Northmill Bank AB (“Northmill” below) respects your personal privacy and makes sure you can feel safe about the way we collect data about you. To make it possible for us to offer you financial services in a user-friendly way, we need to collect some personal information. Below, you can read about what data Northmill collects from you, what purpose it is collected for, the legal grounds for processing the data, how long your data is stored and more. If you have questions regarding privacy and data protection, you can always reach out to us by sending an email to firstname.lastname@example.org.
NB! Northmill.com is not a website that is collecting actively personal information of its visitors, except for cookies for administrative use. This document describes merely how Northmill works with Data Privacy on its consumer lending services:
What types of data do we process and how do we collect it?
We want to offer, develop and enhance our services and products to create attractive offers for you as a consumer. To do that, we process your personal information. Below we explain what data we gather, broken down into different categories. You are not required to give us your data, but if you do not, we cannot guarantee that we can offer you our services or products.
We collect the following information about you:
We collect your data in different ways:
What do we do with your data?
For us to process your data, there needs to be legal support in existing legislation. For our treatment of your data to be legal, the data has to be required to
The treatment of your personal data can also be used if:
To offer you products and services, we need to process your personal data. Below you can read about the legally supported purposes for which we gather your personal data. The resources we save by collecting personal data varies depending on what the data is used for. We never save data longer than needed for actual use cases.
Providing and fulfilling agreements relating to products and services
We treat customer data and traffic data to be able to provide you with products and services, complete agreements and protect our rights in accordance to the agreement. For example, we need to be able to identify you as a customer, handle your lending errands, handle your invoices and payments for services, credit checks, directory assistance, troubleshooting and error correcting, handling feedback and return complaints for services.
Legal ground: fulfillment of agreement, legal obligation.
Develop and improve our products and services
We process customer data, such as making selections and performing customer surveys, to develop and improve our operations, and our products and services that we can provide you, as well as our processes and methods.
Legal ground: justifiable interest
Provide and improve service to our customers
We process customer data such as your case history, to offer our customer service, to offer self-service, and to constantly educate our coworkers and improve our working methodology so that we can always offer you the best possible service. When you contact us, the communication could be subject for analysis.
Legal ground: fulfillment of agreement, justifiable interest (Northmill has a justifiable interest to maintain good customer service).
We process customer data, for example by analyzing and processing statistics, to offer you relevant offers regarding our services. Vi process lending data by gathering, saving, processing and analyzing, for example by analyzing how you use our services, to tailor offers that is suitable for you. The marketing is done through e.g. letter, telephone, sms and email.
Information security and preventing abuse of products and services
We treat customer- and traffic data to be able to protect security for all our services, products and electronic communication networks., to discover and prevent prohibited use of the service or product or/and to discover and prevent fraud, virus attacks and more.
Legal ground: justifiable interest (Northmill has a justifiable interest in upholding the security for our services and networks) and legal obligation.
Fulfill legal obligation or other constitution, government regulation, decision, request or guidelines to protect our interests.
We process your customer- and lending data to fulfill our obligations according to the law or other constitutions, government regulation, decision, request or guidelines, for example we save data in accordance with national accounting, anti-money laundering and anti-terrorism financing laws.
Legal ground: legal obligation.
How long we save your data
Northmill only saves customer data as long as it is necessary to execute contractual obligations towards the customer, and as long as it is legally required. When the Company saves customer data for other purposes than for their contractual obligation, for example to fulfill requirements for actions against money laundering, accounting and other regulatory demands, the data is saved only as long as it is necessary and/or legally obligated for their respective purposes.
What is a cookie?
A cookie is a small text file that may be saved on your computer by the website you visit.
How to deactivate cookies?
To whom we give out your information
We give to suppliers or companies in our Group that handles data on our behalf.
We hire suppliers and in some cases companies within our own Group to enable delivery of our services. This means that they too need certain information about you as a customer. However, these parties are not permitted to use your personal data for any other purpose than to supply the service, or according to terms set by Northmill.
Transmission of personal data to third country
Northmill are always aiming to process data within the EU/EES. However, in certain situations the data might be transferred to, and processed in, countries outside the EU/EES - but always under the protection of Privacy Shield - by Northmill or some other supplier.
As Northmill is determined to always protect customer data, Northmill will take all reasonable legal, technical and organizational actions to ensure that customer data is handled safe and at an adequate protection level, comparable to and at the same level as the protection that is offered within the EU.
We also may provide information about you to other recipients where we according to law or government regulation are obligated to provide data to such authorities that has the legal right to obtain that information.
In accordance with existing law, you have a number of rights which entails that you can receive information about, and get control over, your own personal data.
Here we list your rights, and at the end of this policy you will find contact information for Northmill, which you can use if you want to practice these rights.
You normally have the right to use the rights listed below free och charge. However, if the request is obviously unsubstantiated or unreasonable, we have the right to charge a reasonable fee or choose not to accommodate the request.
We will answer a request from you without unnecessary delay. If additional time would be required, or if we for some reason cannot accommodate your request, we will inform you of this. We can also request additional information from you if necessary for us to confirm your identity and ensure that you are who you’re claiming to be, rather than someone else who is trying to access or take control over your personal data.
Right to information and access to your personal data
You have the right to request a confirmation regarding how we process personal data about you, and if that is the case, we will inform you about how your personal data is being processed. You also have the right to receive a copy of the data that we process (through a transcript from our records). If you demand additional copies, we have the right to charge a reasonable fee for this.
Right to correction
It’s important for us that the personal data that we provide about you is correct. If the data is incorrect, you have a right to turn to us and have the data corrected. You also have the right to request that data is added if something is missing, if the addition is relevant in relation to the purpose of the process. We will inform those who we have given your information to, that a correction has taken place. We will also, at your request, inform you of to whom the correction has been given.
Right to be deleted
You have the right to turn to us to request that your personal data is deleted if:
However, in certain cases we cannot accommodate a request regarding deletion, e.g. if we are legally obligated to save the data. If deletion takes place we will inform those we have given your data to that a deletion has been executed. We will also, at your request, inform you of to whom information regarding deletion has been given.
Right to oppose
You always have the right to, at any time, oppose that your data is used for direct marketing. You can do this by contacting us at Northmill, or by logging in to your “My Pages” for respective service and mark that you do not wish to get offers sent to you. If you do such an opposition, we will no longer collect your information for this need.
You also have the right to oppose that we collect your data with support by a balancing of interest. If we cannot show that there are justifiable reasons for the collection that weighs heavier than your reasons, the collection shall cease.
Right to limitation of collection
You have the right to get in touch with us and request that the collection of your personal data is limited and that the data is only used by us in the following situations:
However, in certain cases we cannot accommodate a request of limitation, e.g. if the data is needed for us to defend our rights or protect someone else’s rights. If limitation is performed, we will inform those who we have given your data that a limitation has been performed. We will also, at your request, inform you to whom we have given information regarding that a limitation has been performed.
Right to data portability
You have the right to request to get all your personal information in a machine-readable format and has rights to use such data elsewhere. This right applies to such personal data that you have provided to us and is collected with the support of your consent, or if the collection is grounded in an agreement with us.
Contact information for Northmill and our data protection agent
If you have questions or want to exercise your right to rescind consent:
If you do not want our direct marketing
You always have the right to decline our direct marketing of products and services that is sent via SMS, email, telemarketing or per mail.
Log on to My Pages for respective service and mark that you do not wish to receive direct marketing, or call our customer service, or click deregister in our SMS or email. You can also deregister per mail to the address below. If this is the case, provide us with your name, social security number and what brand it is related to.
If you consider that your personal data is collected in violation of current law, you can leave a complaint directly with us or the Swedish Data Protection Authority.
Personal data responsible Northmill
Northmill is responsible for the collection of our customers (consumers) personal data on the behalf of the brands Credigo/Easycredit/Credway/Rebilla. As personal data responsible we decide the purpose and the means for the collection.
Northmill Bank AB, Färögatan 33, 164 51 Kista, Sweden
Data protection agent Northmill
Our data protection agent surveys that vi follow existing law and treat your personal data in a correct way. If you wish to contact our data protection agent you can call our customer service at +468-558 033 38 or email email@example.com.