We keep personal data in any event for as long as is necessary to achieve the purpose.
The General Data Protection Regulation and the Dutch GDPR Implementation Act (Uitvoeringswet AVG) do not give specific storage periods for personal data. Other legislation may specify minimum data retention periods, however, which we must comply with. Such legislation includes the general requirement for businesses to keep records, as set out in the Dutch Civil Code, tax laws or laws governing financial enterprises in particular (such as the Dutch Financial Supervision Act).
The length of time we keep personal data varies from a few months to many years. In many cases it is kept for seven years after your relationship with ABN AMRO ends.
Personal data is deleted or anonymised once the data retention periods have ended. Certain personal data may be kept for longer for various reasons, for instance as part of our risk management, for security reasons, or in connection with claims, investigations or lawsuits.
When personal data is kept for longer than the data retention periods, we take measures to ensure this personal data is only used for purposes that require a longer retention period.
