Information on the processing of your personal data at Sydbank
The below provides you with information on how Sydbank acts as a data controller in accordance with the data protection rules. Sydbank's Privacy Policy comprises all relevant business lines, subsidiaries and employees. You can read how and when we collect, process, disclose and store your personal data.
Personal data is information which can be used to identify you - either by itself or combined with other information, eg your name, civil registration number, account number and income. The information is treated in confidence and in accordance with the Danish Financial Business Act, the General Data Protection Regulation, the Danish Data Protection Act and Sydbank's Terms and Conditions.
Our processing of your personal data depends on your relationship with us. In the following you can read more about how we process your personal data when you:
- use our websites, newsletters, email services and applications
- are a customer
- are considering becoming a customer
- have a connection with one of our retail clients
- have a connection with one of our corporate clients or an association.
How we process personal data you have provided when using our websites, newsletters, email services and applications
Via our websites and in our applications we offer a number of services which imply that you enter necessary information such as your name, address, account number and email address. This information is only used to respond to your enquiry and provide you with the service in question. Moreover we receive information about your IP address read more in our information about cookies.
We only send newsletters if you have signed up and by doing so consented to us contacting you. You may unsubscribe at any time via a link in the newsletter.
How we process personal data at Sydbank - when you are a customer
1. Collection and processing of personal data
Why do we process personal data about you?
We process personal data about you to be able to serve and advise you, to fulfil our agreements with you, to protect you and the Bank from fraud and to comply with the statutory requirements imposed on us as a financial undertaking.
The Bank processes information for the purpose of offering financial services of any kind, including payments, advisory services, customer relationship management, customer administration, insurance mediation and mortgage mediation, credit ratings, internal risk management, marketing and fulfilment of obligations in accordance with legislation.
Which personal data do we process?
Depending on the type of products and services you have or have shown an interest in, we process various information about you:
- Basic personal data, eg name, address, tax-related issues, citizenship, civil registration number and any CVR number
- Financial information, eg income, debt and assets
- Information about your job, occupation and education
- Information about your household and your family
- Information about the products and services you receive from us, how you use them as well as the purpose and expected scope of your customer relationship with the Bank
- Copy of proof of identity, eg passport or driving licence
- We register our communications with you and record certain conversations, eg in connection with investments. We have set up video surveillance, including at entrances and ATMs.
If you do not provide us with the information requested we may be unable to provide you with advisory services or otherwise serve you. In some instances it may mean that the customer relationship must be terminated. This could be the case for instance if the information is necessary according to legislation.
Sensitive personal data
As a rule Sydbank only collects and processes sensitive information about you if you have given your consent, cf Article 9(2)(a) of the General Data Protection Regulation. However if you provide us with material, eg an email or a budget containing sensitive personal data about your health or your membership of a political party or a trade union, this will be considered your acceptance that the Bank may store the information, for example in the budget you have submitted. The Bank will not use the information in other contexts.
Information from third parties
If you use credit cards or payment cards, e-banking or other payment services, we will obtain information from you, shops, banks and others. We do this for instance in order to execute and adjust payments and to prepare bank statements, payment overviews etc.
We obtain information from the Danish Central Office of Civil Registration as well as other sources and records accessible to the general public. In connection with credit assessments we examine whether information has been registered about you with credit information agencies and on warning lists. This information is updated for as long as you are a customer.
Storage of your data
We will store your data for as long as it is necessary in relation to the purposes for which we collected and processed your data.
According to the Danish Money Laundering Act, the Danish Bookkeeping Act etc, we will store information, documents and other relevant registrations for at least five years after the termination of the business relationship or completion of the individual transaction.
Subject to request registered communications and recorded conversations in accordance with the MiFID rules (rules on investments) are available to you for five years. In exceptional cases the Danish FSA among others may request that the data is available for up to seven years. As a rule video recordings are stored for no more than 30 days in accordance with the Danish TV Surveillance Act.
We will store certain information concerning lending for at least 20 years in accordance with the Capital Requirements Regulation for the purpose of preparing credit models. Furthermore we will store your account number and the most recent entries for 20 years in accordance with the provisions of the Danish Time Limitation Act where the information concerns a deposit account. This enables us to provide documentation that the account balance has been paid out correctly.
2. Our legal basis for processing your personal data
Sydbank will register and use your personal data where:
- necessary in order for us to fulfil agreements on products and services which we make available, cf Article 6(1)(b) of the General Data Protection Regulation
- you have given consent to the processing of your personal data for a specific purpose, cf Article 6(1)(a) of the General Data Protection Regulation
- we are obliged to do so according to legislation, cf Article 6(1)(c) of the General Data Protection Regulation. In addition to the financial regulation in eg the Danish Financial Business Act, requirements exist under other legislation including in particular:
- the Danish Money Laundering Act, according to which we are under an obligation to obtain proof of identity as well as information about the purpose and expected scope of the customer relationship. The information obtained is used for instance to classify the Bank's customers according to risk. Furthermore we are obliged to monitor financial transactions with the aim of preventing money laundering and terrorist financing and to report relevant information to public authorities. We are obliged to identify whether you are a politically exposed person (PEP) or closely related to one because special measures must be observed. A PEP is a person who is entrusted with one or more prominent public functions.
- the Danish Tax Reporting Act, according to which we are obliged to disclose information to the Danish Customs and Tax Administration about your financial circumstances. If according to our information your country of tax residence is outside Denmark we are moreover obliged to report information subject to special rules to the Danish Customs and Tax Administration, which may in turn exchange the information with the tax authorities of other countries.
- the Danish Credit Agreements Act, according to which we are obliged in some cases to obtain and process information about your income, assets and your disposable amount when you request a loan or credit facility from us. We do this to be able to assess whether you are in a position to repay the loan or credit facility.
- the Danish Bookkeeping Act, according to which we are obliged to register and store bookkeeping records - eg information about entries on your account.
- the Danish Act on Payments, which regulates how and on which conditions we may process your payment information.
- necessary to pursue a legitimate interest for the Bank, cf Article 6(1)(f) of the General Data Protection Regulation, eg to prevent misuse and loss, to strengthen IT and payment security or for direct marketing purposes after considering your interests and the Bank's interests.
3. Disclosure and transfer of personal data
In order to fulfil agreements with you, eg if you have asked us to transfer an amount, we will pass on information necessary to identify you and carry out the agreement. In some instances we will be obliged to disclose information about your identity to the bank which is to receive the money, cf the regulation on information accompanying transfers of funds.
Moreover we will disclose information about you to public authorities to the extent we are obliged to do so according to legislation, including to the Money Laundering Secretariat of the Danish State Prosecutor for Serious Economic and International Crime in accordance with the Danish Money Laundering Act and to the Danish Customs and Tax Administration in accordance with the Danish Tax Reporting Act. The Bank exchanges information with branches abroad in connection with reporting to the Money Laundering Secretariat.
In addition we exchange information within the group and with external business partners (including correspondent banks and other financial institutions) if you have given your consent or if such disclosure is possible according to legislation, eg the Danish Financial Business Act or the Danish Money Laundering Act.
We are obliged to pass on information about you and your loan and credit issues to Danmarks Nationalbank and the Danish FSA in accordance with the National Bank of Denmark Act and the Danish Financial Business Act for the purpose of monitoring financial stability.
If you are in breach of your obligations to us we may report you to credit information agencies and/or warning lists in accordance with the Danish Data Protection Act.
In connection with IT development, hosting and support your personal data is transferred to data processors, including data processors in third countries outside the EU and EEA. We employ a number of legal mechanisms, including standard contracts approved by the EU Commission or the Danish Data Protection Agency, to ensure that your rights and the level of protection follow your personal data. A list of countries to which the Bank transfers personal data as well as draft standard contracts are available at sydbank.dk.
How we process personal data at Sydbank - when you are considering becoming a customer
1. Collection and processing of personal data
Why do we process personal data about you?
Sydbank processes personal data about you because you have shown an interest in becoming a customer with us. We need information about you to assess the possibility of establishing a customer relationship with you and to give you relevant offers.
Which personal data do we process?
Depending on the type of products and services in which you have shown an interest, we collect and register various information about you:
- Basic personal data, eg name, address, tax-related issues, citizenship, civil registration number and any CVR number
- Financial information, eg account and custody account numbers with your current bank, income, debt and assets
- Information about your job, occupation and education
- Information about your household and your family
- Purpose and expected scope of your customer relationship with the Bank
- Copy of proof of identity, eg passport or driving licence
- We register our communications with you and we have set up video surveillance, including at entrances and ATMs.
If you do not provide us with the information requested we may be unable to provide you with advisory services or otherwise serve you. In some instances it may mean that we cannot establish a customer relationship with you. This could be the case for instance if the information is necessary according to legislation.
Sensitive information
As a rule Sydbank only collects and processes sensitive information about you if you have given your consent, cf Article 9(2)(a) of the General Data Protection Regulation. However if you provide us with material, eg an email or a budget containing sensitive personal data about your health or your membership of a political party or a trade union, this will be considered your acceptance that the Bank may store the information, for example in the budget you have submitted. The Bank will not use the information in other contexts.
Information from third parties
We obtain information from the Danish Central Office of Civil Registration as well as other sources and records accessible to the general public. In connection with credit assessments we examine whether information has been registered about you with credit information agencies and on warning lists. This information is updated regularly.
Storage of your data
We will store information you have given us for two years - even if you do not become a customer with us. We do this for instance to safeguard against fraud and to be able to provide documentation of our correspondence and any consent to receive marketing communications.
2. Our legal basis for processing your personal data
Sydbank will register and use your personal data where:
- necessary in order for us to assess whether you can become a customer, cf Article 6(1)(b) of the General Data Protection Regulation
- you have given consent to the processing of your personal data for a specific purpose, cf Article 6(1)(a) of the General Data Protection Regulation
- we are obliged to do so according to legislation, cf Article 6(1)(c) of the General Data Protection Regulation. In addition to the financial regulation in eg the Danish Financial Business Act, requirements exist under other legislation including in particular:
the Danish Money Laundering Act, according to which we are under an obligation to obtain proof of identity as well as information about the purpose and expected scope of the customer relationship. The information obtained is used for instance to classify the Bank's customers according to risk. We are obliged to identify whether you are a politically exposed person (PEP) or closely related to one because special measures must be observed. A PEP is a person who is entrusted with one or more prominent public functions.
the Danish Credit Agreements Act, according to which we are obliged in some cases to obtain and process information about your income, assets and your disposable amount when you request a loan or credit facility from us. We do this to be able to assess whether you are in a position to repay the loan or credit facility.
necessary to pursue a legitimate interest for the Bank, cf Article 6(1)(f) of the General Data Protection Regulation, eg to prevent misuse and loss, to strengthen IT and payment security or for direct marketing purposes after considering your interests and the Bank's interests.
3. Disclosure and transfer of personal data
In connection with IT development, hosting and support your personal data is transferred to data processors, including data processors in third countries outside the EU and EEA. We employ a number of legal mechanisms, including standard contracts approved by the EU Commission or the Danish Data Protection Agency, to ensure that your rights and the level of protection follow your personal data. A list of countries to which the Bank transfers personal data as well as draft standard contracts are available at sydbank.dk.
How we process personal data at Sydbank - when you have a connection with a retail client
1. Collection and processing of personal data
Why do we process personal data about you?
Sydbank processes personal data about you because you have a connection with one of our retail clients or a potential customer, eg if you are a beneficiary, executor- /administrator, guardian, hold a power of attorney, are a guarantor or a third-party chargor. We process information about you in order to comply with the statutory requirements imposed on us as a financial undertaking, because the customer relationship requires us to do so and so that you can conduct transactions in accordance with the requests of our customer.
The purpose of processing personal data about you is to offer financial services and products of any kind to our customer and to communicate with you and/or our customer in this regard.
Which personal data do we process?
Depending on your connection with our customer we collect and register various information about you. We always register:
- basic personal data, eg name, address, civil registration number and any CVR number
- our communications with you and we record certain conversations, eg in connection with investments. We have set up video surveillance, including at entrances and ATMs.
Additional personal data will be collected if you hold a power of attorney or you are a guardian:
- Information about the products and services you receive from us, eg e-banking or cards, and how you use them
- In some instances copy of proof of identity, eg passport or driving licence, depending on the specific authority or guardianship.
Additional personal data will be collected if you are a beneficiary or an executor/administrator:
- Copy of proof of identity, eg passport or driving licence.
Additional personal data will be collected if you are a guarantor or a third-party chargor:
- Copy of proof of identity, eg passport or driving licence
- Information about your job, occupation and education
- Financial information, eg account and custody account numbers, income, debt and assets.
If you do not provide us with the information requested we may be unable to provide advisory services or otherwise serve you or our customer. This could be the case for instance if the information is necessary according to legislation.
Sensitive information
As a rule Sydbank only collects and processes sensitive information about you if you have given your consent, cf Article 9(2)(a) of the General Data Protection Regulation. However if you provide us with material, eg an email containing sensitive personal data, this will be considered your acceptance that we may store such information. The Bank will not use the information in other contexts.
Information from third parties
If on the basis of a power of attorney or a guardianship you use credit cards or payment cards, e-banking or other payment services, we will obtain information from you, shops, banks and others. We do this for instance in order to execute and adjust payments and to prepare bank statements, payment overviews etc.
We obtain information from the Danish Central Office of Civil Registration as well as other sources and records accessible to the general public. In connection with credit assessments if you are a guarantor or a thirdparty chargor, we examine whether information has been registered about you with credit information agencies and on warning lists. We will update the information regularly for as long as required by your connection with our customer.
Storage of your data
We will store your data for as long as it is necessary in relation to the purposes for which we collected and processed your data.
In accordance with the Danish Money Laundering Act, depending on your connection with our customer, we will store information, documents and other relevant registrations about you for at least five years after termination of the business relationship with the customer with whom you are connected.
Subject to request registered communications and recorded conversations in accordance with the MiFID rules (rules on investments) are available to you for five years. In exceptional cases the Danish FSA among others may request that the data is available for up to seven years. As a rule video recordings are stored for no more than 30 days in accordance with the Danish TV Surveillance Act.
2. Our legal basis for processing your personal data
Sydbank will register and use your personal data where:
- necessary in order for us to fulfil agreements on products and services which we make available, cf Article 6(1)(b) of the General Data Protection Regulation
- you have given consent to the processing of your personal data for a specific purpose, cf Article 6(1)(a) of the General Data Protection Regulation
- we are obliged to do so according to legislation, cf Article 6(1)(c) of the General Data Protection Regulation. In addition to the financial regulation in eg the Danish Financial Business Act, requirements exist under other legislation including in particular:
- the Danish Money Laundering Act, if you are a guarantor, third-party chargor, holder of a power of attorney, executor/administrator, guardian or beneficiary: We are under an obligation to obtain proof of identity from you and in general we are obliged to monitor financial transactions with the aim of preventing money laundering and terrorist financing and to report relevant information to public authorities.
- necessary to pursue a legitimate interest for the Bank, cf Article 6(1)(f) of the General Data Protection Regulation, eg to prevent misuse and loss, to strengthen IT and payment security or for direct marketing purposes after considering your interests and the Bank's interests.
3. Disclosure and transfer of data
In order to fulfil agreements with you and our customer we will pass on information necessary to identify you and carry out the agreement.
Moreover we will disclose information about you to public authorities to the extent that we are obliged to do so according to legislation, including to the Money Laundering Secretariat of the Danish State Prosecutor for Serious Economic and International Crime in accordance with the Danish Money Laundering Act. The Bank exchanges information with branches abroad in connection with reporting to the Money Laundering Secretariat.
In addition we exchange information within the group and with external business partners (including correspondent banks and other financial institutions) if you have given your consent or if such disclosure is possible according to legislation, eg the Danish Financial Business Act or the Danish Money Laundering Act.
If you have provided security for a facility we may be obliged to disclose information about you to Danmarks Nationalbank and the Danish FSA in accordance with the National Bank of Denmark Act and the Danish Financial Business Act for the purpose of monitoring financial stability.
In connection with IT development, hosting and support your personal data is transferred to data processors, including data processors in third countries outside the EU and EEA. We employ a number of legal mechanisms, including standard contracts approved by the EU Commission or the Danish Data Protection Agency, to ensure that your rights and the level of protection follow your personal data. A list of countries to which the Bank transfers personal data as well as draft standard contracts are available at sydbank.dk.
How we process personal data at Sydbank - when you have a connection with a corporate client or an association
1. Collection and processing of personal data
Why do we process personal data about you?
Sydbank processes personal data about you because you have a connection with one of our association clients, corporate clients or a potential association client or corporate client, for instance if you are a beneficial owner (including if you take part in the day-to-day management or are a board member of an association), executive manager, authorised signatory, guarantor, third-party chargor, holder of a power of attorney, contact person or because an agreement has been concluded between you and one of our corporate clients (eg a stockbroker or a lawyer). We process information about you in order to comply with the statutory requirements imposed on us as a financial undertaking, because the customer relationship requires us to do so and/or so that you can conduct transactions in accordance with the requests of our customer.
The purpose of processing personal data about you is to offer financial services and products of any kind to our customer and to communicate with you and/or our customer in this regard.
Which personal data do we register and use?
Depending on your connection with our customer we collect and register various information about you. We always register:
- basic personal data, eg name, address, civil registration number and any CVR number
- our communications with you and we record certain conversations, eg in connection with investments. We have set up video surveillance, including at entrances and ATMs.
Additional personal data will be collected if you hold a power of attorney:
- Information about the products and services you receive from us, eg e-banking or cards, and how you use them
- In some instances copy of proof of identity, eg passport or driving licence, depending on the specific authority.
Additional personal data will be collected if you are a beneficial owner (including if you take part in the day-today management or are a board member of an association):
- Information about citizenship and copy of proof of identity, eg passport or driving licence.
Additional personal data will be collected if you are a guarantor or a third-party chargor:
- Copy of proof of identity, eg passport or driving licence
- Information about your job, occupation and education
- Financial information, eg account and custody account numbers, income, debt and assets.
If you do not wish to provide us with the information requested or if we assess that the information is insufficient, we may be unable to provide advisory services or otherwise serve you or our customer. This could be the case for instance if the information is necessary according to legislation. In some cases it may mean that we are unable to establish a customer relationship with the corporate client with whom you have a connection or that the customer relationship must be terminated.
Sensitive information
As a rule Sydbank only collects and processes sensitive information about you if you have given your consent, cf Article 9(2)(a) of the General Data Protection Regulation. However if you provide us with material, eg an email containing sensitive personal data, this will be considered your acceptance that we may store such information. The Bank will not use the information in other contexts.
Information from third parties
If on the basis of a power of attorney you use credit cards or payment cards, e-banking or other payment services, we will obtain information from you, shops, banks and others. We do this for instance in order to execute and adjust payments and to prepare bank statements, payment overviews etc.
The Bank obtains information from the Danish Central Office of Civil Registration as well as other sources and records accessible to the general public. In connection with credit assessments if you are a guarantor or a third-party chargor, we examine whether information has been registered about you with credit information agencies and on warning lists. We will update the information regularly for as long as required by your connection with our customer.
Storage of your data
We will store your data for as long as it is necessary in relation to the purposes for which we collected and processed your data.
In accordance with the Danish Money Laundering Act, depending on your connection with our customer, we will store information, documents and other relevant registrations about you for at least five years after termination of the business relationship with the customer with whom you are connected.
Subject to request registered communications and recorded conversations in accordance with the MiFID rules (rules on investments) are available to you for five years. In exceptional cases the Danish FSA among others may request that the data is available for up to seven years. As a rule video recordings are stored for no more than 30 days in accordance with the Danish TV Surveillance Act.
2. Our legal basis for processing your personal data
Sydbank processes personal data about you where:
- you have given your consent, cf Article 6(1)(a) of the General Data Protection Regulation
- necessary in order for us to fulfil agreements on products and services which we make available, cf Article 6(1)(b) of the General Data Protection Regulation
- we are obliged to do so according to legislation, cf Article 6(1)(c) of the General Data Protection Regulation. In addition to the financial regulation in eg the Danish Financial Business Act, requirements exist under other legislation including in particular:
- the Danish Money Laundering Act, if you are a guarantor, third-party chargor, holder of a power of attorney or a beneficial owner: We are under an obligation to obtain proof of identity from you and in general we are obliged to monitor financial transactions with the aim of preventing money laundering and terrorist financing and to report relevant information to public authorities. If you are a beneficial owner we are moreover obliged to identify whether you are a politically exposed person (PEP) or closely related to one because special measures must be observed. A PEP is a person who is entrusted with one or more prominent public functions.
- necessary to pursue a legitimate interest for the Bank, cf Article 6(1)(f) of the General Data Protection Regulation, eg to prevent misuse and loss, to strengthen IT and payment security or for direct marketing purposes after considering your interests and the Bank's interests
3. Disclosure and transfer of data
We will disclose information about you to public authorities to the extent that we are obliged to do so according to legislation, including to the Money Laundering Secretariat of the Danish State Prosecutor for Serious Economic and International Crime in accordance with the Danish Money Laundering Act. The Bank exchanges information with branches abroad in connection with reporting to the Money Laundering Secretariat.
In addition we exchange information within the group and with external business partners (including correspondent banks and other financial institutions) if you have given your consent or if such disclosure is possible according to legislation, eg the Danish Financial Business Act or the Danish Money Laundering Act.
If you have provided security for a facility we may be obliged to disclose information about you to Danmarks Nationalbank and the Danish FSA in accordance with the National Bank of Denmark Act and the Danish Financial Business Act for the purpose of monitoring financial stability
In connection with IT development, hosting and support your personal data is transferred to data processors, including data processors in third countries outside the EU and EEA. We employ a number of legal mechanisms, including standard contracts approved by the EU Commission or the Danish Data Protection Agency, to ensure that your rights and the level of protection follow your personal data. A list of countries to which the Bank transfers personal data as well as draft standard contracts are available at sydbank.dk.
Your rights
1. The Bank's duty of confidentiality and your access to information
The Bank's employees are under a duty of confidentiality and are not allowed to disclose information which has come to their knowledge in the course of their employment with the Bank unless authorised to do so.
You are entitled to know which data the Bank processes about you, where it derives from and for which purpose it is used. Moreover you have the right to be informed of how long we store your data and who receives information about you. However access to such information may be limited by legislation. For instance you cannot obtain information as to whether and which information we have registered in connection with the investigations we are obliged to make according to the Danish Money Laundering Act. Nor can you obtain information as to whether we have notified the Money Laundering Secretariat of the Danish State Prosecutor for Serious Economic and International Crime or which information we have disclosed to the Money Laundering Secretariat in the event of suspicion of money laundering or terrorist financing.
Furthermore your access may be limited in order to protect other persons' privacy and the Bank's business foundation, business procedures, know-how, business secrets, internal assessments and material.
2. Profiling and automated decision-making
In certain cases the Bank carries out an automated evaluation of your personal data, eg to analyse your financial circumstances or preferences. We do this for instance when preparing a statutory credit rating or investment profile or with the aim of targeting our marketing to you.
The Bank makes use of automated decision-making to a limited extent. If decision-making is automated you will be informed of this in advance.
3. Right to object to processing
Under certain circumstances you are entitled to object to our otherwise legal processing of your personal data. This is, among other things, the case when the processing takes place on the basis of our legitimate interest.
You are always entitled to object to our use of your personal data in connection with direct marketing purposes, including profiling related to such purpose.
4. Right to have your data corrected or deleted
If the data that the Bank has registered about you is incorrect, incomplete or irrelevant, you are entitled to have the data corrected or deleted subject to the restrictions ensuing from legislation or other legal basis. If we have disclosed incorrect data about you we will make sure that it is corrected.
5. Limitations to data processing
In certain cases you are entitled to have the processing of your personal data limited. If you are entitled to limited processing, in future we may only process the data - except for storage - subject to your consent. We may also process your data with a view to making it possible to establish, enforce or defend a legal claim or to protect a person or important public interests.
6. You may withdraw your consent
You may at any time revoke your consent to the Bank's processing of your personal data by contacting the Bank. Please note however that we may not be able to offer you our products or services. Even if you have revoked your consent you should be aware that in certain cases we may still process your data, for instance where it is necessary to carry out an agreement concluded with you or where we are required to do so according to legislation.
7. Right to receive your data (data portability)
If the Bank processes information on the basis of your consent or due to an agreement you may be entitled to receive the information you provided in an electronic format.
8. Data Protection Officer and complaints
If you have any questions, you may contact the Bank's Data Protection Officer (DPO) at [email protected].
If you are not satisfied with our processing of your personal data, you may file a complaint with the Bank. In addition you can file a complaint with the Danish Data Protection Agency, Carl Jacobsens Vej 35, 2500 Valby, Denmark, or via its website datatilsynet.dk.
9. Contact details for data controller
Sydbank
Peberlyk 4
6200 Aabenraa
Denmark
CVR No 12626509
sydbank.dk
[email protected]
Translation
The above is a translation of the Danish "Information om behandling af dine personoplysninger i Sydbank". In case of doubt the Danish original applies.