Privacy policy

Moank AB, corp.ID 559000-0237, is the data controller for the processing of personal data in connection with its operations. Moank has appointed a data protection officer to monitor data protection matters and oversee compliance with the GDPR.

Contact: phone +46 8 520 059 55 or info@moank.se.

Moank collects personal data that is necessary for its operations and to maintain high standards of products and services.

Types of personal data collected:

• Identity information (name, personal identity number, IP address, BankID)
• Contact information (postal address, email, phone number)
• Family situation (marital status, number of children)
• Tax status (tax ID, tax status)
• Education and employment information
• Bank account details (account numbers, balances, account types, loans, rates)
• Transaction history (deposits, withdrawals, transfers, purchases, repayments)
• Credit history (debts)
• Habits and preferences (website use, browser data, product use, communication)

Bank account data and transaction history are retrieved over 90 days when the customer has confirmed this.

Moank never requests data about racial or ethnic background, political opinions, religious or philosophical beliefs, trade union membership, genetic data or data about sex life and sexual orientation.

Personal data may be obtained from:

• Government publications and databases
• Service providers and commercial partners
• Credit reference agencies, banks, credit market companies, payment institutions, account aggregators
• Cookies

Moank processes personal data for specific purposes based on a legal basis.

To enter into and fulfil contracts:

• Verify and register data for contract conclusion
• Make credit decisions based on profiling (sometimes automated)
• Document, administer and fulfil contracts
• Provide information about products and services
• Assist customers and answer questions
• Assess whether a product or service can be offered and on what terms

To fulfil legal and regulatory obligations:

• Banking and finance regulation (security measures, transaction monitoring, credit risk assessment, risk reporting, archiving of chats and emails)
• Reporting to the Swedish Tax Agency, the Police Authority, the Enforcement Authority, the Swedish FSA and other authorities
• Responses to official requests from public authorities
• Prevention of money laundering and terrorism financing
• Checks against sanctions lists
• Combating tax fraud and tax data issues

Where Moank has a legitimate interest:

• Fraud prevention
• IT management, infrastructure, continuity and security
• Statistical models based on transaction analysis
• Aggregated statistics, tests, research and development
• Segmentation and marketing analysis
• Direct mail
• Tailored offers based on analysis of habits and preferences

When the customer has given consent:

• Data sharing with Hotjar Ltd and Google Inc for analysis of website interactions
• Data sharing with Facebook Inc, Google Inc and advertising networks for audience creation

Profiling is the automatic processing of personal data for the assessment of personal characteristics, especially economic situation, preferences and behaviour. It is used for market and customer analysis, system development, marketing, automated decisions and transaction monitoring.

The legal basis is legitimate interest and legal obligation. Where consent is required, the customer may provide it.

Moank uses automated decision-making (for example automated approval or rejection of credit applications). This has positive effects for customers: increased consistency and accuracy, reduced risk assessment and more efficient decisions.

Customers have the right not to be subject to solely automated decision-making with legal effects or material impact. Exceptions apply when the processing is necessary for entering into or fulfilling a contract, or when the customer has consented.

In the case of credit decisions based solely on automated processing, the customer can always have the decision reviewed by a case officer. Contact customer service by phone or email.

Personal data may be passed on to:

• Partner companies (credit reference agencies such as UC, Finansiell ID-teknik, Bankgirocentralen)
• Debt collection companies for debt recovery
• Account aggregators (Tink, Open Payments) or banks for bank data retrieval
• Companies that have sold a product or service financed through Moank
• Loan brokers
• Funding partners
• Financial bodies, government authorities and public bodies (on request and only as required by law)
• Data processors (Hotjar Ltd, Google Analytics, advertising networks such as Bonnier News)

Personal data is only processed within the EU/EEA.

Moank uses appropriate technical and organisational measures to ensure protection against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or unauthorised access.

Equivalent requirements are placed on partners. Moank only processes necessary data and pseudonymises where possible.

Personal data is stored in accordance with applicable legislation and only as long as necessary for the specific processing purposes.

• Contract-related personal data: normally as long as the contract is in force and thereafter for a maximum of 3 years. Under certain legislation (such as statutes of limitation) 10 years may apply.
• Insurance data: as long as the insurance is held and the premium is paid.
• Without contract conclusion or insurance subscription: a maximum of 3 months.
• Customer due diligence data: 5 years under anti-money-laundering rules. Where needed for money-laundering or terrorism-financing investigation: up to 10 years.
• Accounting data: 7 years.
• Email and chat communication: a maximum of 12 months.
• Mandatory cookies: a maximum of 12 months.
• Form data and server information: during the browser session (at most until the tab is closed).
• Google Analytics, Google Optimize, Google Tag Manager: deleted on an ongoing basis, at most after 24 months or upon withdrawal.
• Hotjar Ltd data: a maximum of 12 months or upon withdrawal.
• Marketing data (Google Inc, Facebook Inc, Bonnier News AB): a maximum of 24 months or upon withdrawal.

Under the GDPR, customers have the following rights. To exercise your rights, send a letter to Moank AB, Box 3652, 103 59 Stockholm, or email info@moank.se. Attach a scanned copy or paper copy of an ID card.

• Access: the right to obtain information about processing and a copy of personal data.
• Rectification: the right to request correction of inaccurate data or completion of incomplete data.
• Erasure: the right to have personal data erased, but not where they are still necessary for the original purpose and a legal basis exists.
• Restriction: the right to demand restriction of processing.
• Data portability: for processing based on a contract or consent, the right to have personal data returned or transferred to a third party (where technically feasible).
• Objection: the right to object to processing based on a specific situation. An absolute right to object to direct marketing and related profiling.
• Withdrawal of consent: the right to withdraw any given consent at any time.
• Complaint to supervisory authority: the right to turn to the supervisory authority in case of dissatisfaction with processing.