Security of services, transactions and customer data

Topic from the Materiality Matrix: Security of services, transactions and customer data

  • GRI:
  • Management of material topics (identified as material in the materiality matrix)3-3
    Management of material topics (identified as material in the materiality matrix)
  • Total number of justified complaints regarding breaches of customer privacy and data loss418-1
    Total number of justified complaints regarding breaches of customer privacy and data loss
  • Number of customers using mobile and online bankingCustom indicator
    Number of customers using mobile and online banking
  • Number of interactions in remote channelsCustom indicator
    Number of interactions in remote channels
  • GPW:
  • Data protection policyG-S1
    Data protection policy

We process significant amounts of customers’ personal data and other confidential and sensitive information which is exposed to the risk of breach and to attacks by cyber criminals. Therefore, security of services is a topic that has been important to us for many years. Due to the increasing digitization of the financial sector, all our services and operations guarantee the security of personal data and other confidential information. We meet the highest national and EU standards in this area.

2,452
 
million
active clients Santander mobile

We have established a comprehensive cyber security system based on best practices and state-of-the-art technological solutions. Our information security management system is certified in accordance with ISO/IEC 27001:2013 and includes the supervision of information security in the business environment of Santander Bank Poland Group and the assessment of specific requirements for information security and information systems.

All IT security regulations and processes are monitored on an ongoing basis and adapted to changing conditions. As a result, we are constantly improving the security level of transaction systems and tools used by customers on a daily basis, strengthening mechanisms for protecting customer data and our own infrastructure.

  • GRI:
  • Total number of justified complaints regarding breaches of customer privacy and data loss418-1
    Total number of justified complaints regarding breaches of customer privacy and data loss

We monitor compliance and complaints from stakeholders. In 2022, we received at Santander Bank Polska S.A. 21 legitimate complaints from third parties regarding violations of customer privacy. We did not receive complaints from administrative bodies in this regard. No confirmed cases of data leakage (loss) were reported to us in 2022. We have been imposed 1 penalty under Regulation 2016/679 (GDPR). The decision is not final and we have appealed against it – see the Transparency subsection for details.

  • GRI:
  • Activities implemented to ensure cyber securityCustom indicator
    Activities implemented to ensure cyber security

  • How we took care of cyber security in 2022:

  • we cooperated within the financial sector with the Polish Bank Association to share knowledge and best practices on the topic of cyber security,

  • we participated in projects, events in support of cyber education (including the BAKCYL project aimed at young people) we ran an educational campaign in social media Don’t Believe in Fairy Tales for Adults strengthening cyber awareness, we carried out activities aimed at customers who use the Internet less often,

  • we continued to provide free CyberRescue service with an additional online protection CyberRescue experts help customers in crisis situations, such as the theft of funds from virtual wallets,

  • we regularly published warnings about cyber threats in online banking, on our websites and social media profiles,

  • we further educated employees responsible for ensuring cyber security,

  • the Santander Foundation also implemented a grant program called „Hacks for Cyberattacks” described in detail in the section Major Grant Projects of the Foundation.