Landsbankinn processes personal data for clear and stated purposes in accordance with the Data Protection Act, the Bank's rules and this Policy. Processing of personal data may have various purposes, such as:
- To contact you, identify you and ensure the security and reliability of business transactions, through such means as due diligence on customers. The Bank contacts customers through various channels, such as email, notifications in online banking, Landsbankinn’s app, the Bank’s website and social media.
- Carry out requested transactions, provide financial services and advice and respond to enquiries, such as establish and maintain a business relationship, perform payment and credit assessments and determine self-service authorisations, assess credit risk and prevent borrowing from exceeding repayment capacity, analyse financial standing with regard for the Bank’s product and service offering in order to provide advisory service, including on asset management, pension savings or other service, receive applications for and remit pension savings.
- For security and archiving purposes to safeguard the interests of customers, employees and others who have dealings with the Bank, ensure the traceability of transactions through such means as electronic monitoring and investigate issues or prevent money laundering, terrorist financing, fraud and other criminal conduct.
- Develop the Bank’s product and service offering, promote innovation and boost service levels, offer personalised and tailored services, respond to suggestions and complaints and process answers to marketing and/or service questionnaires.
- Develop solutions and reports for the purpose of credit and risk management, such as to measure and monitor credit risk, operational risk, market risk, underwriting risk and for internal treasury purposes.
- Operate and maintain the Bank's websites and online services and improve user experience online, in Landsbankinn’s app and online banking for individuals and corporates and, as the case may be, the Bank’s other web-based solutions.
- Respond to legal requests and ensure cyber and data security by, among other things, analysing, investigating and preventing fraud and other misconduct.
- For marketing and promotional purposes and to provide personalised and tailored services, send messages about benefits and material that may interest you or you have requested. Note that photographs and video recordings are made at conferences, promotions and other events hosted by the Bank and that these may appear publicly on the Bank’s websites, including social media.
- Perform statistical analysis on certain products, services or communication channels, front office or other individual functions in the Bank’s operation. Such analysis is based on non-personally identifiable data, if possible.
Lawfulness of processing of personal data
For the most part, the gathering and other processing of your personal data by the Bank is based on a contract between you and the Bank for specific services and to provide the requested financial service or to satisfy legal obligations the Bank is subject to as a regulated entity on the financial market. In certain cases, the Bank will request your informed consent to process personal data. In such cases, you can withdraw your consent at any time, and then the processing covered by the consent is terminated.
Finally, your data may be processed if it is necessary for the purposes of legitimate interests pursued by the Bank, you yourself or a third party. Such processing does not take place if it is clear that your interests outweigh the interest of the Bank or a third party. The following processing operations are based on legitimate interests: processing of basic information from Registers Iceland, determination of benefit programmes for customers and retention of the business history of former customers, classification and monitoring of loans, development and testing of new products and services, for marketing purposes and target group analysis, and for cyber and information security purposes.
In certain instances, the Bank creates a personal profile using automated processing of your personal data to assess or anticipate aspects of your finances, such as development of financial standing or probability of default. Calculation of a credit score is an example of profiling. Profiles may also be prepared for marketing and cyber and information security purposes, e.g. to determine which benefit programme suits you best, and by employing pattern analysis in online banking to maximise the safety of your financial information.
Profiling may also be a factor in automated decision-making that relates to you. In automated decision-making your personal data is processed automatically by software to reach a decision without the aid or involvement of human agency. Automated decision-making is used, for instance, to determine the amount of self-service lending in Landsbankinn’s app, based on such factors as your credit score.
Automated decision-making only takes place with your consent, if it is a prerequisite for the conclusion or execution of an agreement between you and the Bank, or if authorised by law. You can submit objections or contest automated decisions by email to firstname.lastname@example.org.