Data Protection Policy
OTP Bank Plc., as the leading financial institution in Hungary, is committed to developing, operating and applying such a regulatory, executive and control system which ensures the safekeeping and protection of bank secrets, securities secrets as well as personal data in accordance with the criteria specified in relevant legal acts and its fundamental business interests.
The personal data processed by OTP Bank Plc. include in particular data required for identifying and liaising with customers, data required for the provision of a given service and/or data generated and processed in the course of the provision of the given service (including data related to claim enforcement), conclusions drawn, data derived from data processed by means of analysis, the data of the communication – performed on any communication channel – between OTP Bank Plc. and the data subject, certain data of the individual devices used for accessing the services provided by OTP Bank Plc. by the data subject and – if relevant – publicly accessible data.
OTP Bank Plc. treats all data, facts, information, solutions relating to its customers’ persons, data, financial situation, business activity, management, ownership and business relations, the balance and turnover on customers’ accounts it holds.
The legal framework for the protection of personal data is determined by the EU’s General Data Protection Regulation, the Act on the Right of Informational Self-Determination and on Freedom of Information, the Act on Credit Institutions and Financial Enterprises, the Act on Investment Firms and Commodity Dealers, and on the Regulations Governing their Activities, the Act on the Capital Market, other National legal acts governing the Bank’s activity and the EU’s compulsory legal acts.
When processing personal data, the Bank respects the principles of data protection. Accordingly, it ensures
- that personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject;
- that personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- that personal data processed shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- that personal data processed shall be accurate and, where necessary, kept up to date and it takes every reasonable step to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified;
- that personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
- that personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Data subjects may request written information with regard to the processing of their personal data and may submit their requests and complaints as well at the following contact details:
OTP Bank Nyrt., 1051 Budapest, Nádor utca 16.
OTP Bank Nyrt., 1876 Budapest
E-mail address: firstname.lastname@example.org
Phone number: (+36 1/20/30/70) 3 666 666
Data subjects may submit their written comments in respect of data processing to OTP Bank Plc.’s data protection officer as well:
dr. Asztalán Csaba
1131 Budapest, Babér u. 9.
Further, the data subject may as well submit a complaint at the Hungarian National Authority for Data Protection and Freedom of Information (http://naih.hu; 1125 Budapest, Szilágyi Erzsébet fasor 22/c; Postal address: 1530 Budapest, Pf.: 5.; Phone: +36-1-391-1400; Fax: +36-1-391-1410; E-mail: email@example.com).
OTP Bank Plc. treats all data transferred to it over the Internet using the same level of protection as if they were transferred to it using any other channel.