Protection of personal privacy

DNB corporate portrait of a smiling young man
How DNB collects and uses personal data
In DNB, we take the security of your personal data seriously, which means that it is safe for you to use the products and services we offer. As an international financial services group we have a duty of confidentiality and will handle your personal data in accordance with prevailing data protection legislation. The controller in the DNB Group will be a subsidiary of DNB ASA in or outside Norway which processes personal data about you because you are, for example, a customer of the entity in question. Click here to find the companies in the DNB Group. Please find contact details and guidance for complaining, in the bottom section Contact information. 
This privacy protection statement contains information you are entitled to receive when data about you is collected, for instance from our website, and general information about how we process personal data. The word “you” in this statement refers to you as a customer, potential customer, employee of our customer or another relevant party, such as a beneficial owner, authorised representative, corporate card holder or another associated party.
Last updated 2022, May. Please find the changes in the bottom of this statement

The types of personal data we collect

The types of personal data

Examples of the types of personal data DNB may collect are specified below. Please note that the type of personal data that is collected will depend on the product or service we are providing for you as a customer or related to one.

Identification information: national identity number and name. tax purposes or foreign tax identification number, BankID , a copy of your identification such as a passport, driver’s licence or the like.

Relations information: spouse, child, civil status, roles regarding customer relation, nationality, country of domicile for tax purposes, roles connected to collateral object

Contact information: telephone number and address(es), including your postal address, and your country of domicile if the address is outside Norway.

Financial information: customer and product agreements, transaction data, credit history and insurance history, income, debt, collateral object Special categories of data: health information for certain insurance products, union membership for lojality programs, biometric information for identification

Digital behaviour information: browser name, the type of computer and technical information about the User’s means of connection to our Site, such as the operating system and the internet service providers utilized and other similar information

Personality information: extgreeableness, conscientiousness, openness,, neuroticism., extraversion
*Prosessed only for the light version of the Big Five personality test in «Ditt Økonomiske DNA»

Sources from which we gather your personal data

From you

Most of the personal data DNB registers will be collected directly from you as a customer, for instance when we process applications for loans or other products or you use our services in some other manner.

From third parties

To be able to offer you services and comply with statutory requirements, DNB will also gather personal data from third parties. In connection with outgoing payments, for example, we may collect information from payers, shops, banks, payment service providers and others.

Examples of such sources of information include:
- publicly available sources and other external sources/registers managed by public authorities (e.g. the National Registry and registers with the tax authorities)
- company registers
- law enforcement authorities etc.(e.g. the police, financial investigation units, etc.)
- sanction lists (kept by international organisations like the EU and the UN or national organisations like the Office of Foreign Assets Control (OFAC))
- social media
- agents and distributors
- records kept by credit agencies and other commercial entities that provide information about, for example, beneficial owners and politically exposed persons etc.
In some cases, when you give DNB authorisation to do so, we will also collect health data from healthcare institutions.

From cookies (information capsules)

When you visit DNB’s website, cookies are stored on your device. By device we mean, for example, your PC or mobile phone. Information capsules or "cookies" are small text files that are stored locally on your device and that make it possible to collect data about the use of our website. 
DNB uses cookies for the following purposes:
- Necessary: To provide a secure website with basic functionality 
- Tracking behaviour 
- Analysis: To analyse traffic, behaviour and sales in our online solutions on our website
- Personalization: Insight so that we can adapt the content to our visitors and offer relevant services and products 
- Follow-up of price calculations. For the time being DNB does not use cookies for this purpose 
- Advertising: To market our services and products through business partners and on other platforms that you use. For the time being DNB does not use cookies for customized advertising 
You manage the cookies 
- You can turn cookies for on and off in the control panel at the bottom of this page. Necessary cookies cannot be turned off here. 
- You can block cookies using the browser settings. You can also choose to allow cookies depending on whether they are a first-party or third-party cookie. Please note that this option must be selected in each browser. If you block all cookies, many websites will not function optimally. For example, DNB’s Internet bank will not function ideally and your user experience may be reduced. 
- Turn off the identification function on other platforms by contacting third parties directly. This solution is the only one that functions across browsers. 
Manage your cookies

Tracking of Internet behaviour

DNB collect and analyse data about your user behaviour on our websites.
This allows us to adapt our content to you. You can choose to turn off tracking to remain anonymous in our analytics and prevent online behaviour from being connected to you as a person. The choice you make is only valid for the device you are using now. If you want to make the same choice for your other devices, you have to repeat the process on the devices in question.

Customized Advertising

DNB does not use cookies for customized advertising.

Recording of telephone conversations and storage of electronic communication

DNB is required by law (e.g. according to the Norwegian Securities Trading Act) to record telephone conversations and store electronic communication in which you, as a customer, are given advice about loans, saving, investments or similar services. DNB records all conversations you have with advisers or brokers, e.g. in Markets, DNB Private Banking or DNB Asset Management, who provide the aforementioned services. DNB may listen to conversations and review other electronic communication for quality control purposes. 
Storage time:
Recordings may only be used when you or we have a need to document the advice given. Recordings are stored for at least five years and are deleted when DNB no longer has legitimate grounds for continuing to store them.

Disclosure to others: 
DNB can be ordered to disclose information to public authorities and others entitled to demand disclosure according to law. In addition, information may be disclosed to the Financial Complaints Board, for instance in connection with the consideration of complaints.

Right to play recordings:
Requests to inspect documentation concerning investment services and listen to recordings should be directed in writing to: DNB Bank ASA, Kort- og bankreklamasjoner, Beddingen 16, 7469 Trondheim. You can make such requests for up to five years after the conversation was recorded. When you ask for a recording to be played, you must specify when the conversation was recorded and from which telephone number.

Video surveillance

To prevent and detect criminal acts, buildings managed or leased by DNB are monitored by surveillance cameras. 
As a rule, surveillance videos recorded by security cameras that DNB controls are stored for seven days after the recording date. Surveillance footage of bank offices, branch offices, ATMs and payment terminals linked to in-store banking outlets is stored for 90 days. These storage periods apply except in cases where the surveillance video is given to the police or DNB has the right to use the video recordings for another purpose.

Purposes for which personal data is used

Customer administration

DNB will use your personal data to meet its obligations when executing orders for you and according to service agreements with you, and in connection with customer administration and invoicing. When entering into agreements with you and during the term of such agreements, DNB will register information about you and other persons involved in the contractual relationship, e.g. authorised users. DNB will also register information about individuals with whom it has declined to enter into agreements as a basis for informing the individuals that their application was declined and to be able to document the circumstances later on, if necessary. 
In order to safeguard our contractual rights and help our customers to fulfill their obligations under the agreement, it will be necessary to process personal data to send them payment reminders as well as suggesting a solution to the case, cf. GDPR Art. 6 (1) (b). 
In some cases, we may consider it necessary to transfer contact information and information about the claim to a debt collection agency. It is in DNBs legitimate interest under GDPR Art. 6 (1) (f), to safeguard the bank's financial rights by agreement with the customer, and that the customer fulfills its obligations under the agreement. The debt collection agencies are independently responsible for processing when they process personal data in their ordinary debt collection activities. 
In cases where defaults have ended in loss on DNBs hand, it will store financial information, identification information, debt collection history and information on the cause of losses and use this in future credit assessments to both safeguard the legitimate interest in avoiding new losses, and to comply with the duty to reject a loan under the Norwegian financial contracts act § 47.
We have a legitimate interest under the GDPR Art. 6 (1) (f), cf. Art. 9 (2) (f) to store information related to terminated agreements and default cases for up to 13 years in order to determine, enforce or preserve legal claims.


In customer relationships, we process identification information, contact information, financial information, relation information and digital behavioral information for marketing purpose on the DNB Group's financial products and services.

You have the right at any time to object against the processing of your personal information for marketing purpose. Please find below the information necessary to use your right to object in the chapter «What are your rights / Object against treatment and purpose

Below you will find specific information about scoring as a method for determining the relevant message to our customers. We also provide information about customer matching as a method of marketing directly on our customers' user profile in social platforms.
About the prediction scoring (profiling)
We believe our communication and marketing is best when it is made relevant to customer. It is in our legitimate interest to use our analysis models to support the decision making to our customer communication. (Please find spesific information about the model development under the chapter Analysis and development of new services) The selection is made by comparing selected features of the customer with our statistical models. 
The selected features consist of the customer's age, age group and postcode, information about the customer's existing accounts, loans, credit cards, savings agreements, funds and personal insurance, information about the customer's use of the products, including information about size range on balance, deposits and withdrawals, frequency of use, as well as information about the customer is or has co-debtors, guardians or guarantors, information about the customer's frequency for logins in DNBs online banking and apps. When the outcome of the comparison with the model gives a high number code for a scenario, it indicates relevance to the customer. Low scores give an indication to the contrary. Scoring takes place on a continuous, basic basis, and is renewed daily. The score is considered fresh and does not provide a basis for registering a permanent profile of the customer. 
We promote products from the entire group and DNB Bank ASA is in charge of and acountabble for the processing. If the customer has not agreed that the DNB group's companies can internally share, store and use information about customer relationships in DNB to provide more customized advice and offers, the bank will only collect and process neutral information about the customer's possible pension and insurance conditions, but not be entitled to process information about the customer's securities that are accounted for in the bank with DNB Markets, or funds that are managed with DNB Asset Management AS. In any case, the bank does not disclose personal information back to the group's companies in connection with this processing activity. Customers are given the right of access in scores until it is deleted. The customer can object against this scoring, or marketing entirety. See more about the right of access and the right to object and make reservations, below under chapter What are your rights?
About matching customer with user profile on social platform 
As an alternative to marketing directly to the customers´ email address or mobile number, it is in our legitimate interest to use thirdparties´ advertising services to reach out with our promotion, directly to customers' user profile in social media. We use a link service at both Schibsted and Facebook to publish our ad on the users profile When the same contact information as our customer is found in the profile, we have a match. Schibsted and Facebook are data processors for DNB. After the search service is completed, the data processor deletes the encrypted contact list. The user profile of the customer on the social platform remains unknown to DNB as it is not obtained.
The customer may protest against this processing. See spesific chapter below for information on What are your rights? / Object against processing and purpose


In DNB we define profiling as automated processing of data to analyze or to make predictions about customers; for example, assessing or classifying customers based on characteristics related to their financial situation, their personal preferences or transactional behavior.
We use profiling in connection with the preparation and implementation of marketing campaigns, for customer follow-up purposes and in the preparation of product offers. DNB has a legitimate interest in using profiling, for example when we perform customer analysis for marketing purposes or transaction monitoring to detect fraud. Please find the information about Prediction scoring (Profiling) under the chapter on Marketing, and the information about the right to protest against this processing under the chapter What are your rights? / Object against process and purpose.

Group customer register

The DNB Group has a shared customer register. The data in the register is used to manage customer relationships and coordinate offers of services and advice from the different companies in the Group. 
The group-wide customer register will contain neutral information about you like your name, date of birth, address and other contact information, as well as information about the companies in the Group you are a customer of, and the services and products for which you have entered into agreements. Your national identity number may be shared and registered in a group-wide customer register when the purpose is administration of the customer relationship.


DNB has implemented technical and organisational security measures to protect your personal data. DNB continuously seeks to ensure that your personal data is protected against loss, destruction, corruption or unauthorised access. Our security framework is updated regularly in line with technological developments. In addition, DNB is permitted to process personal data to pursue the legitimate interest of securing the Group’s assets, for instance in connection with logons to servers, the operation of infrastructure, firewalls, access controls and video surveillance.

Risk classification of customers and credit portfolios

DNB will process credit information and other personal data in accordance with the provisions of the Norwegian Financial Institutions Act and Securities Trading Act. This processing takes place in connection with the establishment of your customer relationship, determining which products and services are suitable for you and the use of systems to calculate capital adequacy requirements for credit risk. The internal measurement systems include DNB’s models, work and decision-making processes for approving and managing credit, control mechanisms, IT systems and internal guidelines for classifying and quantifying the Group’s credit risk and other relevant risk. The personal data used for this purpose is obtained from credit agencies.
DNB will process personal data in models that are used to assess how much risk the bank assumes. The models produce a set of key figures (PD, LGD and EAD), which are necessary to be able to determine how much risk capital the bank must hold at any given time. The key figures are estimated for each individual agreement the customer has in the bank. The key figures can later also be used in the bank's risk reporting or in the bank's processing of applications from the customer for, for example, credit. The information is collected on an ongoing basis, as it is necessary for DNB to continuously update the risk picture. As the data controller, DNB Bank ASA will be responsible for all stages of the processing. DNB has a statutory obligation to process your personal data for this purpose. For our PD and LGD models, we are required by law to store personal information for a minimum of 5 and 7 years, respectively. The personal information used in the model calculations can be stored for up to 50 years.

Prevention and detection of criminal acts

DNB is permitted to process personal data for the purpose of preventing, detecting, investigating and handling fraud and other criminal acts. In such cases, DNB may need to gather information and disclose it to other banks and financial institutions, the police and other public authorities. The collected information may be stored for up to ten years after it is registered. DNB will process personal data to fulfil its obligation to investigate and report suspicious transactions in accordance with the Norwegian Money Laundering Act. DNB has a statutory obligation to report suspicious information and transactions to the Financial Investigation Unit in ØKOKRIM (the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime). According to the Norwegian Personal Data Act and the Money Laundering Act, you are not entitled to inspect certain information registered by DNB in this connection as long as an investigation is still ongoing.
DNB will otherwise process personal data to the extent this is required or permitted by law or when you have given your consent. In addition, DNB is permitted to process personal data for the purpose of preventing and detecting criminal acts if this is necessary to protect a legitimate interest that overrides the right to protection of your personal privacy.

Customer authentication using electronic services

When you use DNB’s electronic services, DNB is permitted to register your user behaviour and user environment and any deviations from these, identify the computer or mobile device you use to carry out the banking service, the state of the computer/unit etc. DNB will use this data to make sure that the right person is using the service in question. DNB may also use the data in a risk assessment to adjust the authentication method that you have to use for the service.

Analysis for development and optimizing of new services

DNB may choose to reuse collected customer information to analyze how customers use the services to the improvement of existing products and services or to the development of new. This includes identifying potential demand for products and services, as well as performing tests related to the development.

It is in our legitimate interests to develop, build, improve and put in place business models, systems, products and services, and to produce and provide reports for our benefit, and provide a high standard of service. The developing, maintaining and validating of data models, are based on pseudonymous information in predefined data sets with information for conducting strategic, insight-based business. To ensure that the model provides a representative picture of customer portfolio, the pseudonymous data set consists of age, age group and postcode, existing accounts, loans, credit cards, savings agreements, funds and personal insurance, use of products, occurrence of roles as co-debtors, guardians or guarantors. as well as logins in DNBs´ online banking and apps. Model development is due to a constant process to ensure decisions in business development. This processing activity does not involve concrete scoring or profiling, and has no direct significance for the customers. However, if the models are to be used for specific scoring of customers in connection with marketing purposes, it will have a direct impact on the customer. We recommend that you read more about this in the chapter What purposes is personal data used for? / Marketing. See also the chapter What are your rights? / Object against processing and purpose

Automated decisions

In some cases, we can use automated decisions when this is permitted by law and you have explicitly consented to this, or if it is necessary for the performance of an agreement, e.g. automated credit decisions in our online channels. You may, at any time, request manual processing instead, state your opinion or contest a decision that is exclusively based on automated processing, including profiling, if such a decision could have legal or other significant consequences for you.
When we use automated decision-making processes, we will give you additional information about the underlying logic that is used and the consequences it can have for you.

Statistics to public and private businesses

At DNB Bank, we process personal data to provide statistics to public and private companies. The statistics we share are never personal information only non identifiable. The companies may use the statistics to improve goods, services, communications and offers to their consumers. Our legal basis of processing for this purpose is legitimate interest. The statistics we create are based on demographic information, product information and transaction information. In some cases, we also use additional information from public registers, such as from the Mapping Authority (Kartverket). Examples of statistics can be groups of residents who travel collectively, which age groups most often go to the cinema, how many customers live in detached houses, the time of day that most people in the grocery store, or what average people in a municipality pay in electricity, telephone subscriptions, food consumption, etc. You have the right to object to including your personal data in the statistics. You can do so in the online banking, through the menu Settings.

Costumer and market surveys

We process personal data for the purpose to execute customer and market surveys. In order to get feedback from our customers about what they expect of DNB, their experiences or what input they have for improvements it is necessary to conduct surveys. It is voluntary to participate. Our analysis agencies receive the contact information to conduct customer surveys on behalf of DNB. The analysis agency is DNB`s data processor and subject to a data processor agreement. As controller for the processing DNB is responsible for all stages of the survey. DNB has a legitimate interest in processing your contact information and answers for this purpose. By participating in the survey, you agree that we may process your information. The analysis agency deletes the customer lists automatically after 6 months. Exceptionally, the files are stored for 24 months for follow-up examinations that take more than 2 years.

Who we are permitted to share your personal data with

Third parties

We sometimes need to disclose information about you when we deliver services and products. If, for example, you have instructed us to transfer money or securities, we need to disclose certain information to carry out the transfer.To obtain the rating necessary to optimize deposit terms and thus favorable interest rates for the customer, DNB will in addition to sharing necessary information within the group, give information to external agencies to provide such rating. 
When DNB outsources tasks that call for a service provider to process personal data on behalf of DNB rather than for its own purposes, the service provider will normally be a data processor. In such cases DNB is required to enter into a data processor agreement with the service provider. This applies irrespective of whether DNB uses data processors in Norway or another country in the EEA. 
The DNB Group uses data processors (e.g. providers of IT services) to gather, store or otherwise process personal data on its behalf. In such cases, DNB will enter into agreements with data processors to ensure that such processing meets the requirements stipulated in privacy protection regulations and DNB’s requirements for processing personal data. The use of data processors is not regarded as disclosure of personal data.
DNB currently uses the following types of data processors:
- software providers 
- cloud solution providers 
- distributors and agents 
- sourcing partners
- consultants

Transfer of personal data to countries outside the EEA

All transfers of personal data from DNB to a service provider are conditional on a data processor agreement between DNB and the service provider. This applies irrespective of whether DNB uses data processors in Norway or another country in the EEA. In some cases, DNB transfers personal data to organisations in countries outside the EEA, e.g. providers of IT services or other data processors. Such transfers are only permitted when the data controller or data processor has issued the required guarantees and on the condition that the individuals are guaranteed enforceable, effective rights. 
According to the GDPR, there must be a legitimate reason for such transfers, and some of the following conditions must be met: 
- The European Commission has determined that there is an adequate level of protection in the country in question. 
- Other suitable security measures have been implemented and/or the data processor has given the necessary guarantees that personal data will be processed in a secure manner, e.g. by means of standard contracts (the EU’s standard clauses) approved by the European Commission, or the data processor has valid, binding corporate rules (BCR). 
- It is an exception, under special circumstances, e.g. in order to perform an agreement with you or when you have consented to the transfer in question.

Legitimate grounds for processing

Necessary to perform an agreement with you

DNB must have legitimate grounds for processing personal data. The most important legitimate grounds are listed below.

DNB primarily processes personal data for the purposes of customer administration, provision of financial advice, invoicing and the provision of banking, insurance and financing services in accordance with your agreements with DNB.

Statutory obligations

DNB processes personal data to meet its obligations according to laws, regulations and the decisions of the authorities.
Examples of processing for the purpose of fulfilling statutory obligations: 
- preventing and detecting criminal acts such as money laundering, terrorist financing and fraud
- monitoring sanctions 
- to meet accounting requirements 
- to submit reports to the tax authorities, the police, execution and enforcement authorities and supervisory authorities 
- to meet requirements and obligations related to payment services
- to meet other obligations according to legislation concerning specific services or products such as securities, mutual funds, collateral, insurance or home mortgages
- supervisory controls whether the financial undertakings are organized and operated in a responsible manner and in accordance with applicable business requirements

Legitimate interest

DNB is permitted to process personal data when this is necessary to protect a legitimate interest that outweighs an individual’s right to protection of personal privacy. The legitimate interest must be legal, predefined, real and justified by business operations. 
Examples of processing based on legitimate interests:
- marketing in connection with ongoing contractual relationships
- customer analyses based on profiling for marketing purposes
- transaction monitoring to detect criminal acts


If there is no other statutory basis for processing, DNB’s processing of personal data must be based on your freely-given, specific consent. You will always be asked to give your consent if personal data categorised as sensitive (e.g. information about your health, religious beliefs, sexual orientation, ethnicity etc.) needs to be processed. 
Even if you have given DNB consent, you can withdraw it at any time. If you withdraw your consent, the processing will be stopped and, if further storage of the data in question is conditional on your consent, it will be deleted. Information about the purpose, processing activities and your right to withdraw your consent will be provided when you are asked to give DNB your consent through different channels.

Your rights

Access to information and data portability

A request for data access gives you the right to inspect the data that we have stored about you. This applies to data you have provided yourself, data we have obtained from external sources and information about the processing of this data. Your right to data access does not extend to internal assessments and similar internal data created by data controllers on the basis of personal data you have given us. The same applies to certain personal data we have gathered to fulfil statutory obligations, such anti-money laundering obligations. Please check the online bank for detailed information and historical data about the products and services you use. If you do not subscribe to our online banking services, you will have received this information in our regular dispatches by post. 
Data access report
The data access report provides you with an overview of your registered personal data, description of the types of information being processed and details of how we process the data. 
Data portability report
Data portability is your right to receive personal data you have given us. The information must be sent in a machine-readable format. This applies to information you have given us directly, given us consent to collect or that is required to perform an agreement. More detailed information and historical data about your products and services can also be downloaded from the online bank. 
If you are or have been an employee or have applied for a position at DNB and wish to request a copy of your personal data related to this in DNB’s records, please contact HR Administration at, and specify the telephone number on which you want to be contacted. The same applies if you otherwise have been engaged by DNB. 
If your request conserns DNB Næringseiendom AS or companies that are managed under DNB Næringseiendom AS, please contact us directly at Please provide the telephone number you wish to be contacted on.

The right to object to data processing

You have the right to object to the processing of your personal data that takes place on the basis of legitimate interests, unless such interests override your fundamental rights or freedoms. We will assess and respond to such a protest. Inquiries are directed to our service department for complaints here.
In cases where the processing of your personal data is based on our legitimate interest and the information is used for direct marketing and profiling in connection with such marketing, we will always act on the request and the processing will be terminated.
Below you will find instructions on how to administer your right to reserve against processing or purposes in their entirety.
Object against all marketing. (No to advertising/ «Nei til reklame») 
Below you may easily and free of charge reserve your self against marketing or decide whether there are contact points you prefer not to receive marketing at. Customers can also withdraw any consent regarding marketing in the online bank under Settings. Please note that invitation to events are included in the reservation against marketing. The contact points are:
- SMS 
- E-mail MTD - «Melding til deg» = Message for you in your online bank 
- DM - Direct mail TLF -Telefon = Telephone 
- Or ALLE = All contact points together 
Please contact Custom service on chat or phone number +47 915 04800 for your preferances If you contact Custom service and make a objection against marketing on ALL contact points, we register that your possible consents in the online bank that apply to marketing have been withdrawn. If you later opt for consent in the online bank, your previous message to customer service will cease. Our scoring of prediction scoring and customer matching *, ceases if you object against all marketing (No to advertising). 
*Please find information about prediction scoring av custom matching in the chapter Marketing above. To whom is not a customer of DNB, DNB must relate to the Reservasjonsregister in Brønnøysund. Electronic, direct marketing to individuals without customer relationships is not legal without consent. DNB may legally advertise in social channels as long it is not personalized. User controls own settings in the social channel. 
Object against prediction scoring (profilering) for marketing purpose
Please contact Custom service on chat or phone number +47 915 04800. Please find information about the processing method in the chapter Marketing. 
Object against custom matching for marketing purpose 
Log in the online bank to object against custom matching. Please find information about the processing method in the chapter Marketing. 
Object against customer and market surveys 
Please contact Custom service on chat or phone number +47 915 04800. Please find information about the purpose in the chapter Customer and market surveys 
Object against statistics to private and public businesses
Log in the online bank, go to Settings/Conscent and reservation and turn the setting to NO. Please find information about the purpose in the chapter Statistics to private and public businesses 
Object against tracking of digital behaviour on web site
Please find information above on how to make your settings in the Cookies chapter

The right to erasure of personal data

As long as you have one or more active agreements with us, we will need to store personal data about you that is linked to these agreements. After an agreement expires, the personal data will be stored for a while to ensure that you get the best possible customer service. The other reasons for storing data after agreements expire are to meet our statutory obligation to store data and to defend ourselves against any legal claims. After the set storage period your personal data will be deleted. 
DNB is required by law to store certain data, including personal data, for purposes such as ccounting, tax reporting and reporting to the authorities. This data will also be deleted automatically, but normally after a longer period of time. It should be underlined that this personal data will only be used for the above-mentioned purposes and access to it is thus strictly limited. 
- Documentation related to an agreement is stored up to 13 years after the termination of the agreement 
- Documentation obtained and prepared to prevent and detect money laundering and terrorist financing is stored not less     than 5 years after completion of transaction or termination of customer relationship 
- Information we are required to store in accordance with the Accounting Act and the Accounting Regulations is stored up     to 10 years - Audio recording of investment services is stored for no less than 5 years 
- Information obtained for the calculation of regulatory capital requirements and for credit risk is stored up to 50 years. 
- The personal information used in the model calculations for risk classification of customers and credit portfolios can be stored for up to 50 years. 
- Documentation obtained to control whether financial undertakings are organized and operated in accordance with current requirements is stored for 10 years.
If all of your agreements with us are cancelled, we will also terminate your customer relationship. 
If you, as an existing or former customer, want DNB to restrict the processing and retention of your personal data, you are entitled to request us to apply access restrictions to it or delete it in accordance with Norwegian legislation (“the right to be forgotten”). Send a request for erasure and access restriction. 
If you want to terminate a service or agreement, please do not use this form. Instead, contact customer service at +47 915 04800. 
If you have applied for a job in DNB, or you are an existing or former employee, and you wish to have your personal data deleted, please contact HR Administration at Please provide the telephone number you wish to be contacted on. If your request concerns DNB Naeringseiendom AS or companies that are managed under DNB Næringseiendom AS, please contact us directly at Please provide the telephone number you wish to be contacted on.

Correction of incorrect personal data

If the data we have about you is inaccurate or incomplete, you are entitled to request rectification of the data within the limits that follow from legislation.

Contact information

Questions and complaints

For customers of DNB companies in Norway:
If you have any questions about this privacy protection statement or about how DNB handles your personal data, you can contact DNB’s customer service centre 24 hours a day by means of the chat function in the Internet bank, on telephone number +47 915 04800 or via Click here if you want to send a complaint to DNB electronically. If you want, you can also send your complaint directly to the Norwegian Data Protection Authority. For more information, please see the Data Protection Authority’s website. DNB also has a data protection officer who can be contacted by email: or by post: DNB, c/o Personvernombud, P. O. Box 1600 Sentrum, 0021 Oslo, Norway. 
For customers of DNB companies outside Norway:
If you have questions about how DNB processes your personal data, or about this privacy protection statement, please contact your international DNB office. Your international DNB office will also be able to give you information about the local data protection officer. You can also send your complaint directly to the local data protection authority. Check your local data protection authority’s webpage for information about this.


In DNB, we continuously seek to improve and develop our services, products and websites. In the event of any changes of the rules for processing personal data, changes of our services and products or other changes that affect this personal privacy statement, the information in this statement will be changed correspondingly.

Change log

Version Which chapter Description
2022 May Legitimate grounds for processing
Statutory obligations
New point considering supervisory controls of the financial undertakings
2022 May Your rights
The right to erasure of personal data
New point considering erasure rule for documentation obtained to control financial undertakings
2022 February Purposes for which personal data is used/Customer administration More about contracttual default
2022 February The rights/The right to erasure of personal data Detailing the list of erasure rules
2021 October The types of data we collect Reorganized the types of data (information)
Added a new type - personality information
2021 October Sources from which we gather your personal data/Cookies (information capsule) Information improvement
2021 October Purposes for which personal data is used/Marketing Rearranging the text. 
More about the prediction scoring (profiling) as a methode to decide marketing action or other communication to customer. Guiding to the right to object against profiling for marketing purpose. More about the custom matching for the purpose to do marketing directly towards DNBs customer on social, external platform.
2021 October Purposes for which personal data is used/Profiling Guiding to the right to object against profiling for marketing purpose
2021 October Purposes for which personal data is used / Risc classification of customer and credit portifolio More about the financial institutions models to perform risc assessment
2021 October Purposes for which personal data is used /Analysis for development and optimizing services More details about the analyzing 
2021 October Your rights/Objection to processing Text and more guiding on how to object against specific purposes or process methods.
Contact us
(+47 915) 04800
Contact the Data Protection Official in DNB

Tips for secure use of the bank

We recommend that you follow our security tips. Click here for more information on secure use of the bank. (In Norwegian)