Payment data for personalised marketing off limits to Dutch banks
(9 July 2019 – Europe) Dutch banks have been told to stop using their customers’ payments data for personalised direct market following complaints about INGs plan to start using transaction data to send its customers more relevant email and text message offers.
INGs plan drew complaints from privacy advocates, prompting the Dutch Data Protection Authority to step in and write to the Dutch Banking Authority making it clear that banks are "not allowed" to simply send their customers personalised offers based on payment details.
Authority board member Katja Mur says: "Payment data gives a complete picture of someone's life: what do you spend your money on, which associations do you belong to, who do you associate with, which patterns are visible? That is why the AP considers it important to point the banking sector to the privacy rules."
While ING prompted the letter, the authority says other banks are carrying out similar activities. Newspaper de Volkskrant has identified ABN Amro, Rabobank and De Volksbank as potential culprits.
ABN Amro has since acknowledged its use of payments data and has stopped the practice temporarily ahead of a meeting with the data protection agency, adding: "We want to talk with the DPA in order to clarify how their request should be interpreted."