processing necessary to perform a contract or to take steps at your request, before entering a contract.

We process information about applicant criminal convictions and offences. The lawful basis we rely on to process this data is Article 6(1)(c) for the purpose of complying with a legal obligation we are subject to as a regulated institution.

What do we need at the application stage?

  • Name
  • Address
  • CV

What we do with it

We’ll use all the information you provide during the recruitment process to progress your application with a view to offering you an employment contract with us, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide with any third parties for marketing purposes.

We’ll use the contact details you give us to contact you to progress your application. We may also contact you to request your feedback about our recruitment process. We’ll use the other information you provide to assess your suitability for the role.

Why we need it

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it may affect your application if you don’t.

We will use any feedback you provide about our recruitment process to develop and improve our future recruitment campaigns.

Application process

If you use our online application system, your details will be collected by our data processor People HR on our behalf.

You can submit your application to us without the need to create an account.
We ask you for your personal details including name and contact details. We’ll also ask you about previous experience, education, referees and for answers to questions relevant to the role. Our recruitment team will have access to all this information.

You will also be asked to provide equal opportunities information. This is not mandatory – if you don’t provide it, it won’t affect your application. We won’t make the information available to any staff outside our recruitment team, including hiring managers, in a way that can identify you. Any information you provide will be used to produce and monitor equal opportunities statistics.

Shortlisting

Our hiring managers shortlist applications for interview. They will not be provided with your name or contact details or with your equal opportunities information if you have provided it.

Assessments

We may ask you to participate in assessment days; complete tests or occupational personality profile questionnaires; attend an interview; or a combination of these. Information will be generated by you and by us. For example, you might complete a written test or we might take interview notes. This information is held by us.

If you are unsuccessful after assessment for the role, we may ask if you would like your details retained in our talent pool. If you say yes, we would proactively contact you should any further suitable vacancies arise.

Conditional offer

If we make a conditional offer of employment, we’ll ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We must confirm the identity of our staff and their right to work, and seek assurance as to their trustworthiness, integrity and reliability.

You must therefore provide:

  • proof of your identity – you will be asked to attend our office with original documents; we’ll take copies
  • proof of your qualifications – you will be asked to attend our office with original documents; we’ll take copies
  • a criminal records declaration to declare any unspent convictions
  • your email address, which we’ll pass to the Government Recruitment Service, which will contact you to complete an application for a Basic Criminal Record check via the Disclosure and Barring Service, or Access NI, which will verify your declaration of unspent convictions.

We’ll contact your referees, using the details you provide in your application, directly to obtain references

We’ll also ask you to complete a questionnaire about your health to establish your fitness to work.

Do we use any data processors?

Yes – we use People HR and Step Stones to deliver the e-newsletter. For more information, please see their privacy notices.

How long is your personal information kept?

If you are employed by us, for the duration of your employment and then for a further period of 6 years, after which the information will normally be deleted.
If you are an unsuccessful applicant, for up to 12 months after your application, after which we will delete it unless we have agreed otherwise with you.

How we make decisions about recruitment

Final recruitment decisions are made by hiring managers and members of our recruitment team. We take account of all the information gathered during the application process.

You can ask about decisions on your application by speaking to your contact in our recruitment team.

Your rights

You have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

You are the person of contact of an employee of Banking Circle

Purpose and lawful basis for processing

We request every employee to provide us with the contact details of a person of contract that we can reach should anything happen to the employee during his or time at work.

The lawful basis we are relying on to process your personal data is article 6(1)(f) of the GDPR which allows us to process personal data for the legitimate interests of Banking Circle or of its employees.

What we need

  • Full name
  • Phone number

Why we need it

To contact the family’s employee, should anything happen to the employee during their time at work.

What we do with it

We collect and retain your personal data in our employee management system to document.

No third parties may however have access to your personal data unless the law allows them to do so.

How long we keep it

For information about how long we hold personal data, see our retention schedule.

What are your rights?

As an employer, we are acting in our regulatory capacity to process your personal data, so you have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes. For a list of our main data processors that may process your personal data as part of the services they provide to us see our outsourcing addendum available at https://www.bankingcircle.com/terms-of-use

Respond to our consultation requests and surveys

Purpose and lawful basis for processing

We might contact you from time to time to obtain user experience and client satisfaction about Banking Circle user interface or other applications and we might process your contact details to get in touch with you.

As a participant in user tests and research about Banking Circle’s user interface, applications and platforms we will ask you to provide certain personal data to be able to contact you, and to verify your profile in the user tests.

We will process all data provided as part of your participation with the purpose of developing our offerings. As a rule, we will not share any personal data unless agreed upon. We will only publish results or direct quotes including your job role, company and/or name on our website, social media accounts and other externally accessible sources, if an agreement with you has been made and consent has been granted.

The lawful basis we are relying on to process your personal data is article 6(1)(f) of the GDPR, which allows us to process personal data to pursue a legitimate interest of Banking Circle as credit institution and infrastructure provider.

What we need

  • Full name
  • Job title
  • Work-email
  • Work phone-number
  • Behaviour on and thoughts about the user experience.

What we do with it

We process the information internally for the above stated purpose. We don’t intend to share your personal data with any third party. Any specific requests from a third party for us to share your personal data with them will be dealt with in accordance with the provisions of the data protection laws.

How long we keep it

We will retain consultation and survey response information until our work on the subject matter of the consultation is complete.

What are your rights?

You have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

We do often use Surveymonkey to gather information on our behalf – it will be clear if we are using Surveymonkey. For more information please consult Surveymonkey privacy policy.

Any data collected by Surveymonkey for Banking Circle is stored on servers in the United States.

Attend an event, seminar or workshop

Purpose and lawful basis for processing

Our purpose for collecting this information is so we can facilitate the event.

The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR. When we collect any information about dietary or access requirements, we also need your consent (under article 9(2)(a)) as this type of information is classed as special category data.

What we need

If you wish to attend one of our events, you will be asked to provide your contact information including your organisation’s name and, if offered a place, information about any dietary requirements or access provisions you may need. We may also ask for payment details if there is a charge to attend.

Why we need it

We use this information to facilitate the event. We also need this information so we can contact you.

What we do with it

If you are not successful in securing a place, we’ll let you know and hold your details on a reserve list in case a place becomes available.

If you are allocated places at an event, we’ll ask for information about any dietary/access requirements. We don’t share this information in any identifiable way with the venue, and we delete it after the event.

We don’t publish delegate lists for events.

How long we keep it

As long as reasonably necessary for the purposes of organising the event and then for up to 6 years afterwards, after which we will delete it.

What are your rights?

We rely on your consent to process the personal data you give us to facilitate the event. This means you have the right to withdraw your consent at any time. If at any point you want to withdraw your consent please email marketing@bankingcircle.com. If you do that, we’ll update our records immediately to reflect your wishes.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes – we use data processors to help facilitate the events.

We may sometimes charge a fee to attend an event. If this happens, our communications about the event will provide details of the data processor we use to collect payments.

Subscribe to our newsletters

Purpose and lawful basis for processing

Our purpose for collecting the information is so we can provide you with a service and let you know about upcoming events.

The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR.

What we need

Your name and email address.

Why we need it

We use your email address to send you our E-newsletter.

What we do with it

We only use your details to provide the service.

We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter.

You will receive a confirmation email once you have submitted your details and then the newsletters monthly.

How long we keep it

We will keep the personal information for a reasonable period consistent with sending you marketing communications, after which we will either confirm that you are happy for us to continue to do so, or delete it (except to the extent we need to retain it for the sole purpose of suppressing further marketing communications to you).

What are your rights?

We rely on your consent to process the personal data you provide to us for marketing purposes. This means you have the right to withdraw your consent, or to object to the processing of your personal data for this purpose at any time. If at any point you want to withdraw your consent please email us at privacy@bankingcircle.com. If you do that, we’ll update our records immediately to reflect your wishes.

For more information on your rights, please see ‘Your data protection rights’.

Do we use any data processors?

Yes – we use MailChimp to deliver the e-newsletter. For more information, please see MailChimp privacy notice.

Any data collected by MailChimp for Banking Circle is stored on servers in the United States.

Request our white papers or other publications

Purpose and lawful basis for processing

Our purpose for collecting this information is so we can email the requested publications to you.

The lawful basis we rely on for processing your personal data is your consent under article 6(1)(a) of the GDPR.

What we need

Your name, job position and address details.

Why we need it

So that we can send you the publications you have requested.

What we do with it

We only use the contact details to provide this service. We run statistical reports on the types and quantities of publications requested for monitoring purposes, but this does not contain any personally identifiable information.

How long we keep it

We will keep the personal information for a reasonable period consistent with sending you marketing communications, after which we will either confirm that you are happy for us to continue to do so, or delete it (except to the extent we need to retain it for the sole purpose of suppressing further marketing communications to you).

What are your rights?

We rely on your consent to process the personal data you provide to us for marketing purposes. This means you have the right to withdraw your consent, or to object to the processing of your personal data for this purpose at any time. If at any point you want to withdraw your consent, please email us at marketing@bankingcircle.com. If you do that, we’ll update our records immediately to reflect your wishes.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Do we use any data processors?

Yes – we use WordPress as content management system to deal with some publication requests, but WordPress is only allowed to use the information to send out the publications. For more information please see WordPress privacy notice.

Yes – we use MailChimp to deliver the publication but MailChimp is only allowed to use the information to send out the publications. For more information, please see MailChimp privacy notice.

You are a visitor to our offices

We meet visitors at our head office, including:

  • Consultants, advisors and external auditors;
  • external training providers;
  • job applicants;
  • suppliers and tradespeople;
  • board members and representatives of our shareholders; and
  • Representatives of our regulatory supervisory authorities.

If your visit is planned, we’ll send your name, position and purpose of visit the reception before your visit.

We ask all visitors to sign in and out at reception and show a form of ID. The ID is for verification purposes only, we don’t record this information.

The purpose for processing this information is for security and safety reasons. The lawful basis we rely on to process your personal data is article 6(1)(f) of the GDPR, which allows us to process personal data when its necessary for the purposes of our legitimate interests.

Closed-circuit television (CCTV) might operate outside the building for security purposes. Any CCTV used in our Luxembourg office or our offices in Germany, the UK or Denmark is not operated by us, so we are not the controller. It will be under the control of the relevant building landlord.

We have Wi-Fi on site for the use of visitors. We’ll provide you with the address and password.

We record the device address and will automatically allocate you an IP address whilst on site. We also log traffic information in the form of sites visited, duration and date sent/received.

We don’t ask you to agree to terms, just to the fact that we have no responsibility or control over your use of the internet while you are on site, and we don’t ask you to provide any of your information to get this service.

The purpose for processing this information is to provide you with access to the internet whilst visiting our site. The lawful basis we rely on to process your personal data is article 6(1)(f) of the GDPR, which allows us to process personal data when it’s necessary for the purposes of our legitimate interests.

We keep the personal information relating to you for as long as is necessary in order to enable us to provide the relevant services to our client, after which we will delete it. Normally, we will not keep this information for more than 12 months following its collection.

For more information on your rights, please see ‘Your data protection rights in the list on the left under the ‘General information’ header.

Get in touch

Email us at info@bankingcircle.com and our team will be in touch shortly.

Contact us arrow_forward