What is the N26 Webform for GDPR requests?
Safeguarding personal and financial data of our customers is one of our highest priority. For this reason we provide our N26 webform for GDPR requests which enables all N26 customers, former N26 customers (whose account is now closed) and their authorized representatives, who have enquiries about personal data, to contact N26 in a secure way.
How does it work?
The webform (new tab) should be used when a N26 customer or N26 former customer wants to exercise their rights under the General Data Protection Regulation ("GDPR") themselves or through an authorized representative. In particular, you will be able to exercise:
- Right of access, under Art. 15 GDPR (new tab)
- Right to erasure ("right to be forgotten"), under Art. 17 GDPR (new tab)
- Right to object to processing, under Art. 21 GDPR (new tab)
You can expect to receive an answer from our dedicated team within a maximum of 30 calendar days.
When filling out the webform, you will be asked to enter:
- Your country of residence
- Your N26 status (customer, former customer, authorized representative thereof)
- Your request type
- Name, last name and email address
As a N26 former customer or an authorized representative, is there anything else I need to provide?
Former customers and their authorized representatives are required to upload further documentation in order to legitimize their identity and ensure that the receiver of the data is actually entitled to do so.
Here is the documentation required:
- Former customers: copy of the ID / Passport
- Authorized representatives: signed Power of Attorney
Once the form is filled out in its entirety, click on Submit and send your request.
Why is a manual ID / Passport review needed for N26 former customers?
As the identity of former customers is not verifiable via their interactions with our WebApp or App, since they have no access to the WebApp or App, we need to be able to legitimise their identity by using alternative means.
Essentially, we request a copy of the ID / Passport for identity validation purposes and to ensure personal data, including financial information, does not fall into the wrong hands, as per Art. 12 (6) GDPR. The copy will be deleted after the request is deemed to be fulfilled. We kindly advise former customers to black out any information which is not relevant to the identification process. We require the following data points to be visible on the copy provided to us, and which cannot be blacked out:
- Full name
- Date of birth
- Expiry date
Questions or concerns about this topic?
Feel free to contact our Customer Support team. We can be reached at firstname.lastname@example.org (new tab).