Datenschutz Business Banking EN

Data Protection Statement for Business Banking

The credit institution takes the requirements of data protection law very seriously. Accordingly, customer data will be thoroughly protected during collection and processing, and while using our service. Such data protection is based in particular on the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act of 2018 [Datenschutzgesetz/DSG 2018].

Business Banking: the internet banking applications George Business and Telebanking Pro of Erste Bank and Sparkassen [savings banks]

Please also refer to the general data protection statement.

The provisions of the statement also apply to "Business Banking".

In addition, the following has to be observed with respect to "Business Banking":

Authentication and all other data transfers will be carried out via an encrypted HTTPS connection.

This connection is secured by an extended validation certificate of DigiCert Inc. The certificate has been issued for "sparkasse.at" in the name of our IT service provider Erste Digital GmbH [AT]. The fingerprint may be verified at www.sparkasse.at/ssl-sicherheitszertifikat or verbally via our call centre (+43 5 0100 50320).

Log information collected within the Erste Bank and Sparkassen infrastructure will exclusively be processed within the designated internal infrastructure.

Data stored with Erste Bank and Sparkassen (customer information, account balances, entries, transaction data, ...) will be analysed and prepared technically by "Business Banking" for the purpose of a better display in "Business Banking". This includes a full indexation of such data and a categorisation of transactions. This also concerns data uploaded by the customer onto the system. This also concerns data uploaded onto the system via an EBICS/MBS communication with the access data entered by the customer.

Sensitive messages and orders will exclusively be served securely via the service mailbox. Orders placed via different channels (e.g. by email or text message) will not be accepted.

Our app "George Business" uses the Geofencing API of the respective operating system to provide location-based notifications when users enter specific regions - only after receiving the user's explicit consent. This feature enhances the user experience by delivering timely and context-aware information about exchange rates for customers traveling abroad. Background location access is required to ensure these notifications are triggered reliably, even when the app is not actively in use.