Other pages in this section
Research highlights that endings are an important part of the customer experience and there is value in designing good, clean processes that build customer trust. In Open Banking research, customers have spontaneously highlighted ‘what happens to my personal data after I stop using a service’ as an issue. The answer to this very much depends on whether the customer is talking about their rights under PSD2 and the explicit consent provided or how you might be using a customer’s personal data under GDPR.
Off-boarding journeys are therefore an important part of the customer journey and are separate from the process of revocation of consent under PSD2. Providing clarity and control to customers is the key and there are real opportunities for open banking to lead the industry in how to help customers control their data.
Understanding what your obligations are when a customer is exercising their data protection rights is therefore crucial. For further ICO guidance on the data protection rights of individuals under GDPR, please see: https://ico.org.uk/global/privacy-notice/your-data-protection-rights/
It is important to understand that not all of the data protection rights that a customer may wish to exercise will be available, Most rights, apart from the rights in relation to direct marketing, are qualified rights, meaning, that, either they are not available to a customer or you can rely on one of the applicable exemptions.
Introduction (section A) Previous