Facts about GDPR
The General Data Protection Regulation (GDPR) is an EU regulation effective from 25 May 2018, that aims to:
-
Strengthen citizens' fundamental rights in the digital age
-
Facilitate business by simplifying rules for companies in the Digital single market
-
Make organisations accountable for how personal data is managed
This regulation applies to all companies and organisations that work with EU data e.g. social media corporations, your local doctor, and is not just restricted to the financial sector.
What is considered personal data?
Personal data is any information that can be directly or indirectly referred to a natural person. This means that personal data is not only information such as a name, a personal identity or an address, but it is also any information that can directly or indirectly be referred to any person, such as transaction information, IP addresses, Nordea User ID, log files from an Internet bank and assessments.
What is not considered personal data?
This is where the data subject (individual) is no longer identifiable, as it is depersonalised, and any key to reversing the data anonymity has been destroyed. Aggregate data such as analytics and statistical analysis is also not classified as personal data as well as company data such as reports, slidepacks, codes, documents and analysis.
How does Nordea handle my personal data?
As a data controller Nordea processes personal data to deliver the products and services that are agreed between the parties and for other purposes, such as to comply with laws and other regulations. For detailed information on Nordea’s processing of personal data, please review Nordea’s privacy policy, which is available on Nordea’s website or by contacting Nordea.
The privacy policy contains information about the rights in connection with the processing of personal data, such as the access to information, rectification and data portability.
For the Sandbox related services, Nordea will use your personal data to provide the services to you. We might also communicate to you through the portal or other means such as email to send you a newsletter relating to the Sandbox, communication and feedback and development of the Sandbox and related services.
What should I do to get my personal data deleted?
All data we collect from you is visible on the developer portal page after you log in. If you want to get your account deleted, please contact us:
Nordea Open Banking contact form
Your account & personal data will be deleted after 2 years of inactivity
In accordance with the GDPR your account and personal information will be deleted if your Developer Portal account is inactive for more than two years. Please be aware that the termination of your account will remove your teams and your apps in the Developer Portal. Read more in the Terms & conditions.