Data Protection Regulation

The General Data Protection Regulation (GDPR) is a new European regulation that adapts the management of personal data to new digital environments, such as the internet and mobile apps. Its objective is to guarantee that natural persons own their data and have control over what entities do with them.

The European Union approved the Regulation in 2016. Member States must apply it from 25 May 2018.

Right of the data owners to ask the Bank to give their data to another entity, or to them, if requested, in a structured, commonly used and machine-readable format. Such request can only be made in relation data whose processing is based on consent or a contract, and provided that the processing is carried out by automated means.

Data processing is considered any use of the data that implies the collection, recording, conservation, preparation, modification, consultation, use, blocking, modification or cancellation, as well as the data transfers resulting from communications, consultations, interconnections and transfers.

All companies that have personal data must comply with the Regulations.

If you are a Banco Santander customer, you can make changes to your consents both from the Private Area, as well as from the mobile APP, the Call Centre or at the Branch.

We will need the customer's consent to carry out certain kinds of processing:

Consenting to all processing allows the bank to offer a service that is most adapted to their needs, but they do not have to agree to all consents. Even so, if the customer opts for the latter, the Bank must process their personal data for the maintenance of the product or service that they have taken out and/or legal compliance.