How we process your personal data in Handelsbanken
For Handelsbanken, every individual´s right to protection of their personal integrity is vital, and awareness of the duty of banking confidentiality as well as integrity is a natural part of day-to-day business. When we design and develop our products and services we have put in place technical, physical and organisational controls to protect the confidentiality, integrity and availability of your personal data and the information we hold and process about you.

Here we explain what personal data Handelsbanken processes and why we do this. You will also find information about how we obtain your personal data, with whom we may share it, and for how long we hold your personal data. We describe the situations in which we use profiling and automated decision-making, and how you can access your personal data. Information is also given about how you can contact us for comments or questions relating to our processing of personal data.

The entity within Handelsbanken Group with which you have a relationship is generally the processor of your personal data. In the description below, the terms "Handelsbanken", "we", "the Bank", or "us" refer to all entities within the Handelsbanken Group in Sweden. You can find our contact details at www.handelsbanken.se/en/contact-us.

The information provided below is, as applicable, based on the different relationships you may have with the Bank, for example if you are
  • An existing or prospective customer
  • A guardian, trustee or other approved representative
  • A payer, pledgee or guarantor
  • A beneficial owner, account signatory or authorised user for a corporate customer of the Bank
  • In contact with the Bank in your professional role, for example as employee of another bank, consultancy company, supplier or authority
  • An individual without a current agreement with the Bank whom we contact in connection with a direct marketing activity

  • A shareholder of the Bank and its representatives
What personal data does the Bank process?
We have divided personal data into different categories. The personal data we hold about you relates to the following categories with (not exhaustive) examples:
  • Basic personal data (e.g. customer number, name, contact details, identification number)
  • Personal preferences (e.g. acceptance of direct marketing, language, acceptance of cookies)
  • Assessments and classifications (e.g. according to regulations relating to anti-money laundering, markets in financial instruments or information related to US taxpayers)
  • Agreements (all kinds of information related to agreements, e.g. account numbers, loan numbers, cards, property designations, powers of attorney)
  • Financial transactions (e.g. account deposits and withdrawals, loan payments, card transactions and securities transactions) Communication (e.g. e-mail and, where relevant, telephony recordings)
  • Audit (e.g. IP or MAC address, logs of when you identify yourself electronically in our online services)
One category includes categories of personal data that are particularly sensitive, such as health information. We will, however, only process that kind of information where it is relevant for a specific product or service, such as our life insurance products.

For what purposes does Handelsbanken process personal data?
The Bank processes personal data for the various legal reasons and purposes described below. If, for any reason, you prefer not to provide us with certain necessary personal data, or wish to withdraw such data, we may not be able to provide you with our services and products.

Performance of a contract
The overall purpose of Handelsbanken collecting, processing and holding personal data is in order to prepare, provide and administer the products and services we offer you – digitally, at our branches, or by phone, with a contract as the legal basis.

We may also record and/or monitor your phone calls with us, and for certain products we are under a legal duty to do so. This legal requirement applies when you make securities transactions by phone with the Bank, but we also record phone calls to help us verify a contract or a conversation with you and for training purposes.

Legal obligations
In order to comply with its legal obligations, the Bank processes your personal data for the following purposes (this list is not exhaustive):
  • To check and verify your identity
  • To prevent, detect and investigate fraud, money laundering, terrorism financing or other financial crime, for example by monitoring transactions
  • To document and hold personal data relating to credits and loans as well as investment services in financial instruments
  • To handle security requirements for online payments and account access
  • Reporting to authorities, such as the Tax Agency or the Financial Supervisory Authority
  • To comply with rules and regulations relating to accounting, risk management and statistics
  • To handle, analyse and follow up complaints
The Bank's interests
Handelsbanken offers financial services with the aim of creating good, long-term relationships with its customers. We therefore process your personal data for the following purposes (this list is not exhaustive):
  • To perform market and customer analyses in order to improve our products, services and channels
  • To carry out direct marketing activities in order to help us identify and suggest any products and services which may be of interest to you, unless you have asked us not to
  • To perform customer surveys
  • To develop and improve our products, services and IT systems, including for the purpose of testing
  • To develop, maintain and validate models and methods for risk analyses e.g. anti-money laundering, fraud prevention or capital adequacy
To help us ensure the physical safety of you and our employees and to help us combat fraud, money-laundering and other crime, we use systems in our branches such as camera surveillance.

With your consent
For specific products or services, we may need your consent in order to process your personal data. In this case, we present this as a written declaration, separated from our product and service agreements or other matters. There we also describe how you can withdraw your consent and the effect this will have for you regarding that specific product or service.

An example where we use consent is when you use our website, where we add a cookie with a unique ID in your web browser. We use for web analysis that allows us to understand how our web site is used. Consent is given when you accept cookies the first time you visit our website from a specific web browser. However, we do not track how individuals use the site, and therefore we do not collect or store personal data such as the name, IP address or email in our cookies. Read more about how we use cookies.
Cookies

Profiling and automated decision-making
In some cases the Bank uses "profiling". This means an automated processing of personal data in order to perform analyses relating to the customer’s financial situation, personal preferences or behaviour in different channels. Profiling is also used in some of our home markets for automated decision-making, for example, an automated approval or refusal of a committed loan offer or a loan application via the internet, app or the branch. By making automated credit assessments, we can increase speed, objectivity and accuracy when we offer the services. These decisions regarding committed loan offers and credit decisions are based, for instance, on the information provided with the application, together with various information items from an external credit report, such as income details and records of non-payment. A weight of evidence assessment is made as to whether or not the credit application can be granted. As the applicant for the credit, you are always entitled to contact the branch in order to object to an automated decision and have it reviewed.

How we obtain your personal data
We obtain the information from you directly, for example, when you open an account with Handelsbanken, when you apply for a loan or pay your bills, as well as from your activities with the Bank. We also obtain information from private and public records in Sweden such as Statens personadressregister (SPAR), Skatteverket, UC (Upplysningscentralen) and Lantmäteriet.

If you not are a customer at the Bank and we contact you in connection with a marketing activity, we have obtained your personal data from a public record such as SPAR, or another source that we have employed for this specific activity.

Who we share your information with
The Bank is under a legal obligation not to disclose your information unless this is for legitimate purposes, such as the fulfilment of a contract with you, or in connection with any other legally required or permitted purpose, such as reporting to authorities.

In order to fulfil the conditions of our product and service agreements with you, we may need to share information about you with other companies within the Handelsbanken Group as well as with companies outside the Group which provide contracted services to us or to you. Such recipients include banks, payment service providers and other financial infrastructure parties, suppliers, agents and other parties that are involved in the product agreement.

The following are examples of circumstances when we disclose personal data about you outside the Bank are (this list is not exhaustive):
  • To licensed credit reference agencies when you apply for a loan with the Bank
  • To third parties who provide contracted services to us or to you, e.g. payment service providers, approved sub-contractors or those who act as our agents
  • To banks and payment institutions in countries inside and outside the EU/EEA, when we perform a transfer of money or funds at your request
  • To governmental, regulatory or revenue authorities, for the purposes of complying with our legal and regulatory obligations e.g. tax, anti-money laundering, anti-terrorism and immigration laws and regulations
  • To licensed fraud prevention agencies and other similar organisations to help us fight financial crime
We may also share your personal information with other entities within the Handelsbanken Group for direct marketing purposes.

Transfers to third countries
In some situations, we may transfer personal data to recipients outside the EU/EEA (the European Economic Area) - “third countries”. This mainly occurs when we transfer money or other assets to a recipient in a third country at your request with an agreement as the basis for the transfer. Another situation is when the Bank is obliged to provide personal data to an authority in a third country.

If we do not have an agreement with you about a transfer to a third country, one of the following conditions must be met for us to make a transfer:
  • That the European Commission has decided that the third country ensures an adequate level of protection
  • That there are other safeguards such as standard data protection clauses or binding corporate rules
  • That there is a specific authorisation from a supervisory authority
  • That it is permitted under applicable data protection legislation
How long do we hold your personal data?
We only hold your personal data as long as it is required in order for us to fulfil the conditions in the contract for any products and services you have with the Bank. We also hold personal data to comply with our legal, regulatory and business record retention requirements. Recordings from camera surveillance are retained for a maximum of two months.

If you close your account or a service with the Bank, we will need to retain some of your personal data for a specific period of time relating to that account or service. For example, we need to retain some personal data for seven years in order to be able to report to tax authorities and up to ten years to comply with requirements from rules and regulations on anti-money laundering.

If you apply for a product or service but then do not enter into any agreement with the Bank, your personal data will usually be stored for up to three months.

If you not are a customer at the Bank and we have contacted you in a direct marketing activity, your personal data is retained for a maximum of three months.

How you can control and access your personal data
You have several rights concerning your personal data processed by the Bank:
  • You can at any time request a copy of the personal data we hold about you, which is normally free of charge. If you want to make such a request you can easily do it via handelsbanken.se/registerutdrag or by visiting your local branch. We also need to identify you in a secure way in order to assure that the information will be sent to the right person.
  • If you do not wish to receive direct marketing you can let us know any time by making a registration in our Internet service (Personal settings/My profile). For personal service you can phone 0771-77 88 99 or turn to your local Handelsbanken branch
  • If you find that we hold inaccurate information about you, we will correct this as soon as we have been made aware of it. For personal service you can phone 0771-77 88 99 or turn to your local Handelsbanken branch. You can also contact the Data Protection Officer
  • You can request erasure or restriction of the processing of your personal data under certain conditions
  • You can object to our processing of your personal data that we base on the legitimate interests of the Bank, as described above
  • You can obtain a digital copy of most of the personal data you have provided to the Bank, which we process in our systems. We can also, at your request and if technically feasible, transfer this personal data directly to other companies or authorities that process your personal data. This is called data portability and it is requested in the same way as a copy of your personal data
  • You can, when the Bank uses profiling and automated decision-making contact your local branch for an explanation and raise your objections to the decision
More information
If you have a question or wish to make a complaint about how we process your personal data, please contact your branch or alternatively write to the Data Protection Officer at e-mail dpo@handelsbanken.se or to the following mailing address:

Handelsbanken
Data protection officer
SE-106 70 Stockholm


This contact information is also valid for the Bank's Swedish subsidiaries:
Ecster AB
Handelsbanken Finans AB
Handelsbanken Fonder AB
Handelsbanken Liv Försäkrings AB
Stadshypotek AB
XACT Kapitalförvaltning AB
EFN Ekonomikanalen AB

as well as the pension fund:
Pensionskassan SHB Försäkringsförening

You also have the right to lodge a complaint with the Bank or the supervisory authority regarding the handling of your personal data. You find the contact details to the Bank's complaints officer at our Customer complaints webpage and to the Swedish supervisory authority at Datainspektionen's website.
Handling of complaints (new window)

Datainspektionen - The Swedish Data Protection Authority



© Svenska Handelsbanken AB (publ)
» Privacy notice   » Cookies