Defending DNB’s legal claims

How do we process personal data?

We process personal data to assert our contractual rights and to protect our reputation and financial interests. We reuse information from our internal systems so that we can handle claims, complaints, disputes and legal processes for debt recovery or other disputes.  

The type of personal data we process depends on DNB Legal’s assessment of what is necessary to shed light on the individual case. Throughout your customer relationship and after your agreement expires, we must retain and have access to reuse your personal data in the event of debt recovery, claims, a complaint or legal dispute. If we did not retain case history, it would not be possible for us to handle debt recovery, claims, complaints, disputes and other legal processes. 

DNB has internal lawyers and a debt recovery department who provide legal services to the Group. DNB Legal and the debt recovery department process personal data about our clients only if it is relevant to the case they are considering.  

Why do we process your personal data and what is the legal basis?

The purpose of the processing of personal data is to administrate and fulfill the agreement with our customers, assert our contractual rights and to protect our reputation and financial interests. We have a legitimate interest for this processing of your personal data. Our legitimate interest is to safeguard the bank’s financial rights pursuant to agreements with our customers.  

The processing is also based on our legal obligation to establish, exercise or defend legal claims. We also have a legitimate interest in being able to process personal data in order for our lawyers and the debt recovery to provide legal advice. 

How long do we retain your personal data? 

The need to retain personal data is associated with the protection of our legal position related to the risk associated with the product, as well as the absolute limitation period for claims, cf. the Swedish Act relating to the Limitation Period for Claims.  

The personal data is saved during the entire contractual relationship and up to 12 months after the agreement is terminated. The personal data may be saved longer if it is needed to meet legal requirements. For example, information about granted credit is saved five years after the agreement has been terminated and the agreement itself is saved for seven years after termination of the agreement. In addition, personal data may be stored longer than 12 months after the agreement has been terminated in order to establish, defend and assert a legal claim, e.g. in the event of a dispute about payment. 

What are your rights? 

When we collect and process information about you, you have several rights under data protection rules and legislation.  

This includes the right of access, the right to data portability, the right to rectification of any errors and the right of erasure, which means that we must, on our own initiative, delete information that is no longer necessary for the purpose of the processing. We will always consider any objections you may have to the processing of your personal data, and we will follow up when you opt out of direct marketing. 

 Read about how you can exercise your data protection rights in our privacy notice under ‘Your rights’.  

Who is responsible?  

What type of personal data do we process?