Protection of personal data
[GRI 103-1], [GRI 103-2], [GRI 103-3] Bank Millennium processes personal data inter alia to conclude an agreement, to perform a number of duties imposed on the Bank, to maintain bank accounts, to securely execute instructions and to inform clients about new products and services. The Bank as a data controller makes every effort to implement the requirements of the Data Protection Regulation 2016/679 (GDPR) to the fullest extent possible and thus protect personal data. Supervision over proper processing of personal data in the Bank Millennium Group is exercised by the Data Protection Officer. In addition, a special unit was created in the Bank, i.e. Data Protection Office, whose task is to support the Bank’s employees in fulfilling their duties in the area of data processing.
Bank Millennium processes personal data of clients, employees or other persons who are in relationship with the Bank, using technical and organizational means necessary to ensure data security. Personal data is one of the key resources for the Bank and its security is a top priority. The Bank is constantly improving its technical and organizational measures to ensure the protection of personal data processing, in particular protecting the data against unauthorized access, loss or unauthorized modification.
At the same time, in case of Bank Millennium clients, personal data are also covered by banking secrecy, which entails the obligation to provide even more extensive protection of client relationship data. In order to ensure the highest standards also in this respect, training is provided in the field of security of protected information, including personal data protection and bank secrecy.
[GRI 418-1] Significant complaints concerning violation of the client’s privacy and loss of data in 2021 |
|
---|---|
Number of justified complaints concerning violation of the client’s privacy received from external parties and acknowledged by the organization* | 51 |
Completed proceedings conducted by the President of the Office for Personal Data Protection (PUODO)** | 2 |
Total number of identified incidents of leaked, stolen or lost client data*** | 109 |
Of which requiring reporting to PUODO | 46 |