4 important aspects of the GDPR that you should know about

The financial services industry is heavily regulated since it involves money and hard-earned assets of common people. It is natural to improve the regulations, not only to insulate the financial services industries from losses but also to protect the privacy and data of the individual users — which is the goal of The EU General Data Protection Regulation (GDPR). The GDPR is a comprehensive framework for companies operating in European Union member states to handle and process their customers’ data.

Though the GDPR is applicable to all types of businesses, ramifications for financial services providers that fail to comply are quite harsh. Some financial services providers may find it challenging to come up with the GDPR’s required structure and the policies. Both users and companies must note these four things about the GDPR:

Users’ control of their data 

GDPR is the first solid effort to put users in control of their own data. For the first time, users can now choose how companies can use their data. Above all, they can also request for changes in the way their existing data is being held.

One of the key security issues in 2018 was the release of users’ data by Facebook to Cambridge Analytica. This not only created a huge outcry but also raised serious questions over the privacy and security user information.

With the GDPR, an incident like this can be avoided since users will be able to control what data companies can collect from them and how their information can be used. Personal data protected under the GDPR include your location data, in-car data collected by insurance companies, IP addresses, among others.

Right to data erasure

Normally, user or consumer data is reused for marketing purposes. Financial services providers ask for the related party’s consent to use their personal data. With the GDPR in place, users have the right to ask companies to erase their data from their system.

This has a huge impact on companies looking to retarget or remarket to their customers using their existing data. For instance, this clause has forced betting sites to consider GDPR compliance within the context of marketing and remarketing online to their customers.

Email scraping

Companies or sites getting their visitors’ email addresses by offering them rewards is a usual online practice. The financial services industry has utilized this tactic to acquire email addresses of consumers so that marketing activities can be initiated.

But with GDPR, automatic opt-ins for email marketing campaigns are not allowed. Hence, financial services providers would not be able to capture your data automatically and use it for email marketing. that you did not sign-up for. There has to be an explicit opt-in which shows the clear consent of the users to subscribe to the provider’s email marketing.

GDPR has global consequences for the financial services industry

While this is an EU wide regulation, it has quite significant implications for the global services industry. According to one study, 60% of the EU companies are already GDPR compliant. In comparison, only 19% of the companies in North America are truly ready for implementing new data privacy measures.

GDPR regulations are a great step forward to ensure that the data of the users, whether they are investors or general consumers are not used inappropriately. Unsolicited targeted marketing can be lessened and companies that misuse data in their hands can be held accountable for their violations.

(Featured image by DepositPhotos)

—

DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation for writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.