This is the Privacy Statement for all candidates participating in the recruitment and selection process of ABN AMRO Bank (hereinafter “the Bank”). The recruitment and selection process starts when you apply for a job vacancy at the Bank. The process ends when you are either not selected, or you have signed an employment contract with the Bank. This Privacy Statement informs you how the Bank handles your personal data during the recruitment and selection process.
The Bank is responsible for your data. The Bank’s full details are: ABN AMRO Bank N.V., a public limited company incorporated under Dutch law with its registered office at Gustav Mahlerlaan 10, 1082 PP Amsterdam, Netherlands, registered under number 34334259 in the Commercial Register at the Amsterdam Chamber of Commerce, and with a Belgian branch at Post X, Borsbeeksebrug 30, 2600 Antwerp, Belgium, registered with the Belgian Crossroads Bank for Enterprises under number (VAT BE) 0819.210.332.
Data Protection Officer
Our company's Data Protection Officer or DPO is based at Gustav Mahlerlaan 10, 1082 PP Amsterdam, the Netherlands. This officer acts for the entire ABN AMRO Group. In Belgium they are represented by the Local Privacy Officer (be.compliance@be.abnamro.com).
This Privacy Statement is about the Bank's use of your personal data. But what exactly is personal data? The most common examples of personal data are name, address, age and date of birth. Business email addresses, phone numbers and your national registration number are also personal data. So-called special category personal data is a specific type of personal data . This data is so sensitive that its use could seriously affect an individual’s privacy. It includes information about your health, sexual orientation, cultural background and trade union membership. Biometric data is also considered special category personal data. Biometrics are a collection of techniques to measure and identify an individual’s body characteristics, such as fingerprints (to grant access to secured areas, for instance). The privacy legislation imposes strict requirements on the use of such special category personal data. The bank may only process this type of personal data if the law permits or requires it or with your express consent.
Most of the personal data the Bank processes about you was obtained from you. Some of the Bank's data about you may have been obtained from another source. Here are some examples of other sources:
The Bank uses your data for one or more of the following reasons:
The Bank also processes your data because it is required to do so under various laws and regulations. Banks are subject to many rules. The Bank must conduct its business with integrity in order to manage the integrity risks and to ensure the integrity of the Bank and of the financial sector as a whole. Conducting its business with integrity also means selecting its employees with integrity.
The Bank may also use your data if it has a 'legitimate interest' to do so. The Bank’s interest in using your data does have to outweigh your right to privacy. The Bank therefore weighs up all interests in this process. Examples of the Bank's legitimate interest to use your data in the recruitment and selection process are:
The Bank uses your data for the following purposes.
The Bank uses your personal data to assess your suitability for the position in question. If an employment contract is concluded, the Bank shall use your personal data to draw up the contract. Protection of integrity and securityThe Bank also uses data to optimally protect the Bank, its property, its data and its employees against all kinds of breaches and damage.
The Bank uses candidates' personal data to implement a responsible, effective and efficient HR policy.
Finally, the Bank uses employee data to comply with the applicable laws and regulations. The Bank must conduct its business with integrity under the regulations in force. Conducting its business with integrity also means selecting its employees with integrity.
The Bank considers it important to ensure the reliability, professionalism and security of its organisation. This means that the final stage of the application process consists of pre-employment screening. Data from public sources may also be used for this purpose. In Belgium, the Bank's pre-employment screening always consists of the following components:
*In line with the European privacy directives, the criminal record extract is not kept in the personnel file.** The Bank is required to draw up a list of banking service providers working at its institution or acting on its behalf, and provide this list and any updates to the Belgian Financial Services and Markets Authority (FSMA) (in accordance with Article 4, Section 1, third paragraph, of the LawAct of 22 April 2019 introducing a bankers' oath and disciplinary regimesystem for the banking sector). More information on how the FSMA processes the personal data it receives from banking service providers is available in the Privacy policy for banking service providers, which is available on the FSMA website under the Privacy & Cookies section.
The Bank can also use your data for purposes other than those for which you originally provided them. However, this new purpose must match the purpose for which you initially provided your data to the bank. To determine whether this is the case, the Bank shall always consider the following points:
The Bank may share your data with companies that help us to select candidates, such as recruitment and selection agencies and temping agencies.
The Bank may also share your data with assessment providers to perform a personality test, for instance.
The Bank makes clear arrangements on how they handle your data in a contract. The Bank remains responsible when using the services of another company.
The Bank does its utmost to protect your data as much as possible. The Bank invests heavily in its people, systems and procedures to achieve this. Its approach is always adapted to the sensitivity of the data. Employees are trained to handle the data securely.
It is precisely because of your security that we can't go into detail about the exact data security measures we take. Examples of the Bank's measures to protect employee data are provided under point 2 of “Why does the Bank use your data?”.
The Bank and the companies in its group may share personal data with each other at times, even if the group's companies are located outside of Europe. For example, if you apply for a position at the Bank’s Sydney branch, the Bank will pass on your details to that branch. The Bank must comply with local regulations in this respect.
The Bank shares personal data with the group's companies outside of Europe in accordance with its global internal policy, the Binding Corporate Rules (BCRs). The Data Protection Authority has approved this policy.
The Bank may also use IT suppliers based outside of Europe or IT suppliers who also offer services from countries outside Europe. If this is the case, the Bank shall ensure that this transfer meets the privacy legislation.
The basic principle to determine different personal data retention periods is that the data is always retained for as long as necessary to achieve the purpose for which it was obtained.
The privacy legislation does not mention any specific retention periods for personal data. However, other laws may stipulate minimum retention periods. This means that the data must be stored for as long as stated in those laws.
In principle, the Bank stores the personal data of rejected candidates for one year from the moment of rejection. If you have been rejected and you would like to have your personal data erased, you can send your request to hrm@be.abnamro.com. If you are hired as an employee, the Bank shall keep your personal data just as long as the data of its other employees. We apply a retention period of seven years from the end of your employment for most employee data.
You have the right to access your personal data processed by the Bank. You can also ask the Bank to correct your details if they are incorrect. You can submit your request to hrm@be.abnamro.com.
In some cases, you can also ask the Bank to erase your data. The Bank does not always have to comply with a request to erase your data. One example of this is when the law requires the Bank to keep your data for a longer period.
You can also ask the Bank to temporarily limit the use of your personal data. This is possible in the following cases:
You can exercise your rights by sending a letter with a legible copy of both sides of your identity document to ABN AMRO Bank N.V., Privacy Officer, Borsbeeksebrug 30, 2600 Antwerp, Belgium.
Right to data portability
The Bank can give you the data that you provided to the Bank and that is stored automatically. This only applies if they process your data based on consent or based on the agreement they concluded with you. This is called data portability. You can exercise your rights by sending a letter with a legible copy of both sides of your identity document to ABN AMRO Bank N.V., Privacy Officer, Borsbeeksebrug 30, 2600 Antwerp, Belgium.
Make sure you keep your data secure. Check that the party you wish to disclose your data to is trustworthy and handles your data as securely as the Bank. If you want to receive your data yourself, make sure that your own equipment is sufficiently secure and can't be hacked, for example.
In that case, contact HR by sending an email to hrm@be.abnamro.com. If you are not satisfied with the process, please get in touch with us at ABN AMRO Bank N.V., Privacy Officer, Borsbeeksebrug 30, 2600 Antwerp, Belgium or be.compliance@be.abnamro.com.
You can also file a complaint with the Belgian Data Protection Authority or Dutch Data Protection Authority.
Date of latest version: 11/03/2025.
Changes in the use of personal data may occur over time due to the changes made to laws and regulations, to internal procedures or to systems that directly affect the Bank's use of your personal data. The privacy statement is amended in such cases. Such an amendment is announced on the website www.careers.abnamro.be
