ING Binding Corporate Rules Quiz

Questions and Answers

What do the Binding Corporate Rules (BCR) aim to protect?

Only business partner data

Only client and supplier data

Client, supplier, business partner, and employee data (correct)

Only employee data

Which document is not part of ING's Binding Corporate Rules?

Global Data Protection Policy for Employee Data

Global Data Protection Policy for Supplier Data

Global Data Protection Policy for Client Data

Global Personal Data Protection Internal Policy (correct)

Who approves the Binding Corporate Rules documents?

The ING Board of Directors

Local government agencies

Client representatives

The Dutch Data Protection Authority (correct)

Where can individuals find ING’s Global Data Protection Policies?

on ing.com and publicly available

What is a component of ING's internal policies?

Global Personal Data Protection Process Control Standard

What is the primary role of the data protection executive (DPE) office?

To address questions related to personal data

Which regulation does the DPE office help ensure compliance with?

GDPR

What is one of the activities managed by the DPE office regarding data breaches?

Coordinating actions around data breaches

Who does the DPE office support in relation to data protection?

Business unit data protection executives (BU DPE)

What should you do if you have questions about personal data?

Familiarize yourself with the local DPE

What does ING's binding corporate rules (BCR) agreement require?

To apply GDPR principles globally unless local law requires otherwise

What internal policy does ING have to manage personal data protection?

Global Personal Data Protection Policy (GPDP)

Which regulation must ING comply with regarding personal data?

EU General Data Protection Regulation (GDPR)

What is the primary commitment of ING when handling personal data?

To handle data in a manner consistent with the expectations of individuals

Why is ING subject to multiple data protection laws?

Due to its global banking operations and local regulations

Who is responsible for complying with and implementing the GDPR policy within a business unit?

Chief Operating Officer

Where can you find the data protection contact list at ING?

On ING Today

What is the global accountability level for the bank's Data Protection Executive (DPE)?

Management Board Banking

Which role is filled by the Business Unit Data Protection Executive (BU DPE)?

Chief Operating Officer

What are the BU DPE's responsibilities regarding data protection?

Complying with GDPR policy and BCR

Why is it important to protect personal data?

It is the right thing to do.

What does the global code of conduct at ING demand?

To protect personal data.

What should employees at ING do regarding personal data?

Take ownership and be vigilant.

Which of the following best describes the approach ING takes towards personal data protection?

It involves collaboration and adherence to values.

What are employees encouraged to utilize within ING to support data protection?

Policies, departments, and people.

What is the primary responsibility of the business unit data protection officer (BU DPO)?

To provide advice and challenge on personal data processing

Who is the primary point of contact for the Data Protection Authority?

The bank DPO

What does the DPO monitor compliance with?

GDPR, BCR, and local data protection requirements

What role does the global bank DPO hold?

They advise on cross-border data protection issues