Nordea Bank Finland Plc handles all personal information it collects according to the Finnish Personal Data Act and the legislation on credit institutions and in keeping with bank secrecy and privacy protection. Personal information is handled and collected for the operations and services of the bank. Information is collected from persons registered in the bank's customer register or their representatives, from public registers kept by the authorities, and from the customer default register. If the nature of a service or a product so requires Nordea Bank Finland Plc also uses personal credit information. The credit information is collected from Suomen Asiakastieto Oy’s credit information register. Nordea Bank also uses its customer register in marketing directed at its customers. When a business transaction or service situation so requires, the bank will tape a telephone conversation or save an email message to confirm its content. Bank secrecy forbids the transfer of information in the bank's possession to a third party without a permission by the person concerned and unless the law so requires.

A description of the bank's customer register (personal data file) referred to in the Personal Data Act is available at Nordea Bank Finland Plc's offices and web site at the address www.nordea.fi using a terminal whose browser supports frames.