Wirecard AG and its subsidiaries (Wirecard Group), including Wirecard Bank AG, offer their customers products and services relating to electronic payment transactions. The objective is to allow companies and consumers worldwide to process electronic transactions safely and smoothly. Security and the protection of personal data is one of the most important aspects in the context of handling and processing of payments. This is why the Wirecard Group places particular emphasis on high data protection standards.
1. Data controller
The data controller within the meaning of the GDPR and the German Data Protection Act (Bundesdatenschutzgesetz, "BDSG") is Wirecard Bank AG, Einsteinring 35, 85609 Aschheim, Germany (Wirecard).
Within this Website, we make available information on the services provided by Wirecard , as well as a contact form. Also, we offer our customers the option of logging into their personal eBanking area by redirecting the customer, after log-in, to a portal to access their banking information.
Wirecard operates this Website in accordance with the provisions of the GDPR, the BDSG and all other provisions with relevance in the area of data protection law.
Cookies are small text files which are stored locally in your internet browser‘s cache memory, in order to be able to recognise it. Wirecard uses different types of cookies, and we provide further information on these cookies at https://www.wirecard.com/privacy-protection/cookies/.
For further information on the cookies we use, please go to: https://www.wirecard.com/privacy-protection/cookies/.
4. Collection and processing of personal and other data during visits to our internet presence
4.1. Anonymous use of the site
Usage of our Website is possible without providing any personal data. Data collected automatically will always be anonymised prior to their storage and usage (in this context, see section 4.2 below).
4.2. Non-personal data collected automatically (logfile information)
When visiting this Website, so-called logfile information will be recorded - this being standard procedure on the internet. This non-personal information is transmitted automatically by your internet browser. This information includes in particular: IP address (where the last two blocks of numbers will be deleted immediately), accessed pages within the internet presence, date and time of the visit, cookies, used browser, operating system of the accessing computer, language setting and transferred data volume. The processing of the logfile information is done mainly in order to establish the connection, to ensure system security and for reasons of technical administration.
Also, logfile information is exclusively stored and analysed statistically in an anonymous form, in order to continuously improve the Website, to adjust it to the visitors‘ interests and to speed up the detection and/or elimination or bugs (in this context, see Section 5 below).
Wirecard will store logfile information for security reasons (e.g. in order to clarify cases of abuse or fraud), for a maximum period of seven days, and will then delete such information. Data which must be stored beyond that for reasons of evidence are excluded from the deletion up until the relevant incident has been clarified.
4.3. Collecting and processing our customer‘s personal data
The Website offers login options. In such cases, the following applies:
During login, we will collect the personal data required for you to be able to access your personal eBanking information as provided for in the contract with you, e.g. your name, e-mail address and company, and further information to identify you such as alias/VR identifier and PIN (e-banking). We will mainly use such data to enable identification of you so you can log into your eBanking account. Your data will only be processed for other purposes if you have given your consent, or if this is permitted by law. For further information on the transactions and transfers carried out as part of your e-banking experience, please refer to the information provided to you when you opened your account, or contact us at data.privacy[at]wirecard.com.
4.4. Usage and forwarding of personal data
Your personal data will only be used for the specified purposes, and only to the extent required in order to achieve these purposes. Data will only be forwarded to third parties - if at all - within the limits of the statutory provisions. Transfers to public authorities and administrative bodies only take place within the scope of mandatory national legal provisions or if it is necessary in cases of abuse or fraud activities for civil and criminal enforcement. Transfer for other purposes – in particular for purposes of address dealing – is excluded.
5. Web analysis
In order to continuously improve the Website, to adapt it to the visitor‘s interests, and to speed up the detection and/ or elimination of bugs, logfile information (for information on such data, please see Section 4 above) will be stored under a pseudonym in so-called usage profiles, and will be analysed statistically. Cookies are also used for this purpose (for information on cookies, see Section 3 above). The IP address will only be stored and processed in an abbreviated form, namely without the last two blocks of numbers. The data collected will not be used to personally identify the visitor, and will not be merged with personal data relating to the bearer of the pseudonym, except if the visitor gives his/her expressed separate consent. Such data will not be forwarded to third parties. The data will be deleted as soon as storage is no longer required for purposes of web analysis.
For the web analysis described above, Wirecard uses technologies by etracker GmbH, Erste Brunnenstr. 1, 20459 Hamburg (www.etracker.com). This service employs cookies which enable a statistical analysis of the use of the Website through its visitors as well as the display of use-related content and advertisement.
The so-created data will be processed and stored by etracker on assignment in Germany and are subject to the strict German and European data protection laws and standards. In this regard, etracker has undergone independent audit and certification and has been awarded the data protection quality seal "ePrivacyseal".
The data processing is carried out on the basis of the statutory provision of Art 6 para 1 lit f GDPR (legitimate interest). Our interest within the sense of GDPR (legitimate interest) is the optimization of our online offering and our web presence. Because the privacy of our visitors is important to us we anonymize or pseudonymize data that may permit a relation to individual persons such as IP address or device ID as soon as possible. A further use, connection with other data of etracker or transfer to third parties will not be done. If you want to prevent the collection of your data through etracker on this Wirecard Webseite, visitors can use the following link: etracker Opt-Out
6. Contact form
We offer a contact form on our Website. Wirecard will store the personal data provided by you when you send the completed contact form (e.g. name, address, telephone number, e-mail address) in its Customer Relationship Management System („CRM System“). Wirecard will use such personal data
- To respond to your contact request;
- in anonymized form to support our internal business objectives, namely data analyses, revisions, the development of new products, improvement of this internet presence, improvement of our services, detection of usage trends and determination of the effectiveness of our advertising campaigns);
- in order to prevent and identify abuse or fraud.
The data collected via the contact form will not be forwarded to third parties.
7. Grounds for Collection, Processing and Use
The majority of the collection, processing and use of your personal data, as described herein, is carried out for our legitimate interest or to respond to any request you send to us.Where you have the possibility to log in to your eBanking account, we collect and process this information due comply with our contractual obligations to you.
8. Data Processing
Wirecard uses service providers to collect and/or process data; for instance, a service provider may be assigned to provide technical support for this Website, or to answer contact inquiries. Service providers will only work on behalf of, and under instructions by, Wirecard (so-called contract data processing).
9. Data retention
We store your personal data for as long as it is needed to fulfil the purpose for which it was collected, subject to any statutory retention obligations, in particular according to tax or accounting law.
10. Data safety
In order to protect the personal data against loss, falsification or disclosure to unauthorised third parties, we have taken adequate organisational, technical and administrative measures. Wirecard uses firewalls in order to prevent unauthorised access to servers; the servers are located at a safe location in Germany to which only authorised staff have access. All staff members and all persons involved in the processing of data are subject to an obligation to comply with all laws relating to data protection, and to treat personal data confidentially.
11. External links
12. Data Subjects rights
Under GDPR, visitors as data subjects have certain rights, in particular the right to access, correct, update, or request deletion of your personal data that we store about you.
If you wish to exercise any of these rights, you can do so at any time by contacting us at data.privacy[at]wirecard.com.
You can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data. Again, you can exercise these rights by contacting us at data.privacy[at]wirecard.com.
Similarly, if we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact us at the above e-mail address.
14. Contact Information
If you have any questions regarding the processing of your personal data or regarding data protection at Wirecard, please contact the following e-mail address: data.privacy[at]wirecard.com. You may also direct any suggestions or complaints to this address.
The Data Protection Officer of Wirecard can be reached at data.privacy[at]wirecard.com