Data Privacy Notice
Wirecard AG and its subsidiaries (Wirecard Group), including Wirecard Bank AG, offer their customers products and services relating to electronic payment transactions. The objective is to allow companies and consumers worldwide to process electronic transactions safely and smoothly. Security and the protection of personal data is one of the most important aspects in the context of handling and processing of payments. This is why the Wirecard Group places particular emphasis on high data protection standards.
Wirecard Bank AG ("Wirecard") operates the websites www.wirecardbank.de and www.wirecardbank.com (together, the "Websites").The following Data Privacy Notice describes what information will be collected when an internet user visits the Websites, the purposes for which the information is collected, and how Wirecard uses the information. This information will contain personal data as defined under the European General Data Protection Regulation (EC 2016/679) ("GDPR"), i.e. any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier.
1. Data controller
The data controller within the meaning of the GDPR and the German Data Protection Act (BDSG) is Wirecard Bank AG, Einsteinring 35, 85609 Aschheim, Germany (Wirecard).
Within this Website, we make available information on the services provided by Wirecard , as well as a contact form. Also, we offer our customers the option of logging into their personal eBanking area by redirecting the customer, after log-in, to a portal to access their banking information.
Wirecard operates this Website in accordance with the provisions of the GDPR, the BDSG, the Telemedia Act (TMG) and all other provisions with relevance in the area of data protection law.
For further information on the cookies we use, please go to: www.wirecardbank.com/privacy/
4. Collection and processing of personal and other data during visits to our internet presence
4.1. Anonymous use of the site
Usage of our Website is possible without providing any personal data. Data collected automatically will always be anonymised prior to their storage and usage (in this context, see section 4.2 below).
4.2. Non-personal data collected automatically (logfile information)
When visiting this Website, so-called logfile information will be recorded - this being standard procedure on the internet. This non-personal information is transmitted automatically by your internet browser. This information includes in particular: IP address (where the last two blocks of numbers will be deleted immediately), accessed pages within the internet presence, date and time of the visit, cookies, used browser, operating system of the accessing computer, language setting and transferred data volume. The processing of the logfile information is done mainly in order to establish the connection, to ensure system security and for reasons of technical administration.
Also, logfile information is exclusively stored and analysed statistically in an anonymous form, in order to continuously improve the Website, to adjust it to the visitors‘ interests and to speed up the detection and/or elimination or bugs (in this context, see Section 5 below).
Wirecard will store logfile information for security reasons (e.g. in order to clarify cases of abuse or fraud), for a maximum period of seven days, and will then delete such information. Data which must be stored beyond that for reasons of evidence are excluded from the deletion up until the relevant incident has been clarified.
4.3. Collecting and processing our customer‘s personal data
The Website offers login options. In such cases, the following applies:
During login, we will collect the personal data required for you to be able to access your personal eBanking information as provided for in the contract with you, e.g. your name, e-mail address and company, and further information to identify you such as alias/VR identifier and PIN (e-banking). We will mainly use such data to enable identification of you so you can log into your eBanking account. Your data will only be processed for other purposes if you have given your consent, or if this is permitted by law.
4.4. Usage and forwarding of personal data
Your personal data will only be used for the specified purposes, and only to the extent required in order to achieve these purposes. Data will only be forwarded to third parties - if at all - within the limits of the statutory provisions.
5. Web analysis
In order to continuously improve the Website, to adapt it to the visitor‘s interests, and to speed up the detection and/ or elimination of bugs, logfile information (for information on such data, please see Section 4 above) will be stored under a pseudonym in so-called usage profiles, and will be analysed statistically. Cookies are used for this purpose (for information on cookies, see Section 3 above). The IP address will only be stored and processed in an abbreviated form, namely without the last two blocks of numbers. The data collected will not be used to personally identify the visitor, and will not be merged with personal data relating to the bearer of the pseudonym, except if the visitor gives his/her expressed separate consent. Such data will not be forwarded to third parties. The data will be deleted as soon as storage is no longer required for purposes of web analysis.
For the web analysis described above, Wirecard uses technologies by etracker GmbH, Erste Brunnenstr. 1, 20459 Hamburg (www.etracker.com). Data processing has been examined for data protection conformity and data safety by etracker GmbH, and we have concluded an appropriate agreement with etracker GmbH. For further information on data protection by etracker GmbH, please go to www.etracker.com/en/data-privacy/. You may object to the collection and storage of data by etracker at any time with effect for the future by using the aforementioned link.
6. Contact form
We offer a contact form on our Website. Wirecard will store the personal data provided by you when you send the completed contact form (e.g. name, address, telephone number, e-mail address) in its Customer Relationship Management System („CRM System“). Wirecard will use such personal data
- to respond to your contact request;
- in anonymized form to support our internal business objectives, namely data analyses, revisions, the development of new products, improvement of this internet presence, improvement of our services, detection of usage trends and determination of the effectiveness of our advertising campaigns);
- in order to prevent and identify abuse or fraud.
The data collected via the contact form will not be forwarded to third parties.
7. Grounds for collection, processing and use
The majority of the collection, processing and use of your personal data, as described herein, is carried out for our legitimate interest or to respond to any request you send to us.Where you have the possibility to log in to your eBanking account, we collect and process this information due comply with our contractual obligations to you.
8. Data processing
Wirecard uses service providers to collect and/or process data; for instance, a service provider may be assigned to provide technical support for this Website, or to answer contact inquiries. Service providers will only work on behalf of, and under instructions by, Wirecard (so-called contract data processing).
9. Data retention
We store your personal data for as long as it is needed to fulfil the purpose for which they were collected.
10. Data safety
In order to protect the personal data against loss, falsification or disclosure to unauthorised third parties, we have taken adequate organisational, technical and administrative measures. Wirecard uses firewalls in order to prevent unauthorised access to servers; the servers are located at a safe location in Germany to which only authorised staff have access. All staff members and all persons involved in the processing of data are subject to an obligation to comply with all laws relating to data protection, and to treat personal data confidentially. However, unfortunately, there is no guarantee that 100% safety can be ensured.
11. External links
The Website contains links to the sites of other providers in order to be able to provide the visitors with comprehensive information. Wirecard does not have any influence on the design of such sites, and is not responsible for the content offered there. The principles of this Data Privacy Notice do not apply to these external sites.
12. Data subjects rights
Under GDPR, visitors as data subjects have certain rights, in particular the right to access, correct, update, or request deletion of your personal data that we store about you.
If you wish to exercise any of these rights, you can do so at any time by contacting us at email@example.com
You can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data. Again, you can exercise these rights by contacting us at firstname.lastname@example.org.
Similarly, if we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact us at the above e-mail address.
13. Changes to our Data Privacy Notice
We reserve the right to change and/or adapt our security and/ or data protection measures to the extent this is necessary or beneficial due to technical developments or changes in the law, or if we believe the changes are necessary or supportive for the security of the data and/or our IT environment. In these cases, we shall also adjust the present information accordingly. Therefore, please always take note of updated versions of this Data Privacy Notice.
14. Contact information
If you have any questions regarding the processing of your personal data or regarding data protection at Wirecard, please contact the following e-mail address: data.privacy@wirecard. com. You may also direct any suggestions or complaints to this address.
The Data Protection Officer of Wirecard is
Fieldfisher (Germany) LLP
Dr. Felix Wittern
Am Sandtorkai 68