RiverBank™ S.A.

You are connected to website (hereinafter the "Website") owned by

RiverBank ™ S.A.
5, Boulevard Royal
L-2449 Luxembourg
Tel.: +352 274937

RiverBank S.A. (hereinafter the "Bank") is a public limited company (société anonyme) governed by Luxembourg law registered with the Luxembourg Trade and Companies' Register under number B 202.096, registered for VAT under the number LU 28448743, authorised in Luxembourg as a credit institution with a full banking licence under number B00000400 and subject to the supervision of the Luxembourg financial regulator:

Commission de Surveillance du Secteur Financier, 283, route d'Arlon, L-1150 Luxembourg, Postal address: L-2991 Luxembourg
Telephone: (+352) 26 25 1-1, Fax: (+352) 26 25 1-2601,


In compliance with the Regulation (EU) 2016/679 of the European Union of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (also called Global Data Protection Regulation, or GDPR), we wish to inform you that we , if you register via the Website, collect certain personal data about you and process such data. We may ask these data directly to you or we may get the data elsewhere.

Your data is constituted of

  1. Your name and first name
  2. Your email address
  3. Your professional telephone number
  4. Your mobile telephone number
  5. The name of the company for which you are working
  6. If you are an authorized signatory or a direct or ultimate beneficial owner of the company under 5) above, a copy of your identification card or passport. In case we have not yet collected this copy, please be aware that we will ask this copy and that we will process such copy in the ordinary course of providing our services. Such copy qualifies as personal data falling under the terms and conditions detailed in this policy.


A cookie is a small file that is placed on your device, which enables a server to identify that device and allows us to offer the best services possible. Cookies are commonly used on the Internet and do not harm your computer system.

We may, from time to time use and serve cookies, pixel tags, action tags or similar technologies.

We use cookies, pixel tags or action tags for various purposes, including:
- Collating anonymous aggregated information that is used to manage and plan enhancements to our services.
- To evaluate the effectiveness of our advertising and promotions on third party websites, for example by tracking whether these advertisements are clicked on by users.
- To assist in the provision of ads which are relevant to you when browsing the internet. We are continually looking to improve your user experience and so regularly adopt and implement new technologies to help us do this.


Your data is collected for the purpose of ensuring compliance with applicable legislation, notably with the law of 12 November 2004, as amended, on the fight against Money Laundering and Terrorism Financing as well as for the purpose of allowing us to process the loans that you may input into our system. We may as well use such data for general marketing purposes, including the sending of newsletters and of other relevant information.

Your data is kept for as long as the law requires us to keep it. This is usually five years after the end of the relationship that has led us to collect your personal data.

We do not use automated decision making. Should we use automated decision making in the future, we will inform you accordingly.


We have been processing your data as a data controller (determining the purpose for which and the manner in which any personal data are, or are to be processed) as well as a data processor (doing the actual data processing). Sometimes we process your data only as a data controller, in which case we have appointed a data processor. This data processor is EBRC S.A. - RCS Luxembourg B72585 – 5, rue Eugène Ruppert L-2453 Luxembourg – Phone +352 26 06 1.

The data processor only receives encrypted data. The data processor has no key for decrypting the data, thus is technically not in a position to have actual knowledge of your personal data. Using the services of the data processor is necessary for allowing us to deliver the services that we intend to provide to you and/or your customers. In the agreements with the service provider, we ensure that, in addition to us encrypting, data is kept secure and not transferred to a third party. Apart from the above, we do not share data with third parties or in general transfer data outside the European Union.


Under GDPR, you have the following rights:

  1. Right to Access
    Upon request we will provide you with a confirmation as to whether or not your personal data are processed by us, what data are being processed, where these data are being processed and for what purpose.
  2. Right to Modify
    You have the right to request us to modify your personal data, in full or in part in case the data is found to be incomplete or inaccurate. You may as well ask us to modify the data we keep in case you deem the data inadequate for achieving the purpose for which it is kept. We may keep track of such modifications in case the law requests us to do so.
  3. Right to be Forgotten
    You have the right to request us to erase your personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. We may refuse such request if the law requires us to keep your data.
  4. Data Portability
    You have the right to receive a copy of the personal data, that you previously provided, in a 'commonly use and machine readable format' to enable you to transmit that data to another controller. We may charge a reasonable fee for that.
  5. Breach Notification
    In case a breach has occurred, we have an obligation to inform you of such breach, if such breach is likely to “result in a risk for the rights and freedoms of individuals”. without undue delay after first becoming aware of a data breach.
  6. Consent withdrawal
    You have the right to withdraw your consent at any time for processing all or a part of your personal data. Such withdrawal of consent may likely result in a refusal to provide additional services to you or to service the loan that we have been requested to provide.
  7. Right to claim
    In case you are dissatisfied with our services regarding the handling of your personal data, you have the right to issue a claim to the supervisory authority for the protection of personal data, being the Commission Nationale de Protection des Données (CNPD), located at 1, avenue du Rock’n’Roll, L-4361 Esch-sur-Alzette, telephone (+352) 26 10 60 -1. Please consult for further information.


The purpose of the Pillar III is to impose on regulated credit institutions the disclosure of specific information, notably but not limited to (i) financial figures (ii) profit and loss details (iii) internal governance, (iv) risk management approach and (v) loan book analysis, based on both quantitative and qualitative approaches. Such document, once communicated annually to the regulator, is available via this link.


In case you have a complaint about a financial product or service provided by RiverBank S.A. our Complaints procedure foresees the following escalation steps:

1. You can send a complaint about any financial product or service provided by RiverBank S.A. in writing by post addressed to: RiverBank S.A. Attn. Legal Department 5, boulevard Royal L-2449 Luxembourg Any complaint must explicitly indicate that it is a complaint, has to include the customer's contact details and comprise a brief description of the reason for the complaint. A written acknowledgment will be sent to the complainant within 10 business days of receipt. RiverBank S.A. undertakes to provide an answer to complaints without undue delay and in principle within one month from the date the complaint was received. Where an answer cannot be provided within this period, RiverBank S.A. will inform the complainant of the causes of the delay and indicate the date at which its examination is likely to be achieved.

2. In the event that the response provided is not satisfactory to the complainant, the complaint and the response provided to the complainant may be referred to the authorised manager of RiverBank S.A. in charge of the management of the complaint treatment:

Mr. Robin RINKES
Head of Sales
RiverBank S.A.
5, boulevard Royal
L-2449 Luxembourg

3. Should you not be satisfied with the solution or response given after escalation to the authorised manager in charge of the management of complaint treatment, you can file a request for an out-of-court complaint settlement, in accordance with the provisions of regulation no. 16-07 issued by the Commission de Surveillance du Secteur Financier, by the following means:

By post:
Commission de Surveillance du Secteur Financier
Département Juridique CC
L-2991 Luxembourg
Grand-Duchy of Luxembourg

By phone : (+352) 26251-2574 or (+352) 26251-2904
By fax : (+352) 26 25 1 – 601

By e-mail:

More details on the out-of-court complaint resolution can be found on the site of the CSSF:


The Website is governed by the laws of the Grand Duchy of Luxembourg. The District court in and of Luxembourg has exclusive jurisdiction to settle any dispute arising out of or in connection with the Website.


© RiverBank S.A. all rights reserved. The reproduction of any part of the Website by any means without the prior written consent of the Bank is strictly forbidden. The name "RiverBank" as well as its logo are trademarks of the Bank. The reproduction, adaption, use or modification of these trade marks by any means is strictly forbidden without the prior written consent of the Bank.

Your browser is ancient! Upgrade your browser to experience this site.