Transaction data is not allowed for direct marketing purposes

"bank"

In a letter dated 1 July 2019 (in Dutch) (the "Letter"), Dutch Data Protection Authority (the "Dutch DPA") informed the Dutch Banking Association that processing individuals' transaction data for the further purpose of direct marketing to the same individuals may not be compliant with the requirements of the General Data Protection Regulation ("GDPR") (which regulates the processing of personal data). This is a potentially serious issue for financial services companies, as they increasingly look to extract value from consumer data. To read more: Click here