Center of Competence for the new European GDPR (General Data Protection Regulation)

The new European GDPR (General Data Protection Regulation) involves all companies that process, manage or store personal data of European citizens. The new rules, which will become active next May 25, 2018, are a strong commitment of the European Union to ensure maximum safety and rigorous protection of personal data.

Citizens have the right to oppose, modify, delete, or move personal data, among other rights. In the particular case of financial institutions, the new legislation provides that customers without a valid acceptance record, or simply when no there is no physical evidence of such acceptance, will be required to sign at any moment when loging into the electronic banking service, operating on ATMs or simply performing any personal operation at the branch office. According to this:

  • There will be a follow up process to keep track of customers signing new clauses and saving physical records of such acceptation.
  • There will be audit trails of customers having explicitly exercised their rights in any data transfer process.
  • In the case of any change of personal data, there will be a proactive control to ensure the new clauses will be upadated and signed.

Our Competence Center Data Protection Financial Institutions is specialized in reengineering and modeling new processes to guarantee proper compliance with the new regulations under several guidelines:

  • Full control of data access permissions and usage .
  • Minimum impact on existing information systems.
  • Full compliance and reliability.
  • Enhanced interaction with customers and agents.