Data Protection & Privacy
5 articlesGDPR compliance, data subject rights, retention policies, and cross-border transfers.
Cross-Border Data Transfer Rules
Defines the Bank's requirements and approved mechanisms for transferring personal data outside the European Economic Area, including adequacy decisions, Standard Contractual Clauses, and Binding Corporate Rules.
Updated 2025-10-20
Data Retention Policy
Establishes the Bank's data retention and disposal standards for all categories of personal and business data, including mandatory retention periods, secure destruction methods, and regulatory requirements.
Updated 2025-09-05
Data Subject Access Request (DSAR) Procedure
Step-by-step procedure for receiving, verifying, processing, and responding to Data Subject Access Requests under the GDPR, including timelines, exemptions, and escalation paths.
Updated 2025-07-10
GDPR Compliance Overview
Overview of the Bank's compliance framework for the EU General Data Protection Regulation (GDPR), covering data processing principles, lawful bases, data subject rights, and governance responsibilities.
Updated 2025-06-15
Privacy Impact Assessment Guide
Guidance on conducting Data Protection Impact Assessments (DPIAs) for new or changed processing activities that are likely to result in a high risk to individuals' rights and freedoms.
Updated 2025-12-10