What Is GDPR?
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies. GDPR will come into effect across the EU on May 25, 2018.
Blissservices Ltd have always taken the utmost care in relation to the protection of consumer data due to which the impact of GDPR will be minimum. This is a reminder to all agents and partners on the data protection requirements that must be adhered to when dealing with consumers of Bliss. Below is a check list of requirements that must be adhered to at all times.
Ensure that all data processors are aware of the requirement to keep all consumer data safe and secure and not to share this data. The consumer data of Bliss forex must not be shared with any third party or used for any other purposes. All receipts and copies of identification must be stored securely.
The consumer ID details that are requested on the bliss site are a regulatory requirement and no additional details should be obtained or retained. .
Communicating Privacy Information & Lawful Basis for Processing Data
Bliss will send out notices that can be displayed at each agent location which inform consumers of what privacy data is held by Bliss Forex and with whom the data may be shared. The notices will explain why the personal data is requested and that consumers have a right to complain to the ICO if they believe the data has been compromised. Consumers also have the right to request for the personal data that we hold.
The GDPR includes the following rights for individuals:
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
On the whole, the rights individuals will enjoy under the GDPR are the same as those under the data protection act but with some significant enhancements.
Consumer requests to access data
If a consumer requests for the data that Bliss holds on the consumer, the ID of the consumer must be checked and the consumer will be requested to provide this in writing at the agent location which will be passed on to the head office of Blissservices Ltd to process. The consumer may also request this information by calling the Blissservices Ltd head office on 0207 537 2555. The requested information will be provided within 30 days. For each request, a decision will be taken whether the data can be shared and if not, a reason will be provided to the consumer.
Consumers under the age of 18 are not permitted to use the Blissservices Ltd service, this a regulatory requirement.
If you believe that the personal data of a consumer or consumers may have been compromised, inform the customer care at the Blissservices Ltd head office immediately and the management will arrange to contact these consumers and will make a report to the ICO.
Data Protection Officer
Umesh Poudyal, the Director of Blissservices Ltd is also the data privacy officer and responsible for all queries in relation to data protection. He can be contacted on the Bliss head office contact number on 0207 537 2555.