Privacy statement

The controller, within the meaning of the General Data Protection Regulation (GDPR), is TARGOBANK AG (hereinafter referred to as ‘We’, ‘Us’, or ‘TARG0BANK’). You may also contact this address at any time in order to consult your saved data or have it altered or erased. The contact details for the data protection officer are as follows:

TARGOBANK AG
Datenschutz
Postfach 21 04 53
47026 Duisburg, Germany

In principle, you can access our website without disclosing any personal data to us. You are free to decide at any time whether you wish to disclose your data to us. During a typical visit to the TARGOBANK website, and assuming you do not object, individual items of data such as the IP address, browser type, and access times are transmitted to us automatically by your computer and stored on our server. The storage process uses cookies and the Google Analytics service among other things. You can find a more detailed description of how these services work below, as well as how you can object to the services using your data.

The IP address is the unique identifier assigned to your computer by your Internet service provider. It is valid worldwide and consists, in its current most common form (IPv4), of four blocks of digits separated by full stops. Other than for tracking impermissible access to our website, we always use this data in a non-personal way. Instead, we only assess it on an anonymised basis to establish which of our web pages are the most popular, how many times they are accessed each day, and the like.

We use cookies so we can offer you our services online too. Cookies are small text files which are generated by a web server and stored on your computer via your browser. These cookies only contain technical data, generally random ID numbers which are needed to run the site or for gathering statistics. We never store personal data in cookies. We use session and persistent cookies. Session cookies, which are deleted, for example, when the browser is closed, are needed in order to log in to our online services. With persistent cookies, we simply identify your browser by means of an anonymous ID. This enables us, for example, to restore the settings you have made for the next time you visit. Persistent cookies also enable us to offer you online services tailored to your interests. Apart from our own cookies (first-party), there are cookies which may be created by third parties (third-party cookie). In each case, cookies can only be read by whoever created them. You can also control how cookies are managed in your browser settings. The options will depend on the browser in question. Please note that you will not be able to use all the services on this site if you apply a general ban on cookie storage.

Online banking
Granting or refusal of consent
When you visit our website, a message informs you that cookies are used. This also tells you that you accept these cookies by continuing to use our website (you can review this decision at any time by objecting to the creation of cookies). On our website, different types of cookies are used for different purposes. Some are required in order to use our website at all.

Essential cookies
These are cookies which are indispensable to the functionality of our website. They allow you to use the main functions of our website (such as accessing your account). Without these cookies, you would not normally be able to use our website at all. These are stored cookies which solely relate to the functionality of our website.

In order to improve the quality of our offer, we gather anonymised aspects of your user behaviour and allocate this to user groups. The data obtained from your visit is assigned to these groups for statistical purposes. Individual tracking of your behaviour on our website is not possible. We assign visits to the following groups: source/type of access, average duration of visit, date and time of access, and pages visited as well as services used, end device types, browser and browser version, operating system and version, and derived demographic information. This data is aggregated for statistical purposes and gathered on an anonymised basis, and your IP address is shortened by at least the last octet. It is impossible to trace anything back to you. Gathering of information for statistical purposes uses JavaScript, cookies, and so-called tracking pixels. Tracking pixels are small, invisible images the size of a pixel, hence the name. Any accessing of these images is logged by our web server. You can find a complete overview of the methods we use and the option to deactivate them at the end our privacy statement.

When you use our online services, in particular online banking or online product applications, we obtain personal data from you, which we use and store. The data gathered for statistical purposes may involve the transmission of personal data. In order to increase security and prevent fraud, your IP address is no longer shortened before storage when you log in to online banking. The processing concerned is justified by article 6 (1) f) (legitimate interest). At the same time, we do not use Google Analytics in relation to online banking and have no involvement at all with social media networks. We will only allow third-party access to gathered data if the relevant legislation requires this.

The TARGOBANK website uses Google Analytics, a web analysis service from Google Inc. Google Analytics uses cookies. The information generated by the relevant cookie about your use of our website is generally transmitted to a Google server in the USA and stored there. IP anonymisation is activated on this website. This means your IP address is shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area prior to transmission to the USA in such a way that it can no longer be linked to you specifically. As part of a contract data processing agreement with TARGOBANK, Google will use this information to assess your use of this website, compile reports about website activities, and provide us with other services associated with use of the website and the Internet. The assessments and reports provided by Google are only ever made available to and used by the website provider. The shortened IP address transmitted by your browser in connection with Google Analytics is not merged with other Google data. In the section on the options for raising objections, you will find information and links on how you can deactivate this option.

Google-Analytics
Opt-out browser plug-in: tools.google.com/dlpage/gaoptout?hl=de
Deactivation cookie: Deactivate now

Please note that if you use the deactivation cookie, you will have to repeat this process should you delete your cookies.

These days, banks, insurance companies, and other financial services providers can only carry out their work with the help of modern information technology. This is the only way to ensure contractual relationships are managed correctly, promptly, and economically. The use of this technology also provides better protection for customers against improper actions compared with manual processes.

The gathering, processing, and use of data disclosed to us, about you personally, using data-processing systems – the term automated processing is also used in this context – are governed by the GDPR. According to this, automated and non-automated processing is permissible if the GDPR or other legislative provisions allow it or the data subject has given their consent. Article 6 (1) b) of the GDPR allows this in all cases if it is required for the justification, performance, or termination of a quasi-contractual or contractual obligation. Besides the GDPR and the German Federal Data Protection Act, other data protection provisions in other legislation also apply.

We receive personal information about you via the following channels, among others:
- Directly from you
- Via transactions involving TARGOBANK and other institutions
- Via other companies, where permissible

We use information about you to manage the customer relationship with you and also to offer you other products and services. This includes using your data for advertising purposes and also for market research and opinion surveys. As far as legally permissible, we transmit information about you within TARGOBANK, to service providers we commission, to credit agencies, and to the extent required for us to fulfil our legal and regulatory obligations.

The automated and non-automated processing of your personal data is essentially intended to fulfil the services under the contract with you, including comprehensive advice (main purpose). It also includes advertising, including market research and opinion surveys, relating to our products and services. Other purposes include support for personnel and suppliers and any other measures to assist fulfilment of the main purpose. With a view to intensifying existing customer relationships, personal data regarding customer-specific details such as personal interests may be gathered from the customer directly in order to improve customer contact and deliver individualised customer benefits (bonuses, gifts). This kind of data gathering only ever takes place on a voluntary basis and with the customer’s consent. TARGOBANK will only process and use data obtained this way within the scope of the intended purpose. This data can be erased at any time at the customer’s request.

You have the right to inform us if you do not wish to receive any advertising from TARGOBANK or be contacted by TARGOBANK in connection with market research or opinion surveys regarding our products and services.

Besides the right of objection, you also have the following rights if the relevant statutory condition applies:

• Right of access, art. 15 GDPR
• Right to rectification, art. 16 GDPR
• Right to erasure (‘right to be forgotten’), art. 17 GDPR
• Right to restriction of processing, art. 18 GDPR
• Right to data portability, art. 20 GDPR
• Right to object, art. 21 GDPR

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data relating to you pursuant to article 6 (1) e) or f) of the GDPR; this also applies to profiling based on these provisions.

TARGOBANK ceases to process personal data relating to you unless it can prove there are compelling legitimate reasons for the processing which outweigh your interests, rights, and freedoms or the processing supports the assertion, exercise, or defence of legal claims.

If the personal data relating to you is processed in order to carry out direct advertising, you have the right at any time to object to the processing of the personal data relating to you for the purposes of this kind of advertising; this also applies to profiling, insofar as this relates to such direct advertising.

You can notify us of this at any time either in person, in writing, or by telephone. We make every effort to keep stored data correct and up to date on an ongoing basis. If you do identify any inaccuracies, however, please inform us immediately. In such cases, please contact your TARGOBANK branch or the data protection officer at TARGOBANK directly.

TARGOBANK has commissioned Group companies to fulfil its contractual obligations. Insofar as the Group companies are acting as contract processors for TARGOBANK, this is justified under article 28 of the GDPR. Please see below. Also, data processing is performed in accordance with article 6 (1) b) of the GDPR insofar as a contractual obligation is involved whereby you could recognise that transfer within the Group is required for fulfilment purposes. Justification in accordance with article 6 (1) f) of the GDPR (legitimate interest) may also apply, where we will explain the assumption of entitlement to you in the case concerned. Data transmission to Group companies only occurs, however, if the customer has decided to use their product or service.

TARGOBANK sometimes provides its services with the help of carefully selected contractual partners in the form of contract processing in accordance with article 28 of the GDPR. External contractors are subject to the GDPR, the German Federal Data Protection Act, and the instructions of TARGOBANK. As part of the Crédit Mutuel Alliance Fédérale Group, data centres and companies belonging to the French Crédit Mutuel Alliance Fédérale Group in France carry out data processing and provide technical support.

Technical support and provision of computing services
Program development and maintenance
Provision of investment services
Any product-specific transmission is listed in each case in the product conditions with further details

You can contact the following address in writing at any time with your questions and get information on data stored about you personally:

TARGOBANK AG
Datenschutz
Postfach 21 04 53
47026 Duisburg, Germany

The basis of our business relationship with our customers is generally the framework agreement with which we offer you a comprehensive package of declarations and agreements regarding the use of specific services we offer. We only store data which is required for the framework agreement and the fulfilment of statutory provisions.

First of all, these are your details in the context of this contract (application data). Then additional technical data is stored for the respective account or product contract, such as customer number, account/deposit account number, account balance, amount or duration of any loan or insurance, premium, bank account details, and if necessary any third-party details (contract data).

Independently of this balancing of interests to be performed on a case-by-case basis and with a view to ensuring a secure legal basis, a declaration of consent to data transmission in accordance with article 6 (1) a) of the GDPR has been included in the framework agreement. This continues to apply after the contract has ended, although it ceases if you withdraw it, which you may do at any time. If the declaration of consent is cancelled in full or in part, it may be the case that a contract will not be concluded. Despite the declaration of consent being withdrawn or cancelled in full or in part, data gathering, processing, and use may occur within the limits permissible by law.

In the case of transfers using IBAN and BIC and specially requested rapid transfers, the data associated with the transfer is forwarded via the unique payment information service operated worldwide by the Belgium-based Society for Worldwide Interbank Financial Telecommunication (SWIFT) to the credit institution of the beneficiary.

For system security reasons, SWIFT temporarily stores the transaction data at its data centres in the Netherlands and the USA. The reason for this information is a decision made by the data protection authorities in November 2006 in response to attempts by US authorities to access transferred data at SWIFT's data centre in the USA for the purposes of combating international terrorism.