Data protection notice of NORD/LB

The protection of your privacy in the processing of personal data is an important concern for us that we respect in all of our business processes. We use any personal data that is collated when visiting our site in accordance with the applicable statutory provisions. Your personal data is only saved if you provide it to us voluntarily, for example, in the form of a request for information, a general inquiry, a product deal or a marketing promotion.

Thank you for your interest in our company and products. The protection of your privacy is an important concern for us so that you can feel secure and at ease when visiting our website. NORD/LB only uses your personal data to respond to your requests for information and inquiries and to process product deals. It should be expressly noted that the employees of NORD/LB have a duty to treat such data confidentially in accordance with the German Federal Data Protection Act.

You can normally visit our website without us requiring any personal data from you. We only learn of the name of your Internet service provider, the website from which you linked to us, the pages you visit on our site, the time and date of your visit as well as demographic characteristics (age, gender) and your interests. We analyse this information for statistical purposes and to improve our web pages. In all cases the individual user remains anonymous.

Personal data is only collated if you expressly provide us with it, for example in the case of Internet banking and brokerage, product deals, on sending an e-mail form, subscribing to our newsletters or making online orders in our Internet shop. In the case of Internet banking and brokerage and product deals, the data is encrypted for transfer in order to prevent abuse by third parties. We use a transfer method that is based on the SSL (Secure Socket Layer) protocol. This encrypts data transfer between your browser and our server. In order for the browser you use to be able to transfer encrypted data, the SSL security protocol must be enabled in its settings.

We only collate, process and use your personal data for the processing of your instructions, inquiries and orders as well as protecting our own valid business interests in terms of advising and supporting our customers and designing products that meet our customers' demands. It should be expressly noted that all statutory provisions are complied with.

Occasionally cookies are used on our web pages to assist us in providing you with targeted information. By using cookies no personal data is stored or linked to your personal user data. Cookies are small text files that are sent from our web server to your PC and usually stored on your hard disk. They do not become part of your system and cannot cause any damage.

Most browsers are set up to accept cookies automatically. However, you can disable the saving of cookies or set up your browser to notify you when a cookie is sent.

Our website also contains links to other providers' websites that are not covered by our data protection declaration. As a rule we have no influence over these providers' content and their compliance with data protection provisions and therefore request that you make yourself aware of the guidelines applicable on those sites when visiting them.

You may revoke any authorisation you have given for all future collation, processing and use of your personal data at any time. We will then delete your data from our systems. This revocation does not affect technical banking customer data, for example for managing your accounts.

Public directory of procedures

§4 g of the German Federal Data Protection Act stipulates that the Data Protection Officer shall make the following information generally available in an appropriate form in accordance with §4 e of the Act:

Name of the relevant body:


Managing Board:

  • Thomas S. Bürkle (Chairman of the Board of Management)
  • Dr. Hinrich Holm (member of the Board of Management)
  • Ulrike Brouzi (member of the Board of Management)
  • Christoph Dieng (member of the Board of Management)
  • Christoph Schulz (member of the Board of Management)
  • Günter Tallner (member of the Board of Management)

Responsible data processing manager:

Stephan Tillack

Address of the responsible body:

Friedrichswall 10
30159 Hannover

Purpose of the collation, processing or use of the data:

The business segments of NORD/LB include all classical financial services from investment and funding for private customers and companies through to commercial and corporate finance. Investment and support for wealthy private customers, asset management for institutional customers and money market trading, securities trading and currency trading and international business are also parts of the Bank's product range, including municipal business and real estate finance. Data is collated, processed and used for the above purposes.

Description of the groups affected and the corresponding data or data categories:

Personal data is collated, processed and used primarily in connection with the following groups of people:

  • Customers (e.g. dates of birth, address data, contract data, data relating to individual banking services)
  • Interested Parties (address data, interests in products)
  • Employees, applicants and pensioners (personal data relating to HR administration and controlling)
  • Brokers to the extent required in the respective business transaction
  • Suppliers (address, billing and other data relevant to the respective contractual relationship)

Recipients or categories of recipients to whom the data may be communicated:

  • Public bodies where statutory provisions apply
  • Internal units involved in the performance and fulfilment of the respective business processes
  • External contractors (service companies) pursuant to §11 German Federal Data Protection Act

Standard periods for the erasure of data:

The legislator provides for a variety of retention duties and periods. On expiry of the respective period, the corresponding data is routinely deleted, provided it is no longer required for fulfilling the contract. Data that is unaffected by this will be deleted when the purposes set out under paragraph 2 no longer apply.

Data transmission to third states:

Transmission to third states occurs for example if NORD/LB has branches there and also in the handling international transactions.

Information on money transfer transactions:

In the case of transfers to overseas accounts and special instructions for urgent transfers, the data contained in the transfer is transmitted to the recipient's bank via the Society for Worldwide Interbank Financial Telecommunication (SWIFT), headquartered in Belgium. For reasons of system security, SWIFT stores the transaction data temporarily at its computer centres in the Netherlands and USA. The reason for this information is a decision of the data protection authorities of November 2006 as a reaction to the US authorities having accessed bank transfer data in the SWIFT computer centre in the USA for purposes of fighting international terrorism.

Data Protection Notice for Social Media

Embedded within our website users have the opportunity to interact directly with NORD/LB on the social networks Facebook, Twitter, Google+, Xing and/or Linkedin. They can also share content from the NORD/LB website via these platforms.

By default all embedded buttons on the social media services are deactivated. Only when the user activates them, and by doing so declares his or her consent to communicate with Facebook, Twitter, Google+, Xing and/or Linkedin, are these buttons activated. A second click then connects the user to the server of the selected social network where they can post their recommendation. The selected platform then opens in a separate window. Here users can sign in if they are not already logged on to the specific social network and can again confirm their recommendation, or they can share the content directly on their profile if they are already signed in. The button is activated for this page and the selected service, but can be deactivated at any time using the slider switch. If NORD/LB pages are accessed again, the deactivated button appears.
For information on the purpose and extent of data collation and the further processing and use of the data by the social networks refer to the data protection notice of the respective provider. Here you will also find information on your associated rights and settings for protecting your privacy.

If you have questions concerning your personal data or concerning data protection in general, contact our data protection officer. He can also be contactes in case of complaints.

NORD/LB Data protection officer

Friedrichswall 10
30159 Hannover