BNI Europa, with NIPC 509007333, headquartered at Av. Eng. Duarte Pacheco, CC Amoreiras, Tower 1 – Floor 7, 1070-101 Lisbon (Portugal) is the entity responsible for processing personal data and may, within the scope of its activity, use entities subcontracted by it for the purposes indicated herein.

BNI Europa has a Data Protection Officer who is responsible for, among other things:

• Monitoring the compliance of data processing with applicable standards;
• Clarify questions relating to this policy;
• Cooperate with the National Data Protection Commission (NDPC);
• Responding to requests from data subjects to exercise their rights.

The contact details of our Data Protection Officer are:

Av. Eng. Duarte Pacheco, CC Amoreiras, Tower 1 – Floor 7
1070-101 Lisbon (Portugal)
Email: dpo@bnieuropa.pt

Personal data is any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.

Any operation performed on personal data, whether or not by automated means, such as collection, recording, organization, storage, alteration, consultation, use, disclosure, restriction, erasure or destruction.

BNI Europa collects and processes the following personal data, among others:

The collection of personal data is imperative within the scope of commercial and contractual relations with our clients, potential clients and other related data subjects, such as representatives, guarantors, sureties, among others. The data collected must be kept in order to comply with pre-contractual or contractual obligations arising from the legislation in force.
Banco BNI Europa processes data provided by the data subject or that the data subject has authorized, and assumes that the data is true and updated.

Personal data may be collected by the following methods:

• Data provided directly by the owners;
• Data collected in the context of the use of products and services by data subjects;
• Cookies (Data relating to the use of the Bank’s websites and applications, obtained through cookies from the Bank or third parties. You can find more information about the type of cookies used by the Bank and the data collected in the cookies policy published on the website www.bnieuropa.pt);
• Data obtained by the Bank from third parties with which it works, including (i) the Bank of Portugal, (ii) public authorities, (iii) insurance companies, (iv) credit intermediaries, or (v) the Bank’s partners.
• Email and sms;
• Website and other Bank sites;
• Telephone calls;
• In person;
• Videoconferencing;
• Through applications (“apps”) installed on mobile devices;
• Through access to external sites;
• Social Media.

The data collected is processed and stored by computer and in full compliance with personal data protection legislation, and is stored in a specific database created for this purpose by Banco BNI Europa or its subcontractors.

Some of the personal data collected on the Bank’s websites (www.bnieuropa.pt) must be filled in and, if this data is missing or insufficient, Banco BNI Europa may not be able to provide you with the services or information you have requested. In each specific case, Banco BNI Europa will inform you of the mandatory nature of the provision of the personal data in question.

Videoconferencing is one of the alternatives provided to the client in the account opening process to verify the client’s entity, and the personal data collected is mandatory. In order to hold the videoconference, you will be asked for prior authorization to record the image. Without authorization, the account opening process cannot be completed by this method.

Personal data can be collected by accessing external websites (screenscrapping), with the data subject’s authorization. More specifically, the customer’s bank details are collected through a one-off consultation of their homebanking (with their authentication), using a screenscraping tool that ensures the protection of both the homebanking access data and their bank details. This process is not compulsory and may be replaced by the direct delivery of the requested information by the data subjects.

Bank BNI Europa may also store cookies on your device to personalize and make browsing as easy as possible. For more information, please read our Cookies Policy.

We will use your data, among other purposes, to manage your registration as a user of the Bank’s website (www.bnieuropa.pt), to manage your access to our products and services, to answer your questions and, if you wish, to send you our personalized communications.

Please note that when we ask you to fill in your personal details in order to give you access to a feature or service on the Bank’s platform websites, some fields are mandatory, as these are the details we need in order to give you access to the private areas of the Bank’s websites, in order to be aware of and take advantage of our services and products. Please note that if you decide not to provide us with this data, you may not be able to complete your registration as a user and you may not be able to take advantage of the services and features of the Bank’s websites. You can cancel your registered user account by contacting us through Customer Support or by sending an e-mail to our Data Protection Officer.

Your data will be included in a personal data file that Banco BNI Europa may use for the following purposes:

• Management of the pre-contractual or contractual relationship and related operations, which includes the analysis, decision and management of credit operations and credit risk assessment;

• Compliance with legal obligations in terms of combating money laundering or terrorist financing;

• Compliance with other legal or regulatory obligations;

• Complaints management;

• Litigation management;

• Internal and external audit;

• Securitization and assignment of credit;

• Profiling;

• Carrying out market research, evaluation surveys and statistical analysis;

For the purposes identified above, Bank BNI Europa may interconnect the data collected in order to update and complete such data.

Other processing of personal data may also be carried out when prior, express consent has been obtained through explicit, informed and free action.

In order to analyze credit risk and assess customer solvency, Bank BNI Europa uses statistical techniques and customer segmentation (profiling), using data collected from their holders, which are included in the bank’s database or collected from third parties, such as the type of products subscribed, the credit operations contracted, the level of default recorded, etc. In addition, Banco BNI Europa makes use, in accordance with the law, of the data contained in the Central Credit Register of Bank of Portugal. By their very nature, these technologies may imply exclusively automated decision making, particularly when contracting loans through digital channels.

However, the data subject may contest the automated decision and request its assessment through human intervention and may submit additional information and documentation to this end.

Bank BNI Europa also uses statistical techniques and customer segmentation (profiling) to tailor its offer to its customers and to carry out direct marketing actions, using the data identified above.

It should also be noted that these technologies are also used to comply with legal requirements, particularly with regard to the prevention of money laundering and terrorist financing.

The data collected and held by Bank BNI Europa may be transmitted, with respect for the duty of confidentiality and the principle of the purpose for which it was collected, to the following entities:

• Entities of the group in which Bank BNI Europa is included with the aim of providing banking and financial services;
• Entities that manage credit risk centers, whether public or private;
• Central de Responsabilidades de Crédito do Banco de Portugal, relativamente a responsabilidades efetivas ou potenciais decorrentes de operações de crédito de que seja beneficiário o titular dos dados, nos termos da lei;
• Agências de análise de crédito e prevenção de fraude;
• Autoridades judiciais ou administrativas, nos casos em que tal cedência seja obrigatória;
• Organizações, incluindo companhias de seguros que tenham contratos com o Grupo em que o Banco BNI Europa está inserido para prestação de serviços, promoções ou ofertas;
• Entidades que prestem serviços de solvabilidade a instituições de crédito;
• Empresas de cobranças de créditos caso se revele necessária a recuperação de valores em dívida ao Banco BNI Europa;
• Autoridades legais e de supervisão sempre que o Banco BNI Europa tenha, por lei, esse dever;
• Outras instituições de crédito e de serviços financeiros, nomeadamente entidades financeiras adstritas ao sistema de intercâmbio de informação bancária (Swift) e fornecedores de serviços de pagamento.
• Subcontratantes que procederão ao tratamento dos dados por conta do Banco BNI Europa e de acordo com as finalidades por este determinadas, nomeadamente quando tal se mostre necessário ou conveniente para lhe oferecer serviços serviços comercializados pelo Banco BNI Europa, para o cumprimento das obrigações pré-contratuais ou contratuais, realização de estudos de mercado, inquéritos de avaliação ou análises estatísticas, e ;
• Qualquer entidade com a qual o Banco BNI Europa negoceie a cessão de créditos.

Bank BNI Europa may use your data to inform you of products and services that it considers to be of interest to you, provided that you have given your consent. This disclosure may continue even after your relationship with BNI Europa has ended.

Contacts may be made via automatic calling machines, fax machines, email, SMS, MMS, or other means that allow messages to be received independently of the recipients’ intervention, unless you have instructed us otherwise.

You can object at any time to the processing of your data for direct marketing purposes by writing to the email address of the Data Protection Officer.

In accordance with the applicable legislation, the data subject has the following rights:

• Right of access: The right to obtain information regarding the category of personal data collected, what processing it is subject to and for what purposes, to which entities the data is transmitted, applicable retention periods and other related information;
• Right to rectification: The right to request the rectification of inaccurate or incomplete personal data;
• Right to erasure (or forgetting): The right to have your personal data deleted when it is no longer used for the purposes for which it was collected or when your consent is withdrawn, without prejudice to the retention periods imposed by applicable legislation and regulations;
• Right to restriction of treatment:The right to request the restriction of data processing, when (i) the accuracy of the personal data is contested, (ii) the processing is unlawful and the data subject opposes the erasure of the data, (iii) Banco BNI Europa no longer needs the data for processing, but it is requested by the data subject, and (iv) if the data subject has opposed the processing and until it is verified that Banco BNI Europa’s legitimate reasons override the data subject’s right;
• Right to portability: The right to receive personal data concerning you that you have provided to Banco BNI Europa in a structured, commonly used and machine-readable format and to transmit it to another data controller;
• Right to object: Right to object to the processing of data for direct marketing purposes;
• Right to refuse automated decisions: The right not to be subject to decisions based exclusively on automated processing, including profiling, which produce effects in your legal sphere.

The exercise of any of these rights can be requested from our Data Protection Officer.

The data subject also has the right to complain to the CNPD or another supervisory body, namely in the European Union member state of their residence in matters relating to the exercise of rights and the protection of personal data, without prejudice to recourse to any other administrative or judicial remedy.

The period of time for which data is stored and kept varies according to the purpose for which the information is processed. Whenever there is no specific legal requirement, the data will be stored and kept only for the minimum period necessary for the purposes for which it was collected or subsequently processed, or for the period of time authorized by the National Data Protection Commission, after which it will be deleted.

Bank BNI Europa is committed to protecting the security of your data. To this end, it has adopted a number of technical and organizational security measures in order to protect the personal data you provide against its dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of unlawful processing. Banco BNI Europa requires its subcontractors and partners to adopt security measures equivalent to those it practices.

Notwithstanding the security measures practiced by Bank BNI Europa, the user must adopt additional security measures, namely ensuring that he/she uses equipment and a browser that is up-to-date in terms of security, properly configured, with an active firewall, antivirus and anti-spyware, and making sure that the sites he/she visits on the Internet are authentic, avoiding websites whose reputation he/she does not trust.

Bank BNI Europa acknowledges that it may communicate personal data in the context of mergers, acquisitions and/or incorporation processes in which it is involved. Such communication shall not be considered as a transfer of data to third parties, nor shall there be any subcontracted processing.

Bank BNI Europa may also transmit data to third parties in the context of investigations, inquiries and judicial and/or administrative proceedings or of a similar nature, provided that it is duly ordered to do so by a court order.

Bank BNI Europa will transfer data to third countries that do not belong to the European Union or the European Economic Area only in cases permitted by law. Transfers outside the European Union may occur when this is necessary for (i) the execution of orders or requests (e.g. transfer of payment abroad), (ii) by legal requirement, or (iii) with the express authorization of the data subject. In the event that it is necessary to use service providers from third countries, Banco BNI Europa will ensure that these entities comply with all legal obligations in terms of data protection and will process the data in accordance with Bank BNI Europa’s prior and documented instructions.

Bank BNI Europa reserves the right to make adjustments or changes to this Privacy Policy at any time, and such changes will be duly published on the websites.

Cookies are small software tags that are stored on your computer or other devices you use to access the internet via your browser.
Find out more about cookies at: allaboutcookies.org.

The purpose of using cookies is to improve the user’s browsing experience by increasing the speed and efficiency with which websites respond. It eliminates the need to repeatedly enter the same information and helps determine the usefulness, interest and number of uses. Each cookie has a function and an expiration date.

Bank BNI Europa will not, without prior consent, use data stored in cookies in cases where this is required.

This website uses proprietary and third party cookies. Third party cookies differ from the first in that they are sent to the user’s device from a device or domain that is not under the direct control or management of Banco BNI Europa.

Cookies can be classified as follows:

• Essential cookies – They are essential for accessing specific areas of the website. They allow navigation on the website and use of its applications, as well as access to secure areas via login. These cookies do not collect information about the user that can be used for marketing purposes or to identify user visits to websites. Without them, certain services cannot be provided.
• Analytical cookies – They make it possible to analyze how users use the website, highlighting articles or services that may be of interest to them, monitoring its performance and knowing which pages are the most popular. These cookies are only used for the purposes of statistical creation and analysis.
• Functional cookies – They make it possible to remember the user’s preferences when browsing the site. This way, the user doesn’t need to reconfigure and personalize it each time they visit.
• Advertisement cookies – It allows advertising to be targeted according to the interests and usage habits of each user on and off our website. These cookies are used to support more targeted marketing and communication actions, also helping to measure the effectiveness of advertising.

With regard to their validity, the cookies used may also be:

• Permanent cookies – They are stored at browser level and on your access devices (e.g. computer, mobile and tablet) and are used whenever you visit the website again. In general, they are used to direct browsing according to the user’s interests, allowing Banco BNI Europa to provide a more personalized service.
• Session cookies – They are generated and available until the session is closed. The next time the user accesses their browser, the cookies will no longer be stored. The information obtained makes it possible to manage sessions, identify problems and provide a better browsing experience.

You can block or restrict the use of cookies through the settings of the browsers you use, and on each device you use to access the Internet.
By limiting the use of cookies, you can make the browsing experience more difficult and, ultimately, prevent you from logging in to the site, or the operation of services provided online.