At Credit Agricole Bank Polska S.A. (hereinafter: the Bank) we protect the privacy of users of our websites. Please familiarise yourself with the information contained below which explains the basic rules for collecting, processing and using information about users of the API Portal Website (hereinafter: the Website).
- By registering with the Website or by filling in and sending the forms available on the Website to the Bank, the User provides the Bank with their personal data, operational data about the device the User uses, the search engine and the parameters of the internet connection, as well as data concerning the User's behaviour in the registration window or in the contact form.
- The website uses small text files, called cookies. Information gathered using this type of file makes it possible to adjust the Website to Users’ individual preferences and needs. It also allows us to develop general statistics regarding visits to the Website. We use the following cookie files:
- Our own cookies to authenticate the User on the Website and ensure the User’s session is stable on the Website (after logging in), as well as for analyses of the number of views and anonymous statistics thanks to which we understand how Users use the Website;
- External cookies to collect general and anonymous statistical data using Google Analytics analytical tools (the external cookies administrator is Google Inc. registered in the US);
Information on personal data protection
In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter ‘GDPR’), we are hereby publishing information on our Bank’s policy regarding personal data protection.
Who is responsible for data processing and how can you contact the Bank?
Your data controller is Credit Agricole Bank Polska S.A. (hereinafter: 'the Bank’). You can contact the Bank:
- Electronically: by e-mail at email@example.com
- By phone: +48 71 79 97 140 (calls charged as per service provider’s standard rate)
- By post: at the Bank’s registered address: ul. Legnicka 48 bud. C-D, 54-202 Wrocław, with the annotation: ‘API Portal’
Additionally, the Bank has appointed a Data Protection Officer whom you can contact:
- Electronically: at the e-mail address IOD@credit-agricole.pl
- By post: at the Bank’s registered address: ul. Legnicka 48 bud. C-D, 54-202 Wrocław, for the attention of: ‘Inspektor Ochrony Danych / Data Protection Officer’.
For what purposes and on what legal grounds does the Bank process personal data?
The Bank processes your data in accordance with the provisions of GDPR and Polish data protection laws. Please find below the legal grounds allowing the Bank to process your data:
- the legal provision regarding the identification of providers of payment services or the person representing the providers in affairs involving the Bank (Article 6.1c of the GDPR) or
- the data subject’s consent to the processing of his or her data (Article 6.1a of the GDPR) with regard to handling questions sent to the Bank via the contact form available on the Website or
- where processing is necessary for the performance of the electronic services agreement (Article 6.1.b of the GDPR), including for the purposes of creating an individual user account for the Website and managing such an account, or
- when pursuing a legitimate interest of the Bank (Article 6.1f of the GDPR) including, with regard to reporting within the CA Group, determining, recovering and enforcing claims, ensuring security of ICT infrastructure as well as for the Bank’s internal administrative purposes (Article 6.1a of the GDPR).
What data is processed?
- Data identifying you as a person: first name, last name
- Your contact data
- Operational data
- Registration data of the Company that you represent or that employs you.
To whom and for what purposes can we transfer your data?
The law allows us to transfer your data to other institutions, in order to enter into and perform agreements with customers as well as perform our statutory duties. We transfer your data, in particular, to:
- CA Group entities
- Entities processing personal data at the Bank’s request, including IT services providers – where such entities process data on the basis of outsourcing agreements concluded with the Bank exclusively and in accordance with the Bank's requirements.
How long do we store your data?
Your data is stored until the Bank executes a request for deletion of the user’s account, no longer than allowed by the statute of limitations, i.e. three years from the date of deletion of the user’s account.
What rights do you have with regard to the protection of your personal data?
- The right to access your data or receive a copy of your data
- The right to demand that your data be rectified, erased or its processing limited
- The right to object to data processing done in the legitimate interest of the Bank
- The right to withdraw your consent (if it was given); however, any activities carried out before the consent is withdrawn remain valid.
- The right to transfer your personal data if it is processed based on your consent or on an agreement
- The right to file a complaint with the authority competent for the protection of personal data.
For more information visit: www.credit-agricole.pl/RODO