Banks and financial services providers are also among the institutions where personal data are processed in basically every business process. It is often the case that data are actually particularly sensitive in this sector, as they may contain information about income and wealth situations, business relationships and personal relationships, cash flows, personal interests and patterns of movement.
The requirements for the protection of such data have to be accordingly high. At the same time, these requirements also have to be brought into conformity with the banks’ statutory obligations – e.g., under the Geldwäschegesetz [German Anti-Money Laundering Act]. Naturally, this also involves extensive data processing activities. For the processing institutions, the specific statutory requirements sometimes may also entail obligations to disclose data on a case-by-case basis, for example to tax authorities.
We advise you in your role as financial services provider or credit institution when you implement data-compliant processes and when you start to create an effective data protection organization. The focus is on handling employee data and customer data as well as on international data transfers, the involvement of third parties in payment transactions, and special topics as, e.g., mobile online banking.