Last Updated: December 20, 2016
Thank you for visiting our website and your interest in solarisBank (hereinafter referred to as the "Bank"). Protecting your privacy when using our website is important to us. We are strongly committed to ensuring that any information you enter on our website will be treated with strictest confidence.
The data controller within the meaning of section 3 (7) of the Federal Data Protection Act (BDSG) is solarisBank AG, Anna-Louisa-Karsch Straße 2, 10178 Berlin, Germany. For questions relating to the collection, processing and use of personal data, you can get in touch via the postal address provided or via email at privacy[at]solarisbank.de.
Purpose of data protection
The purpose of data protection within the meaning of section 3 (1) of the Federal Data Protection Act (BDSG) is to protect personal data. Personal data refers to any information concerning the personal or material circumstances of an identified or identifiable natural person (data subject). An identifiable person is one who can be identified, directly or indirectly, e.g. using data necessary to complete a business transaction. This includes, for example, your name, address, telephone number, e-mail address and other data required to complete the transaction. This does not include data that cannot be used to identify any particular individual.
You can visit our website without disclosing any personal data. Whenever you visit our website the data of your visit will be automatically stored in a log file ("log data"). Anonymously, we learn only your IP address, the website from which you visit us, the websites you visit on our site, the retrieved files, and the date and time of the visit.This data will be evaluated for statistical and market research purposes. The IP address is stored for security reasons. If it is to be used for marketing purposes, it is anonymized in advance.
Collection and storage of personal data
We will only collect your personal data that you choose to disclose for specific purposes, e.g. to respond to your queries when prompted.
If you send us personal data by email or by completing electronic forms, you do so on a voluntary basis. Our trained staff shall treat your personal data with the strictest of confidence and process and store the data only for the respective purpose.
We only collect, process and use personal data that you provide us with on a voluntary basis, i.e. by completing an electronic form or by sending us an email, for the specific purpose you have submitted the data to us e.g. to register for personalized services, answer queries, account openings or account management, credit application and solvency checks, technical administration or performance of contractual relationships. The personal data will be treated in strictest confidentiality and will only be stored until the purpose it was collected for is fulfilled, respectively as long as we are required by law to store the data.
The personal data will be used to provide financial and other services. If you have explicitly given your consent, you will also receive product information.
Personal information that you voluntarily disclose online can (e.g. in a chat room, in a community in forums) be collected and used by others. If you post personal information in publicly accessible online forums, you may receive unsolicited messages from other parties in return. Please be careful and responsible whenever you are using the Internet. Ultimately, you are solely responsible for maintaining the secrecy of your password and any personal information.
Cross-border and priority transfers
In the case of cross-border transfers and specially commissioned priority transfers, the data contained in the transfer document is forwarded to the beneficiary’s bank via the Society for Worldwide Interbank Financial Telecommunication (SWIFT) in Belgium. For reasons of system security, SWIFT temporarily stores transaction data on payments in its two data centres in the Netherlands and the United States.
Disclosure of data
Personal data you disclose to us via our website or by email (e.g. your name and address or email address) will only be used to communicate with you and for the specific purpose you provided it for.
If it is necessary to prosecute a case, personal data may be disclosed to law enforcement agencies, as well as any damaged third parties. Nevertheless, this is subject to the provision of specific evidence of unlawful or abusive conduct. Personal information may also be disclosed when this is necessary to assert the terms and conditions of use or other agreements.
We are also required by law to provide information to certain public authorities, such as law enforcement, financial authorities, authorities that can impose fines for administrative offences upon request.
Where we use external service providers to provide services, e.g. customer services or the hosting of our websites or apps, on our behalf as part of contract data processing, we disclose information to these companies or individuals to the extent necessary to fulfil their contractual duties.
We work with our business partners who help us to make our products and services and the website more interesting for you. This means that when you visit our website cookies from our business partners will also be stored on your hard drive. The cookies stored in this way will be deleted automatically after a specified time. The data collected using a cookie ID will enable our advertising partners to deliver relevant advertising to you.
You can prevent cookies from being stored on your computer by configuring your browser not to accept cookies, notify you automatically when sites try to store cookies or to block all cookies already received. Please note that if you do this, some features of this website may no longer function properly. If you only wish to accept our cookies but not those from our service providers and partners, you can configure your browser accordingly.
Google Analytics and Google Tag Manager
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet use. Google will not associate your IP address as transmitted by Google Analytics and Google Tag Manager with any other data held by Google.
You can prevent the collection of cookies by adjusting the settings of your internet browser; however, we point out that in this case you will possibly not be able to use our website to the full extent. Sie können darüber hinaus die Erfassung der durch das Cookie erzeugten und auf Ihre Nutzung der Website bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google verhindern, indem Sie das Browser-Plugin von Google herunterladen und installieren.
Alternatively to blocking the data collection via browser-plugin or on mobile browsers, you can prevent the data collection by Google Analytics via an opt-out cookie. For this, please click on the link below and an opt-out cookie will be generated that will prevent the collection of your data from the point you will visit our website the next time. Google Analytics deaktivieren.
For more information about Google and data protection, see the Overview of Data Protection and the Data Protection Policy of Google.
Google AdWords Conversion Tracking
Credit ratings in the context of credit requests
For the purpose of deciding upon the establishment, implementation or termination of the contractual relationship, alongside address validation we use information about your previous payment behaviour and probability figures regarding your future behaviour. In these calculations, address and other data are used. This information is received from the following agencies: Deutsche Multiauskunftei GmbH, Haid-und-Neu-Str. 7, 76131 Karlsruhe; Creditsafe Deutschland GmbH, Schreiberhauerstr. 30, 10317 Berlin; SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden.
Release from Banking Secrecy
For the purpose of allowing us to transmit your personal data regarding your application, entering in and termination of a credit agreement with the Bank to above mentioned credit bureaus, you would have to declare the following:
“I hereby authorize solarisBank with exemption from banking secrecy and thus to transmit all data associated with the credit agreement to the above-mentioned credit agencies, in compliance with the applicable data protection laws.”
Accessing account information during loan applications
For the purposes of the decision as to whether to grant credit, we use so-called account views. For the purpose of the lending decision, the account view allows us access to information from your bank account, after you have entered the sort code, account number and online PIN on your input screen. Via this, all transactions from the last 12 months are read once, then processed and used by us. Specifically, this applies to: Date, amount, reference, sender for incoming payments or beneficiary in outgoing payments (in each case, name, IBAN and BIC) of transactions and the identity and contact information of the account holder, including account balance and overdraft limits. We use the data thus obtained to calculate a score value and thus to assess your credit rating based on a scientifically recognized mathematical and statistical method. The score value is thus not based exclusively on address data. The account view itself is performed by the service provider FinTecSystems GmbH, Gottfried-Keller-Str. 33, 81245 Munich. The data is held in ISO 27001-certified data centres in Germany and transferred with encryption both to our service providers as well as to your bank.
To carry out the account overview as part of a credit application, you give the following statement:
Consent may as mentioned be revoked for the future at any time, in writing and via postal mail to the contact mentioned above under “responsible party”.
Applications through our job portal
Under the heading “Jobs” you can check our current vacancies. Unless you select a specific job, you will be directed to our Job Portal. This is a service provided by Jobvite Inc., 1300 S El Camino Real, 400 San Mateo, CA, 94402, USA (“Jobvite”). Jobvite has joined the so-called EU-US Privacy shield agreement and has thus ensured provision of an appropriate level of data protection for personal data.
Personal information that you provide to us as part of your online application (such as first and last name, email address, telephone number, nationality, data on education, desired starting date and cover letter), will be treated by us confidentially and used only for conducting the application process. The data are transferred to and stored on servers in the United States. They are encrypted both during transport to and during storage in ISO 27001-certified data centres. The data are used only for internal candidate selection, i.e. evaluation of candidates, interviews and where relevant for selection procedures. The personal data will not be transmitted to third parties unless you have expressly consented to such transmission (e.g. with companies from the FinLeap or HitFox groups).
For more information about Jobvite and privacy, see the Data Protection Policy and the Security Advice of Jobvite.
Secure Data Room
We offer a secure data room to deploy and manage files in the context of working together with our partners. To log in, a user name and password are required. You will receive further information on this when you take up use of the secure data room. The data is stored only in ISO 27001-certified data centres in Germany and used exclusively for collaboration in the framework of the provision of our services (see above on the collection and storage of personal data).
We provide our partners and customers with information about us and our services. To receive the newsletter, you have to provide us with a valid email address. In addition, we need your prior express consent. We will verify that you are the owner of the specified email address or that the owner consents to receiving the newsletter. We will not collect any other data. This data will only be used to send the newsletter and will not be disclosed to third parties.
When you register to receive the newsletter, we will store your IP address and the date of the subscription for verification purposes in the event that a third party misuses the email address and subscribes to receive the newsletter without the knowledge of the authorised owner.
You may at any time revoke your consent that allows us to store your data and your email address and to use it to send the newsletter. To revoke your consent, please use the link in the newsletter to send us an email to that effect.
Our website contains links to other websites. We do not have any control over the content of websites operated by third parties. The websites we link to are not governed by this privacy statement and the assurances contained therein.
Websites where we collect personal data from our web site visitors are usually encrypted with your browser's built-in encryption module. These websites, including the internet banking systems of the Bank, use technical and organisational measures to protect users against loss, destruction, access, modification or dissemination of your data by unauthorized persons. In addition, the Bank has implemented comprehensive security measures based on the latest technology standards. The Bank uses a firewall system to prevent third-party access. This state-of-the-art technology uses multiple layers of encryption and identification to prevent unauthorised access or interception of customer data during transmission. Personal data are encrypted before transmission.
Any information you provide is stored on servers located in Germany.
Protection of minors
Right to information, erasure of data and the right to revoke consent
Under Article 34 of the Federal Data Protection Act, data subjects are entitled to request information about the personal data we store on you, its origin and recipients as well as the purpose of storing the data at any time.
In case we have to perform a credit rating or request a third party credit rating in order to evaluate your creditworthiness, you are equipped with the right of access as it is defined in section 32 para 2 & 4 of the German Federal Data Protection Act (BDSG). You can also claim these rights against above mentioned credit bureaus.
If you do not agree with the storage of personal data, you have the right to revoke your consent to data processing and use at any time with effect for the future. To revoke your consent, you have to send us an email with "Data protection officer of solarisBank" in the subject and stating your address and email address to privacy[at]solarisbank.de.
In addition, you are also entitled to have your personal data corrected, erased or blocked. To have your personal data corrected, erased or blocked, please send the relevant request by email to datenschutz[at]solarisbank.de, with “data deletion”, “data blocking” OR “data correction” in the subject line. To the extent permissible by law, we will either have the stored data erased or blocked or make the necessary corrections.
If you have any questions regarding the collection, processing or use of your personal data, data protection in general, or if you have any complaints, please contact our data protection officer by email at privacy[at]solarisbank.de, who will be happy to assist you.
We will make every effort to answer your questions as quickly as possible.