Skip to main content
Whistleblowing Contact Branches ATM's

Privacy Policy

Bank shall collect and process the following data from Users, for the enrolment for and use of the App: Name; Surname; Social Security Number (“SSN-Personal Number”); Date of birth, MSISDN; User’s bank account number (IBAN); User’s Mobile Network Operator, Device’s identification number (known as UDID, Device ID and/or Vendor ID, depending on the Operating System of the Device); the Contacts List of the User’s phone; Address; Email address.


All Users’ personal data shall be collected and processed further exclusively for the purposes of enrolling for and offering the Raiffeisen On Digital Banking application (the “App”). Bank shall use Users’ personal data only for the purpose of providing its App’s services to users and users using the App.


The Bank considers personal data and privacy protection as a very important issue. Raiffeisen Bank is committed to respect legal framework regarding data protection the Law No. 9887 dated 10.03.2008 “On Protection of Personal Data” with changes, and other bylaws for their implementation, and in compliance with EU 2016/679 General Data Protection Regulation (GDPR).


The detailed information regarding the category of data, purposes and criteria of processing, and data protection, can be found in Bank’s webpage:


https://www.raiffeisen.al/en/about-us/footer-pages/Personal-Data-Protection.html


User is responsible of informing Bank on any and all amendments to his/her Personal Data and/orinformation which may affect use of the App. User must visit the Bank to notify such amendments. Bank and User shall apply high level security, technical and organizational measures which shall render possible the minimization of unauthorized interventions in the system, changes or loss of data.


The Bank is responsible for the fulfilment of all the obligations provided in the legislation for personal data protection.

The User has all the rights provided in this legislation, including, but not limited to:

i. Right for access;

ii. Right to request the blocking, rectification or erasure;

iii. Right not to be subject to automated decision-making;

iv. Right to object;

v. Right for complain;

vi. Right for access;

vii. Right to compensation for damages; 

Bank shall store User data for 5 (five) years following termination of the relationship with the user.

I understand that all my personal data, declared in this form and/or in any other document (form/contract) declared or signed with the Bank, in relation to and for the purposes of providing the App, are data that will be processed by the latter with the highest security standards, conform all existing legal framework, with the sole purpose of offering the App and/or to fulfil any legal obligation of the Bank, imposed by a legal and/or regulatory act in force in the Republic of Albania. I understand that it remains my full responsibility to update all the personal data as they may be amended and also I've been aware of my right to require from the Bank, through a written request, to correct or delete any personal data of mine.  

Processing of personal data

 I declare that the information provided in this application is true and correct. I hereby give my consent to the Bank to collect my personal data as above, as well as to process them furtherly only for the purpose of providing the App for which I’m applying. I understand that any personal information regarding my person will be treated with a higher level of security in full compliance with the provisions of Law no. 9887 dated 10.03.2008 "On the Protection of Personal Data" and bylaws issued for its implementation. Also, it is in compliance with requirements of EU 2016/679 General Data Protection Regulation (“GDPR”).  

Moreover, I declare and grant my consent for further processing of the personal data by the Bank by transferring these data to the contracting parties which may be in the capacity of the processor in the framework of designing, maintaining and administrating the current account.  

I hereby authorize the Bank to store my personal data for a term of 5 years after the termination of the relationship with the User. I am aware of the fact that for any questions or information regarding the processing of my personal data, I have the right to address my enquiries by sending an e-mail to rbal.dataprotection@raiffeisen.al.  

Also, I understand that pursuant to the provisions of GDPR and the Law on Protection of Personal Data as well as the by-laws issued for its implementation, I may at any time exercise the right of access or the right to request the blocking, rectification or deletion of personal data processed by the Bank. I also reserve a right to claim to the “Information and Data Protection Commissioner”, and a right to withdraw from this consent for my data processing at any time. 

Further Processing of Personal Data 

I give my unconditional approval to Raiffeisen Bank to use my personal data on my benefit for promotional offers concerning products and/or services packages that the Bank provides, (or may provide in the future) through one or more communication channels including but not limited to:

i) the Official Mail

ii) SMS

iii) Phone Call

iv) E-mail etc.

In such context, I authorize Raiffeisen Bank that, pursuant to the highest security standards defined in the legal and regulatory framework in force, to transfer my personal data for further processing to third parties specialized in this particular field. Furthermore, I declare that I've been aware of my right to require to the Bank at any time, to revoke this approval.

a. Username/Password/PINi.

i. Do not share username with any other person

ii. Define a non-easy to guess username

iii. Never write it down

b. Password/PINi.

i. Change Password/PIN frequently and in any occasion you suspect it has been compromised and never write them down.

ii. Complexity of the password is enforced via password policy implemented in Digital Banking.

iii. While defining password do not use easy to guess data (family member’s: name, surname, birthdays, age, or current year, pet name, words like password, birthplace …)

iv. Do not use password/PIN for Digital Banking for anything else (email, shopping account, cards PIN)

a. SMS OTP – used to authenticate user, in different actions in digital banking

i. SMS OTPs are sent via SMS to mobile number declared from user to bank. In case you change mobile number please update this information to bank.

ii. Do not share OTPs with any other person.

b. Mobile Token/ Cronto Token/HW Token – used to authorize transactions

i. In case you lose your device, where the security element is installed, please block/delete license from web Digital Banking, or notify bank to block the respective license/s.

a. Do not forget to logout after you are done using the Digital Banking web/mobile application, especially in shared devices.

b. Do not share personal information, such as account numbers, credit card numbers, over the telephone, through the mail, or over the Internet -- unless you initiated the contact or know with whom you are dealing.

c. Apply all updates for Digital Banking mobile app.

d. Please do not do any banking transaction on computers open to public access. Many different type of hacking programs enable hackers to access your account details and personal information through computers which are open to public access.

e. Never access your Digital Banking accounts through hyperlinks in e-mails, pop-up windows, search engines. Do not access any sites that require you to provide personal or confidential/ sensitive information or allow you to carry out banking transactions. Always type in the full address of the site that you want to access in the respective bar.

a. Don't provide identity or other confidential information without confirming that the site is secure. Check that the address begins with https:// followed by the respective name of the required site and that the page shows a padlock in the lower or upper toolbar.

b. Do not open electronic mail messages without checking the identity of the sender and the subject. If you have any doubt as to the origin of the message delete it immediately and don't open any file or attachment, it may contain.

c. Keep Operating system of your PC always up to date

d. Install antivirus software and keep it up to date at all times. An outdated antivirus software is the same as not having one.