Privacy & Cookie Regulations

We believe it is important that you know how we use your personal data, so that you can be sure that we keep your data safe and secure. We process your personal data in accordance with the Data Protection Act and the Code of Conduct for the Processing of Personal Data by Financial Institutions. You will find more information on this Act and Code of Conduct on the website of the Dutch Banking Association (www.nvb.nl – in Dutch only) and on the website of the Dutch Association of Insurers (www.verbondvanverzekeraars.nl – in Dutch only).

SNS REAAL has, in consultation with other Group companies, decided that SNS REAAL will ensures that the Group complies with the Data Protection Act and the Code of Conduct for the Processing of Personal Data by Financial Institutions. SNS REAAL has notified the Dutch Data Protection Authority (DPA) of all personal data-related processing. These notifications are kept in the DPA’s public register, which you can find on: www.cbpweb.nl (in Dutch only). On their website you can also read how we use your personal data.

For what purposes do we use your personal data?

If you become a customer, either directly or through your advisor, we request personal information. We use your personal data to:

- Process your application or request
- Conclude and execute agreements
- Conduct statistical research
- Keep the financial services industry safe and sound
- Prevent and combat fraud
- Comply with the law
- Build and maintain customer relationships
- Conduct marketing activities
- Share it with business partners, such as advisors and reinsurers

Exchanging your personal data within the SNS REAAL Group

If you are an SNS REAAL customer, we also consider you to be a customer of these companies that belong to the SNS REAAL Group.

We may, in certain cases, exchange customer data. For example to draw up a sound acceptance policy or to prevent fraud. But also to provide the services you have requested from us or to get an overview of the products and services you already have at the companies within the Group. In addition, we can share your data to allow other Group companies to contact you with financial products and services. Some companies within the Group do not exchange customer data for marketing purposes.

Cooperation with advisors and franchisees

Some companies in the SNS REAAL Group cooperate with independent advisors and franchisees. To cooperate with independent advisors and franchisees, we need to share your personal data. For example, if you take out an insurance or open a savings or current account via an independent advisor or franchisee, the latter will pass on personal data such as name and address to us. Personal data is also shared with independent advisors and franchisees for marketing activities. Any such activities generally take place in mutual consultation.

Passing on your personal data to governmental authorities

From time to time, we are legally obliged to pass on your data to information-entitled government authorities. Examples of such authorities are the Netherlands Tax and Customs Administration, police, judicial or regulatory authorities such as De Nederlandsche Bank (the Dutch Central Bank), the Netherlands Authority for the Financial Markets (AFM) and the Dutch Data Protection Authority. We handle your personal data with the utmost care at all times.

Personal data related to medical history and criminal convictions

Some financial products and services can only be provided after you have given us health-related information. If we require information from your doctor, it can only be provided with your consent. Our medical advisors are responsible for your health-related data and are required to observe professional secrecy.

We also provide financial products and services for which we have to make inquiries about your criminal record. For this check, we do not go back further than eight years prior to submitting your application.

Our websites and cookies

We have made our websites as secure as possible. This prevents abuse and makes them safe to visit. All staff members who have access to your personal data are obliged to keep this information secret.

Cookies improve websites and enhance user experience
We want to make your visit to our websites as smooth and pleasant as possible. To do so, we often require cookies. Cookies are small text files that are automatically stored on your computer, tablet or mobile phone when you visit our websites. The cookies we use do not always allow us to identify you personally. If you do not register and leave no personal data on the websites, the websites will only know someone with a particular cookie is revisiting the websites.

Sometimes cookies need users’ consent, often they don’t
In principle, we are obliged to ask for your consent before we place cookies on your computer. We request your consent via the websites. You can also withdraw your consent at any time via the websites. In that case, we no longer use or place cookies on your computer. You can also delete the cookies via the browser of your computer, tablet or mobile phone at your discretion.

There are cookies that do not need users’ consent. We do not need your consent for cookies that we require to communicate with you via the Internet or to provide you with a product or service, such as cookies that recognise you when you revisit the websites. In that case, you have to provide your data or save your preferences for certain services or settings of the web page just once. This is how we continuously improve the navigation for visitors of our websites.

For what other purposes do we use cookies?
We also use cookies to collect information on the use of our websites. On the number of visitors for example. Cookies allow us to see what kind of information is important to our visitors and what information is not, so that we can keep the websites relevant and interesting for you.

We can use tracking cookies to adapt the content of a website and create a profile of you. Such cookies make it possible for us to tailor the websites to suit your interests. For example if you have viewed our web pages on savings products, mortgages or general insurance, they let us show you other promotional messages on these products.

Tracking cookies allow us to keep track of the web pages you visited and which search terms you entered. We combine this data with other data such as the website you visited before your came to ours, the date and time of your visit, the search engine you used and certain technical details, such as your browser settings and operating system. This data is stored in a profile. Every time you visit our websites we can add information to this profile. If you are a customer already, we may add customer information that we already have about you to your profile. We do not share profiles with companies that are not part of the SNS REAAL Group.

We may only store tracking cookies on your computer, tablet or mobile phone with your consent. Not all our websites use tracking cookies. If you do not want tracking cookies, you will not be notified of any promotional messages or information you may be interested in. You can, of course, continue to use our online services at all times, such as online banking and your online personal account, even if you do not want tracking cookies.

How long are cookies valid?
Many cookies are temporary cookies that are automatically deleted from your computer when you close your browser. The expiry date of other cookies varies per cookie. More information on this can be found on the websites.

Your own account

Some companies in the SNS REAAL Group allow you to open a secured account with which you can make payments or view information on your insurance policies for example.

If you are logged into your own account, you may be shown messages on products or services. These messages are tailor-made. They have been selected based on your profile and on your likely interests based upon previous browsing activity. If you do not want to receive these messages, you can switch them off via the settings of your account. You can also easily switch them on again, to make sure you do not miss anything that might be of interest to you.

Third-party cookies

We can use advertising technologies of external suppliers to evaluate the effectiveness of online advertising on our own websites and third-party websites. Examples of such external suppliers are DoubleClick and Google. These suppliers’ cookies are called ‘third-party cookies’. For these cookies too, we require your consent. These cookies allow us to see via which website you came to ours and to determine how effective our advertisements on third-party websites are. We also use these cookies to track your journey across our websites and your search terms. We store this information in your profile. When you next visit a third-party website that uses the same advertising technology, the cookie on your computer will be compared to the cookie data in our database. Based on your profile, we subsequently determine which advert we will show you on that particular third-party website.

With this advertising technology, your browsing data when you visit our websites will be stored at the external suppliers from which we purchase the advertising technology. External suppliers cannot immediately establish ties between the customer and the data.

Other uses of customer profile

If you are a customer, we can use your profile to inform you of our products and services via post, telephone, SMS or email. If you have expressed interest in a savings account or insurance policy via the websites or via your own account for example, we can send you an offer via email or post. Your profile can also be used by our staff, such as our Customer Services Team, to provide better answers to your questions. Based on your profile, we can also better inform you of products or services that may interest you.

If you do not want us to use your profile to inform you of our products and services via mail, phone, SMS or email, please contact us. You will find the contact details at the end of these Privacy & Cookie Regulations.

Social media

Our websites may have social media buttons such as Google+, Facebook or Twitter. These Privacy & Cookie Regulations are not applicable to these social media. The use of social media is your own responsibility. We recommend you read the privacy rules of these social media thoroughly, so that you know what happens to your data. Many social media providers are located outside the European Union and also store your personal data outside the European Union. It is, therefore, possible that your personal data is not protected in the same way as in the European Union. If we have our own page on one of these social media, such as Facebook, these Privacy & Cookie Regulations do apply to the content of any such page.

External links

Our websites contain links to external websites. These Privacy & Cookie Regulations do not apply to those external websites. By keeping external links up-to-date we do our best to direct you to the right websites. We are not responsible for the content of those websites, nor for the way in which they process your personal data. We recommend you read their policies on how they handle your personal data.

Recording phone calls and other communication

Some of our services are provided over the phone. In certain situations, we record these calls. For example to check and investigate applications and transactions, to prevent and combat fraud or to train and coach our staff. You are entitled to listen to or receive a written report of the recorded call if this is within our power.

If you have applied for a product or service online, we store the details of this request. To prevent fraud, we may also store your click behaviour during and after completing the application. This allows us to see if an application is indeed completed truthfully. For example, if an insurance policy was initially rejected, but was accepted in the second instance because certain answers had been changed .

Consulting the database of Stichting CIS

Insurance companies operating in the Netherlands record their insurance data in the Central Information System. Stichting CIS manages this database. This foundation is located at Bordewijklaan 2, 2591 XR in The Hague. SNS REAAL’s insurance companies can view your data and record it in the Central Information System. This is done to conduct a sound acceptance, risk and fraud policy. For more information we refer you to www.stichtingcis.nl (in Dutch only), where you will find Stichting CIS’s privacy regulations.

International

If you make international payments via the SWIFT banking network, the American government may request your data to combat terrorism.

Do you want information on your personal data?

You have the right to ask us what personal information we process. This right is laid down in the Data Protection Act. At your request, you will receive an overview of your personal data within four weeks. We may have to charge you a fee for this service.

You may ask us to change incorrect information or add information. If you are of the opinion that personal data must be deleted, for example because this is in conflict with the Data Protection Act, you may let us know. You will find the contact details at the end of these Privacy & Cookie Regulations.

Changes to the Privacy & Cookie Regulations

We can make changes to these Privacy & Cookie Regulations. For instance when laws or policies change. We therefore recommend you to regularly review these Privacy & Cookie Regulations when you visit our websites.

Questions or inquiries?

If you have any questions about these Privacy & Cookie Regulations or would like more information on your personal data, please do not hesitate to contact us.

SNS REAAL
Corporate Communication
P.O. Box 8444
3503 RK Utrecht