Data Privacy Statement

DHB Bank N.V. (hereafter: DHB Bank) respects your privacy and commits to process your personal data in accordance with the Algemene Verordening Gegevensbescherming (“AVG”) and the General Data Protection Regulation (“GDPR”). In this Privacy Policy, we explain how we process your personal data and why. We also inform you about your rights and how you can communicate with us about this. 

This Privacy Policy is applicable for the processing of the personal data which is provided by or obtained from our customers, employees and other third parties. This policy is also applicable for the processing of personal and/or other data of anyone who visits and/or users the website(s), and users of the app(s) of DHB Bank such as the DHB Mobile Banking App, including information provided by filling forms on the website.

Scope of Processing Activities 
DHB Bank processes personal data of:

• Our current and previous customers, and their representatives, guarantors etc.,
• Potential customers who are interested in our services and activities,
• Our employees,
• Persons who are connected to e.g. a company or service provider with whom we entered into a relationship or are interested in starting a relationship or we had a relationship within the past,
• Visitors of our website(s) and users of our app(s).

Why does DHB Bank process your personal data?

1. To enter into a relationship with us. 
In case you would like to open a savings account or want to use another service from us, then we need your personal data. We are required to establish if it is allowed to accept you as a client or that we can provide you with a loan. We can use third parties’ information in this process like the credit bureau information. We request information (including a legitimate copy of your ID Document) as part of the onboarding process.  

We may also process special categories of data, such as biometric data using biometric technologies, during onboarding for identity verification when you are opening an account with us. We may only use this data if you give us explicit consent for this, or if the law allows for such processing. See below for more information on Special Categories of Personal Data.

2. For executing your transactions and to maintain our relationship. 
In case you request us to execute a transaction, then we need your name and other relevant personal data which we can share with the beneficiary and the intermediating institution(s) such as for example other banks and/or companies that we use when executing payment transactions. Additionally, we can, as part of monitoring the quality of our client contact processes or for evidence, tape telephone conversations. 

3. To protect your and our interests. 
We process personal data in order to perform our responsibilities towards safeguarding the financial industry. We may also process personal data to prevent or investigate (potential) fraud cases, for example. We can maintain or use certain incident registers and use public sources for such purposes. We can share personal data with third parties engaging in the prevention of (cyber)crime. We will only do so if we have agreed upfront that these parties will be bound to the relevant rules and regulations such as the GDPR, that safeguard the use of your personal data. 

Additionally, we may hold camera recordings of visitors and customers when they visit our office. This is done for our clients and our staff security.

4. As part of our business management.
As a financial institution we need, for instance, to assess the risks attached to our business operations and to put risk mitigation measures in place. We can for instance insure (part of) our credit risks with an external insurance company. Personal data might thus be shared as part of such an agreement.  

5. To meet our legal obligations. 
Based on (international) rules and regulations we need to continuously update our client files. The laws on prevention of money laundering oblige us to assess, for example certain (unusual) transaction patterns, to perform analyses when certain thresholds are met, or to identify an Ultimate Beneficial Owner of legal entities. Based on legal obligations we must provide certain (analysed) data to governmental institutions, tax authorities or supervisors. Based on our duty of care we could also be required to process your personal data. 

6. For marketing or promotion purposes.
We can use your personal data for purposes of marketing and promotion to be better equipped to serve you. We will conduct these activities in accordance with your consent preferences and you will always have the option to opt out. With your permission, we can use the data obtained through cookies and similar tracking technologies when you visit our website(s) and app(s), social media channels such as Facebook, and other platforms such as Bing and Yahoo, to provide you with personalized information about our products, and/or organisation. We can also use the data for conducting analyses, including benchmark analyses. By doing so, we will be able to improve our services. For more information on cookies, we refer you to our cookie policy.

We may process your data for this purpose based on your consent choices and where applicable, process the data under direct marketing. You can withdraw or change your consent at any time by changing your cookie choices on the website and in the app.  

7. To facilitate interactions with suppliers and customers. 
For employees of DHB Bank, their personal data is shared for instance as part of the DHB Bank Signature list in order to validate representation on behalf of the bank. 

8. To meet (legal) archiving requirements. 
We can use your personal data for legal cases, historical or statistical purposes, while your personal data remains in our possession during this timeframe. It is always up to you to decide which personal data you share with us. In case you decide not to share certain information with us (anymore), then we might not be able to service you as intended.

Does DHB Bank process sensitive personal data as “special” categories of personal data?
Special categories of personal data contain data that reveal e.g. health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership. We may process sensitive personal data in specific circumstances. For example, if you instruct us to pay a membership fee to a political party or trade union. We may also come across sensitive personal data if we process account slips with payments to religious institutions. We may also process your biometric data when onboarding you as a customer when you want to open an account with us. Children’s (minors) data will only be collected in case a savings account in their name will be opened. We will only do so once we have received authorization from the person(s) holding authorized guardianship of the child. 

All other personal data included in this category will only be processed after we have received your explicit consent or instruction thereto or where the law provides for it.
You may withdraw your consent at any point. 

Is my personal data safe with DHB Bank?
The safety of your personal data is paramount to us. We treat data collected from customers with utmost care by taking all the necessary technical and administrative measures. Apart from general IT controls to ensure confidentiality, integrity and availability of information, the bank has designed its work processes with emphasis on ‘need to know’ basis. That means that only the required part of customer information is available to a designated bank employee to carry out its job. The employees perform their roles in accordance with the bank’s strict Code of Conduct. Moreover, DHB Bank maintains, with a layered approach, a sound control framework encompassing various preventive and detective technical systems like intrusion prevention system and data loss prevention system, with multiple check points in data processing.  

To further mitigate possible risks in an event of compromise, the bank also keeps the customers’ personally identifiable data secure by using a combination of pseudonymization, encryption and anonymization and by using end-to-end encryption while it is in motion. 

How will DHB Bank handle my personal data?
We will not keep your personal data longer than legally and legitimately required for the purpose for which the data has been obtained by us. Access to your personal data is limited to those staff members only who need to have access to them based on their function/role. We have robust technical security and organizational measures in place to ensure that your data is handled safely and appropriately.

Data sharing with third parties
In certain cases, DHB Bank uses third parties for tasks/activities where they will be processing your personal data. For example, DHB Bank uses an external printing company for the printed client statements or mailings. We only contract third parties that demonstrate to us upfront and during our relationship with them that they have taken the necessary measures to safeguard your personal data following DHB Bank standards and the GDPR obligations. A data processing agreement is signed between DHB Bank and the third party with whom we share personal data with for their services. 

We may also share your personal data with parties we need for the execution of our services. For example, we contract parties for the execution of your transaction request, like SWIFT payments. Where your personal data may be shared to third-countries outside the European Economic Area (EEA), we will ensure that there are mandated safeguards in place for secure data transfers as obliged under the GDPR and other applicable law. 

We may also share your data with service providers in order to facilitate services during customer onboarding such as IBAN checks. We will always ensure that we contract these parties who have appropriate and sufficient safeguards in place to protect your data. 

We also contract parties who help us in marketing activities such as analytics, advertising and for customer communications. We also use customer data from a third party to help better cater to the needs of our customers in accordance with GDPR. For this purpose, we use data for example from GeoMarktprofiel. If you would like to exercise your rights towards GeoMarktprofiel, we kindly request you to contact legal@thedataagency.nl.

Some data may be shared with Google through tools such as Google Analytics for statistical and analytical purposes. To opt-out you can download this plugin here. <//> For security purposes DHB Bank also uses Google ReCAPTCHA at its website (Read more at: google.com/recaptcha/about/).

At times we may also engage other parties who also provide legal services and other services such as, accountants or bailiffs. These parties are responsible for the use of personal data under their legal and/or professional obligations.

Can I see which personal data DHB Bank is processing from me?
Yes, you can ask us to provide you with an overview of your personal data that is processed by us. You can send us a request hereto via post or by sending us an email. Please note we may request information from you upon receipt of the request for verification purposes. 

DHB Bank, Data Protection Officer 
Antwoordnummer 3150 
3000 WB Rotterdam 
The Netherlands
Email: DataProtectionOfficer@dhbbank.com

How long will my data be stored?
We store your personal data for as long as it is necessary for the purpose listed previously. We store different categories of data for different retention periods in accordance with the GDPR, the local laws and regulations that apply. Once the retention period has elapsed, we delete your data. DHB creates secured and encrypted backups which are routinely deleted every 10 years due to technical considerations. We have implemented appropriate security and organisational measures to ensure that your data is stored securely both on the live and backup systems. For some examples of varying data retention periods, we refer you to: Sample Retention Periods Schedule

Can I request a rectification, deletion, objection of my personal data with DHB Bank?
Yes, in case you are of the opinion that the data that we process from you is incorrectly administrated in our system(s) or is being processed incorrectly, you may send us a request to rectify the data. You may also send us a request to delete your personal data that we process from you. Please also be informed you may also object to the processing of your personal data, especially for marketing purposes.  

As a data subject, you are entitled to certain rights among other rights mentioned above under the GDPR. For more information, on exercising your rights under the GDPR, you may contact the Data Protection Officer (DPO) at DataProtectionOfficer@dhbbank.com. 

Please note we will process your request in consideration of legal and contractual obligations applicable to DHB Bank as a financial institution and considering our duty of care when processing your request. 

You can send us a request hereto via post or by sending us an email. Please note we may request information from you upon receipt of the request for verification purposes.

DHB Bank, Data Protection Officer 
Antwoordnummer 3150 
3000 WB Rotterdam 
The Netherlands
Email: DataProtectionOfficer@dhbbank.com 

Our contact person for your questions about data protection
For any question concerning your personal data and your rights thereunder, you can contact our Data Protection Officer (DPO) at the following address: DataProtectionOfficer@dhbbank.com.

If you are not satisfied with how we handle your case, you may contact the Competent Authority for Personal Data Protection at: 

Autoriteit Persoonsgegevens (Dutch Data Protection Authority)
Postbus 93374 
2509 AJ DEN HAAG 
https://autoriteitpersoonsgegevens.nl/nl 

Alterations and updating the Privacy Statement
This Privacy Policy may be updated or (partially) changed to reflect any adaptations in our practices and or applicable law and regulation. Please read this Privacy Policy periodically in order to be aware of any modifications or updates. DHB Bank reserves the right to update this Privacy Policy. Changes will be published on this page. 

Date: 30^th April 2026

This is a translation of the original Dutch version. In case of a discrepancy the Dutch text will be leading.  

Cookies

Our website(s) and platform(s) use cookies. Cookies are small text files that we store automatically on your computer and other electronic devices (e.g. tablets and smart phones), when you visit our website(s) and platform(s). The cookie file is generated by our website(s) or platform(s) when you access it and is accepted and processed by the browser software of your computer. The cookie file is stored in your device, or browser's folder or subfolder. Cookies help us provide you with a better functioning website and platform, and allow us to better cater our services to you based on your preferences.

You can decide yourself what types of cookies you consent to. We may automatically store functional (basic) cookies without your consent as these are necessary for us to provide a functioning and secure website and platform. For other types of cookies, we request your permission to store the cookies on your device. You decide which type of cookies your permission applies to.

You can change your cookie preferences on the bottom of our website by clicking the button "Cookie Preferences".

You can also control the use of cookies via your web browser (to learn more about cookies and how you can manage and delete them, you can visit various sites like https://allaboutcookies.org/). Our website(s) and platform(s) will issue cookies on your device, unless you have modified your browser settings to reject cookies. But keep in mind, some or all areas of our website or platform may not function properly or not at all, when you reject all cookies.

We use three types of cookies:

1. Basic Cookies 

These cookies are mandatory to ensure that we can provide you with proper, functioning and secure website(s) and platform(s). The cookie types used herein are specified in the table below. Please note, this may be subject to change when new software is released, and new cookies (for new functionalities) are embedded. 

Basic Cookies on Mijn DHB

2. Personal Cookies

Personal cookies are additional cookies on top of basic cookies. Personal cookies are used to tailor the content of our website, improving it to better suit your interests. For this we use tools from third parties to capture the usage of the website, e.g. the frequency of visits, IP addresses, the average length of visits, which pages are viewed during a visit, authentication information and periods of inactivity. Analytical cookies, for example through Google, are placed on your device when you accept this category of cookies. Herein, we only see an IP address. Google has access to the data collected for their own analysis. For detailed information on Google Analytics and Privacy we refer you to the Google site: www.google.com/intl/nl/policies/privacy/, or www.google.com/intl/nl/policies/privacy/partners/ . 

The specific cookie types used herein are specified in the table below. Please note, this may be subject to change when new cookies (for new functionalities) are imbedded. In case you visit our website via a search engine, their cookies might also use data regarding your current visit.

3. Full Cookies

Full cookies are additional cookies on top of basic and personal cookies. We use full cookies mainly to measure marketing related activities of our website(s), platform(s) and the websites you visit of our partners. Cookies and identifiers in this category share marketing-related information to other parties within and outside of Europe.

Your data on our website(s), platform(s) and our partners’ websites will be remembered, and through this cookie selection you give us permission to analyze your visit and to use this analysis for personal messages on our website(s) and platform(s) and from other parties within and outside of Europe. You also give us permission to share your personal data such as IP addresses with these parties.

The table below contains the cookies that are stored under this category. Please note, this may be subject to change when new cookies (for new functionalities) are imbedded.

Date: 8 May 2026