International Cooperation for the Protection of Personal Data

Last Updated: 22 Oct 2025

Effective Date: 18 september 2023

Issued by: Neobank Capital

Applies to: All employees, contractors, subsidiaries, affiliates, and partners of Neobank Capital

1. Purpose

Neobank Capital operates globally and is committed to protecting personal data through cooperative engagement with international regulators, supervisory authorities, and partner organizations.

The purpose of this policy is to:

Ensure compliance with international data protection laws.
Promote responsible data sharing and cooperation with foreign regulators.
Facilitate joint investigations, audits, and enforcement actions to protect individuals’ rights.
Establish clear protocols for cross-border collaboration while safeguarding customer data.

2. Scope

This policy applies to:

All personal data processed by Neobank Capital that may be subject to international cooperation.
Interactions with foreign data protection authorities (DPAs), law enforcement, and regulatory bodies.
Collaboration with partners and vendors in jurisdictions outside the country of data collection.
Internal teams and officers handling requests for cooperation or joint data protection initiatives.

3. Principles of International Cooperation

Neobank Capital adheres to the following principles when engaging in cross-border cooperation:

Lawfulness and Transparency: All cooperation must comply with applicable laws and regulations and be communicated transparently.
Purpose Limitation: Personal data will be shared strictly for legitimate and defined purposes, such as regulatory compliance, fraud prevention, or legal investigation.
Data Minimization: Only the minimum necessary personal data required for cooperation is shared.
Security: All shared data must be transmitted and stored securely using encryption and access control measures.
Accountability: All cooperation activities are logged, auditable, and overseen by the Data Protection Officer (DPO).
Respect for Data Subject Rights: Data subject rights are preserved, including access, correction, objection, and erasure, wherever legally feasible.

4. Cooperation with International Data Protection Authorities

Neobank Capital actively engages with DPAs, regulators, and supervisory authorities in jurisdictions where personal data is processed.
The DPO serves as the primary liaison for international regulatory communications.
Cooperation may include:
Notifications of breaches affecting multiple jurisdictions.
Joint audits or inspections.
Exchange of best practices, guidance, and compliance methodologies.

5. Cooperation with Law Enforcement Agencies

Personal data may be disclosed to foreign law enforcement only when required by law, treaty, or formal request.
Requests must be reviewed by the Legal & Compliance Team and approved by the DPO.
All law enforcement requests are documented, including scope, justification, and legal basis.
Data disclosure is limited to what is strictly necessary for the investigation or legal process.

6. Cooperation with International Partners and Vendors

Partners and vendors outside the country of data collection must comply with Neobank Capital’s international data protection standards.
All cooperation agreements must include:
Data protection obligations aligned with GDPR and other relevant laws.
Encryption and security measures.
Protocols for cross-border data handling.
Periodic audits ensure compliance with these obligations.

7. Joint Investigations and Enforcement Actions

Neobank Capital may participate in:

Cross-border investigations initiated by regulatory authorities.
Data protection enforcement actions that require coordination with foreign DPAs.
Collaborative remediation of data breaches impacting multiple jurisdictions.

All joint actions must be coordinated through the DPO and documented for accountability and compliance purposes.

8. Documentation and Reporting

All international cooperation activities are recorded in internal compliance logs.
Records include:
Parties involved (regulators, partners, law enforcement)
Purpose and scope of cooperation
Data categories shared
Legal basis and authorizations
Security measures implemented
Documentation is retained in compliance with Neobank Capital’s Records of Processing Activities (ROPA).

9. Training and Awareness

All employees, contractors, and affiliates involved in international cooperation must undergo mandatory training on:
International privacy laws (GDPR, UK GDPR, Swiss FADP)
Secure data handling and encryption protocols
Regulatory liaison procedures
Training is updated annually or upon significant regulatory or operational changes.

10. Roles and Responsibilities

Role	Responsibility
Data Protection Officer (DPO)	Coordinates all international cooperation, reviews requests, ensures compliance with laws and internal policies.
Legal & Compliance Team	Evaluates legal basis for cooperation, prepares agreements, liaises with regulators.
IT & Security Team	Ensures secure transmission, storage, and handling of data shared internationally.
Employees / Contractors	Must report any request or incident requiring international cooperation to DPO immediately.

11. Review and Updates

This policy is reviewed annually or sooner if international regulations, company operations, or cooperation practices change.
Updates must be approved by the DPO and Chief Legal Officer (CLO).

12. Contact Information

Data Protection Officer (DPO)

📧 privacy@neobank.capital

📍 Neobank Capital – Global Privacy Office, 2355 116 74, Stockholm, Sweden

On this Page

Contents 1. Purpose 2. Scope 3. Principles of International Cooperation 4. Cooperation with International Data Protection Authorities 5. Cooperation with Law Enforcement Agencies 6. Cooperation with International Partners and Vendors 7. Joint Investigations and Enforcement Actions 8. Documentation and Reporting 9. Training and Awareness 10. Roles and Responsibilities 11. Review and Updates 12. Contact Information

Home