Data protection

General information

The transactions conducted between you and Postbank are confidential matters. We set great store by the confidence placed in us, and this brings with it an obligation for us to handle the data of customers, sales partners, employees and shareholders with care and to protect these data against misuse. Protecting your private sphere is very important to us.

We only store data that are necessary to conclude a contract and to fulfill legal requirements. These are firstly the data that you provide when applying for an account or product agreement. Furthermore, data related to the agreement, such as customer number, account/securities account number, account balance, credit limit or insured sum or duration, bank account details and, where appropriate, information on a third party, are also stored.
We receive personal information about you from various sources, including directly from you yourself, as a result of transactions at Deutsche Postbank AG and other banks or from credit agencies, for example.

The forms for concluding agreements with Postbank include a separate declaration of consent for the transfer of data in accordance with the Bundesdatenschutzgesetz (BDSG – German Federal Data Protection Act). This consent continues to apply after the contract has ended, but ceases no later than when you revoke it, which you can do at any time. If the declaration of consent is deleted in full or in part, it is possible that an agreement may not be concluded. Despite any revocation or full or partial deletion of a declaration of consent, data can still be collected, processed and used within the framework permitted by law.

Your personal data are processed by Postbank essentially to perform the contractually agreed services for you; this procedure includes full consultation with you.
However, we also use personal information to offer you other products and services of Postbank or the Postbank Group at your request. This involves using your data for advertising purposes as well as market research and opinion polling. You can of course object at any time in person, in writing or by telephone to the processing and use of your personal data for advertising purposes, market research and opinion polling.

When this is permitted by law or has been agreed by contract, we pass on personal information to group companies within the Postbank Group and service providers commissioned by us or to credit agencies.

To protect your personal information, we implement technical and organizational security measures that meet the relevant legal standard. In online banking, the data are encrypted when they are transmitted.
When we commission other companies to provide services, the confidentiality of the personal information is protected by contract. The external contractors are subject to the German Federal Data Protection Act and also the instructions of Postbank. In conjunction with the application of our state-of-the-art technology, all these measures protect your personal data to the greatest possible extent against manipulation, loss, destruction or access by unauthorized parties.

We have compiled more detailed information in a public register of processing operations in accordance with section 4e BDSG. We provide you with information there on the responsible officers and other relevant matters concerning the processing of personal data at our company.

Data protection at Postbank meets the European Data Protection Standard and is based in particular on the current version of the BDSG.

Our employees are of course bound in accordance with section 5 BDSG to observe both the specific non-disclosure requirements and the obligations of banking secrecy.
With regard to use of the Internet, the Telemediengesetz (TMG – German Telemedia Act) is also to be mentioned as legislation that is relevant to the protection of your personal data.

For cross-border transfers, data is forwarded to the bank of the beneficiary via the Society for Worldwide Interbank Financial Telecommunication (SWIFT), headquartered in Belgium, which is the only international service for payment messages.
SWIFT itself states that it stores the transaction data temporarily in its computer centers in the Netherlands and the USA for system security reasons.

Postbank does not sell any data to third parties in principle. If you provide us with personal data such as your residential or email address, your telephone or fax numbers or other personal data, we will not pass this data on to third parties in any event unless you are informed of this, have given your consent or we have a statutory obligation to do so. Your data and transactions are subject to the strict security and confidentiality standards of Postbank.

You can enjoy free access in principle to all public websites of Postbank.
When visiting our websites, you can exercise your basic right to information self-determination at any time by deciding whether you wish to provide personal information about yourself. You can use the majority of the information we offer without having to send us personal data. The collection, processing and use of your data cannot be avoided in many types of orders.

It is our aim to protect your data that you transmit to us when visiting our website in the same way as we do in all other forms of communication with you, whether through one of our branches or through telephone banking, for example.

Postbank uses “cookies” primarily in its online banking services. A cookie is a small text file which we use to store temporary data on your PC for the duration of your website session. These session cookies contain a random character string, with no reference to the customer, as a session ID and are used to prevent session takeover attacks, that is an unauthorized takeover of the session by unauthorized third parties. A cookie cannot be read by a website other than the one that has placed it. Our cookies definitely do not represent any virus risks or threat to data protection.

Postbank uses tracking pixels for advertising and market research purposes or to compile statistics (e.g. on the duration of visits or the number of times different product offers are accessed). These small images, which are invisible to the eye, allow us to evaluate visitor behavior on our websites. This ultimately enables us to offer your even better products and services.
There are basically two techniques that are used for statistical evaluations: The evaluation of server protocols (log files) and the use of tracking pixels. Today, it is the second method that is predominantly used by web page providers. These images are not stored on your server but on the server of the web analysis provider. These tracking pixels can also be supplemented by a short string in the JavaScript programming language.
When you visit our Internet pages, data is transmitted to the web analysis provider; this data does not contain any reference to your person. During this process, the provisions of the TMG and the requirements of the BDSG on the commissioned data processing are strictly observed.

In principle, none of the contents input by you on the pages is stored or transferred. IP addresses are shortened in conformity with data protection measures so that no inferences about individual persons can be drawn.

You can send us messages by email or via online banking as encrypted account-related correspondence.

In accordance with the German Federal Data Protection Act, you have a right to receive information on the data we store about you and how it is used. You also have a right to correct, block or delete these data under certain conditions.

When online on our website, you can choose to use open access or virtual private networks, which you can access with special authorization.

Social plugins (“plugins”) for the social network are also placed on our web pages. The “Facebook” network is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The plugins can be identified by one of the Facebook logos (white “f” on a blue tile or a “thumbs up” icon) or are marked with the add description “Facebook social plugin”.
The list and the appearance of valid Facebook social plugins can be found on Facebook’s web pages.

By clicking on one of these plugins on our web pages, your browser creates a direct link to the Facebook servers. The data collected by activating the plugin is transferred from your browser directly to Facebook; we therefore do not have any influence on the scope of the data that Facebook collects using this plugin.

It is our understanding that when the plugin is clicked Facebook receives the information that you have accessed the corresponding page of our website. If you are registered with Facebook, Facebook can assign the visit to your Facebook account.
If you interact with the plugin, for example by clicking the “Like” button or leaving a comment, the corresponding information will be sent from your browser directly to Facebook and stored there. All social plugins are extensions of Facebook and have been developed in such a way that none of your data is passed on to the operator of the websites on which you are displayed (Postbank in this case).

If you are not a member of Facebook, there is nevertheless the possibility that Facebook will learn and store your IP address when you click the plugin.

Please see the privacy statement on Facebook’s web pages to learn about the purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your related rights and settings options regarding the protection of your private sphere.
If you are a Facebook member and do not want Facebook to collect data about you from our web pages or to link to your data stored on Facebook, you must log out from Facebook before visiting our web pages. It is also possible to block Facebook social plugins with add-ons for your browser.