This is the newest FIAP Service, created on May, 2018, in order to help FIAP be in compliance with the EU Regulation on Data Protection (2016/679) mostly known as GDPR.
The GDPR provides for two crucial concepts: Data Protection By Design and Data Protection By Default.
Data Protection by design means embedding data privacy features and data privacy enhancing technologies directly into the design of projects at an early stage. This will help to ensure better and more cost-effective protection for individual data privacy.
Data Protection by default means that the user service settings must be automatically data protection friendly, and that only data which is necessary for each specific purpose of the processing should be gathered at all.
These two concepts need strong and efficient implementation both in legal and technical level.
The role of this new Service is to introduce to the Board of Directors all requirements proposed by FIAP’s legal or technical advisers in order to take actions necessary to ensure all personal data processing operations are GDPR compliant. According to the BD decisions, this new Service acts then as a coordinator between FIAP and these advisers, in order to prevent and minimize as far and as early as possible risks arising out of the processing of personal data.
This Service may be contacted in the case of any questions regarding collection, processing or use of personal data, or wherever information, correction, blocking or deletion of data may be required and whenever any consent previously given may be revoked or whenever any particular use of data may be opposed.
This Service has not been designated as FIAP’s Data Protection Officer.