ETRIS Bank GmbH
Phone: +49 (0) 202-6096 1500
Fax: +49 (0) 202-6096 70 500
Wuppertal Magistrates' Court, HRB 23425
Company headquarters: Wuppertal
VAT ID No.: DE276499897
Bank sort code: 300 306 00
Uwe Müller (Chairman)
Chairman of the Supervisory Board
Dr. Andreas Trautwein
Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin)
Graurheindorfer Str. 108
Deposit guarantee scheme
ETRIS Bank GmbH is associated with the deposit guarantee scheme run by German banks - Entschädigungseinrichtung deutscher Banken GmbH (EdB), Burgstraße 28, 10178 Berlin. The internet address of this institution is www.edb-banken.de
Person responsible for the content
Person responsible for the journalistic-editorial content in the sense of § 55 Para. 2 of the German Interstate Broadcasting Agreement:
Although we have taken the greatest possible care in putting together all the text and depictions on this web site, we do not extend any warranty for the correctness or completeness of the details. The same applies to all links posted on this web site. ETRIS BANK is not liable for any damages or losses, whether direct or indirect, including foregone profit, incurred due to information provided on this web site.
General Data Protection Information for Customers
How we process your data and your rights
- Information in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR) -
Below you will find information about the processing of your personal data by us and the claims and rights to which you are entitled in accordance with the data protection law regulations.
The data that are processed in data and how such data are used are largely based on the requested or agreed services.
1 Who is responsible for the data processing and who can I contact?
ETRIS Bank GmbH, Dieselstraße 45, D-42389 Wuppertal,
Tel.: +49 (0)2 02/6096 - 1500, E-mail: email@example.com
You can contact our data protection officer at:
ETRIS Bank GmbH, Dieselstraße 45, D-42389 Wuppertal,
Data Protection Officer, E-mail: firstname.lastname@example.org
2 What sources and data do we use?
We process personal data that we receive from you during the course of our business relationship. In addition, we process, to the extent required for the provision of our service, personal data that we receive from other companies of the E/D/E Group (in particular from Einkaufsbüro Deutscher Eisenhändler GmbH, Toolineo GmbH & Co. KG, Delcredit France SAS, Delcredit España SA), other central settlement associations or other third parties (e.g. Creditreform Wuppertal Brodmerkel & Kötting KG, Bureau van Dijk, trade credit insurance companies such as Atradius Kreditversicherung, branch of Atradius Crédito y Caucón S.A. de Seguros y Reaseguros as well as Euler Hermes Germany branch of Euler Hermes SA, collection companies such as Atradius Collections B.V., Germany branch) (e.g. for the execution of orders, the performance of contracts or on the basis of consent given by you). On the other hand, we process personal data that we have obtained from publicly accessible sources (e.g. debtors' registers, land registers, registers of companies and associations, press and media) and which we are permitted to process.
Relevant personal data are personal details (name, address and other contact details, date and place of birth and nationality), legitimation data (e.g. ID card data) and authentication data (e.g. specimen signature), tax-relevant data (e.g. tax number, tax identification number and tax residency). Furthermore, this may also include order data (e.g. payment order), application data (i.e. information you make available to us, e.g. when applying for a loan agreement), data from the honouring of our contractual obligations (e.g. turnover data in payment transactions, credit line, product data [e.g. deposit business, lending business including subsidised loans]), information about your financial situation (e.g. creditworthiness data, scoring/rating data and the origin of assets), advertising and sales data (including advertising scores), documentation data (e.g. advice log), register data, data about your use of the telemedia we offer (e.g. time of accessing our websites, apps or newsletters, our pages that are clicked on or entries) as well as other data comparable to the stated categories.
3 What do we process your data for (purpose of processing) and on what legal basis?
We process personal data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
3.1 To honour contractual obligations (Article 6(1b), GDPR).
Personal data (Article 4, No. 2, GDPR) are processed for the purpose of providing and arranging banking transactions, financial services (e.g. factoring), in particular for the execution of our contracts or pre-contractual measures with you or with central settlement associations for the purpose of entering into the central settlement business transactions (payment processing and assumption of del credere liability) and the execution of your orders, as well as all activities associated with the operation and administration of a credit and financial services institution. As part of the lending business, personal data are also processed for the initiation, examination and administration of development loans refinanced via the development institutions NRW.BANK and Kreditanstalt für Wiederaufbau (KfW). More details are available for NRW.BANK at https://www.nrwbank.de/de/datenschutz/ and for KfW at https://www.kfw.de/KfW-Konzern/Datenschutz.html.
The data processing purposes primarily depend on the service or the specific banking product (e.g. account, loan, factoring, deposit, brokerage, online banking) agreed with you or your central settlement association and may include inter alia needs analyses, advice as well as the execution of transactions.
Further details about the purpose of the data processing can be found in the respective contractual documents and terms and conditions of business, which you have received from us or your central settlement association or another body that processes your data at its own responsibility.
3.2 As part of weighing up interests (Article 6(1f), GDPR)
Where necessary, we process your data beyond the actual performance of the contract to protect our legitimate interests, or those of third parties, such as in the following cases:
3.3 Based on your consent (Article 6(1a), GDPR)
Insofar as you have granted us consent to process personal data for certain purposes (e.g. evaluation of payment transaction data for marketing purposes), the lawfulness of this processing shall be based on your consent. Granted consent may be withdrawn at any time. This also applies to the declarations of consent made to us prior to the application of the GDPR, i.e. prior to 25 May 2018.
Please note that your withdrawal only applies to the future. Processing that occurred prior to the withdrawal is not affected.
3.4 As a result of statutory requirements (Article 6(1), Point c, GDPR) or in the public interest (Article 6(1), Point e, GDPR)
As a bank, we are also subject to various legal obligations, i.e. statutory requirements (e.g. German Banking Act, Money Laundering Act and tax laws) as well as banking supervisory requirements (e.g. of the European Central Bank, the European Banking Authority, the Deutsche Bundesbank and the German Federal Financial Supervisory Authority). The purposes of the processing include the creditworthiness check in relation to the respective customer or borrower (e.g. within the scope of central regulation: member / dealer / connecting house / trading partner; in the context of factoring: factoring recipients and debtors), the identity and age check, fraud and money laundering prevention, the honouring of control and reporting obligations under tax law, reporting obligations under supervisory law as well as the assessment and management of risks.
4 Who receives my data?
Within the bank, those offices that require your data to honour our contractual and legal obligations are granted access to your data. Processors appointed by us (Article 28, GDPR) may also receive data for these purposes. These are companies in the categories of credit services, processing of the factoring business, IT services, logistics, printing services, telecommunications, advice and consulting as well as sales and marketing.
With regard to the forwarding of data to recipients outside the bank, it should first be noted that, in accordance with the general terms and conditions of business agreed by you or the respective central settlement association and us, we undertake to maintain secrecy about all customer-related facts and evaluations of which we become aware (banking secrecy). We may only forward information about you if this is required by law, if you have consented or if we are authorised to furnish banking information. Under these conditions, recipients of personal data may be, for example:
Further data recipients may be those bodies for which you have given us your consent to forward data or for which you have released us from banking secrecy in accordance with an agreement or consent.
Where necessary in the context of processing in accordance with the above point 3, you hereby release us from banking secrecy.
5 For how long are my data stored?
Where necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and execution of a contract. It should be noted that our business relationship is a continuing obligation that is intended to last for years.
In addition, we are subject to various storage and documentation obligations, which result, inter alia, from the German Commercial Code (HGB), the German Fiscal Code (AO), the German Banking Act (KWG) and the German Money Laundering Act (GwG). The periods specified there for storage or documentation are two to ten years.
Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases may run to thirty years.
6 Are data transferred to a third country or to an international organisation?
Data are only transferred to third countries (countries outside the European Economic Area - EEA) if this is necessary to execute your orders (e.g. payment and securities orders), is required by law or you have granted us your consent. We shall inform you separately about the details, if required by law.
7 What data protection rights do I have?
Each data subject has the right to information in accordance with Article 15, GDPR, the right to rectification in accordance with Article 16,GDPR, the right to erasure in accordance with Article 17, GDPR, the right to restriction of processing in accordance with Article 18, GDPR and the right to data portability in accordance with Article 20, GDPR. With regard to the right to information and the right to erasure, the restrictions in accordance with Sections 34 and 35, BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Article 77, GDPR, in conjunction with Section 19, BDSG).
8 Is there an obligation to provide data?
Within the scope of our business relationship, you are only required to provide personal data that are necessary for the establishment, execution and termination of a business relationship or that we are legally obliged to collect. Without such data, we shall usually be required to refuse to enter into the contract or execute the order or shall no longer be able to perform an existing contract and may need to terminate it.
We undertake, in particular in accordance with money laundering regulations, to identify you before the business relationship is established, for example by means of your identity card, and collect your name, place of birth, date of birth, nationality and residential address. For us to be able to comply with this legal obligation, you must provide us with the necessary information and documents in accordance with the German Money Laundering Act and notify us without delay of any changes that occur in the course of the business relationship. If you do not provide us with the necessary information and documents, we may not enter into the business relationship you request.
9 To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use fully automated decision-making in accordance with Article 22, GDPR, to establish and implement the business relationship. Should we use such procedures in individual cases, we shall inform you of this separately, insofar as this is required by law.
10 To what extent is my data used for profiling (scoring)?
On occasion we process your data automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in the following cases, for example:
Information about your right to object
In accordance with Article 21 of the General Data Protection Regulation (GDPR)
If you make an objection, we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where you object to processing for direct marketing purposes, your personal data shall no longer be processed for such purposes.
The objection may be made without honouring formal requirements, and should preferably be addressed to:
Please see the contact details in sub-section 1.