PAYMENT SERVICE PROVIDER
Inspection by the Personal Data Protection Office
We advised the payment service provider on the following project:
CONTROL OF THE PROCESSING OF PERSONAL DATA BY THE PRESIDENT OF THE PERSONAL DATA PROTECTION OFFICE
- As part of its legal advisory services, DLK Legal has been developing data protection practices dedicated to financial institutions for many years. Our clients in this area include banks, non-bank payment service providers as well as leading providers of ICT services for the financial sector from Poland and abroad.
- Financial institutions are particularly exposed to the risk of audit proceedings regarding the application of data protection laws. To date, each of the inspection plans announced by the Personal Data Protection Office (2019, 2020, 2022) has directly pointed to an intention to inspect key aspects of the financial sector. In practice, since the establishment of Personal Data Protection Office in 2018, such inspections in the financial sector have been carried out regularly, although due to the COVID-19 pandemic, their number has fluctuated significantly in previous years (in 2020, the Office conducted 12 inspections, even though in 2019 there were as many as 98).
- The issue of data protection is particularly important in the financial sector – efficient data protection management directly affects the security and financial stability of both an individual institution and the entire market. Appropriate application of GDPR regulations in combination with sector-specific regulations (e.g. on capital requirements, strong customer authentication, use of biometrics or implementation of transaction monitoring systems) may protect an institution from the risk of significant financial losses as well as potential penalties from the Personal Data Protection Office.
The advisory services of DLK Legal included:
- identification of issues requiring additional compliance verification on the PSP side prior to the commencement of the audit by the President of the Personal Data Protection Office
- legal workshop for management staff and persons responsible for the area of data protection at PSP, aimed at preparing PSP for the audit by the President of the Personal Data Protection Office
- development of a procedure strategy and legal arguments in relation to critical points of the activities of PSP with regard to the processing of personal data
- ongoing legal advice during the inspection and at the stage of signing the inspection report
Also check
#Banking & Fintech #Industry 4.0 #IT & Outsourcing #Legislation #Telecommunications
Group financial institution
Application of DORA and the NIS2 Directive
Application of DORA and the NIS2 Directive#Banking & Fintech #Industry 4.0 #Online & eCommerce #Retail #Telecommunications
Operators of POS terminals and ATMs
Availability of products and services for people with special needs
Availability of products and services for people with special needssmall payment institution
Application for entry in the register of small payment institutions
Application for entry in the register of small payment institutions