We promise to collect and process your personal data transparently
We control access to and sharing of your data to ensure its protection
We ensure that you are able to exercise your rights under the best conditions
We ensure the security of the data that you entrust to us
Personal data refers to any information about you and which can be used to identify you directly or indirectly.
As part of a commercial relationship, we collect and process the following categories of data:
This is data that is both provided to us directly by you and generated by using our services.
We collect and process your personal data for various reasons:
We only gather information that is necessary to achieve these objectives and we limit the length of time that your data is stored to that needed to fulfil our legal obligations.
To help us serve you better, we also use profiling to identify our various client categories based on the products/services used and/or banking behaviour. In particular, this allows us to better understand you and therefore customise our commercial offering to meet your individual expectations.
We collect your data throughout our commercial relationship with you. The vast majority of data collection takes place when you open your account. The interactions you have with your Relationship Manager also offer us an opportunity to ensure this data is up to date and to add to it according to your needs and requests: first job, birth of a child, property purchase, etc.
We have established a Personal Data Processing Policy which describes the data protection measures we have taken, including your rights in this regard.
Only departments with an operational need to access your data are authorised to do so (for example, our colleagues responsible for monitoring commercial relationships, or those in charge of executing transactions). This also includes authorised personnel of the partners with whom we work in the course of providing our services.
Access to your data is strictly limited to people with the necessary authorisation granted to them for the performance of their tasks. These people are bound by a strict obligation of confidentiality. We continuously educate and train our staff and partners on how to protect your personal data.
We may pass your data on to meet a legal obligation or allow trusted partners to provide their services.
As such, we may need to transfer your data to other financial institutions (e.g. banks, insurance firms, payment and credit card issuers) or to external service providers whose involvement is necessary as part of the services we offer you (e.g. our IT service provider).
We undertake not to communicate your data for commercial use to third parties without your prior and express agreement.
In principle, your personal data is stored in the European Economic Area. We will only transfer your data outside the European Economic Area if we are required to pursuant to a legal or regulatory obligation.
We always ensure that appropriate safeguards are in place before transferring your data outside the European Economic Area, such as adopting data protection clauses or even an adequacy decision from the European Commission.
We are careful to respect all of your rights with regard to your personal data. For example, you may request access to your data and indeed have it corrected if the data proves to be incomplete or inaccurate.
We respect your rights to limit the processing of this data, object to its use and request its deletion on the terms and within the limits of applicable data protection legislation.
We also promise to respect your right to transfer personal data, i.e. the right to receive the data directly or ask for it to be passed on to another organisation.
You can exercise your rights by completing the form available here and returning it in one of the following ways:
You can always contact our Data Protection Officer if you are not completely satisfied with the answer received. You may also file a complaint with Luxembourg’s National Commission for Data Protection (CNPD) by sending a letter to 1, avenue du Rock’n’Roll, L-4361 Esch-sur-Alzette, or by completing the online form which is available on the CNPD’s website under Your rights -> How to assert your rights.
Cookies are small text files that are sent by a server to your device’s hard drive (computer, tablet or smartphone). They allow information about your web browsing behaviour to be tracked in order to optimise the website’s functions and to enhance your experience by customising the webpages.
They are stored by the website manager in a dedicated folder on your device. In particular, they contain the name of the server they were sent from, a unique identifier and in some cases an expiry date.
Cookies allow us to improve our website navigation, thereby offering you a comfortable browsing experience and content adapted to your preferences.
When you first connect to our websites, we will ask for your consent concerning the storage and monitoring of your browsing data, including the use of advertising cookies. If you agree, we will activate cookies for a one-year period. Once this period has elapsed, you will be asked again for your consent.
If you do not give your consent, your page will be updated and we will not collect your browsing data for a two-month period, at the end of which you will be asked again for your consent.
Please note that refusing technical cookies can limit or disable the use of some of our website functions.
Furthermore, refusing session cookies will prevent you from connecting to our online banking website, BILnet.
You can change your decision about how your browsing data is stored and monitored, including the use of advertising cookies, by clicking on this link.
We work on a daily basis to protect your confidential data against any attempted malicious acts and misuse. Security is our priority. Consequently, the technical solutions that we use to store and process your personal data are subject to enhanced surveillance.
If you have any questions about data protection, please do not hesitate to write to us at
firstname.lastname@example.org. Our teams will respond to you with the help of our Data Protection Officer.