By accepting our use of cookies, you allow us to improve your experience on our website, so that it is faster, more personalised and more secure. You can change the cookie settings in your browser at any time. Find out more about cookies.

You have total control of your data

Published on:


From all sides you are currently submerged with GDPR related messages. The new European Data Protection Regulation will enter into force everywhere on 25 May 2018. Everywhere, which means at your bank too. The key points of this legislation are: an enhanced security, a broadened scope and the right to be forgotten.

You cannot avoid it these days, GDPR is everywhere. It is the one acronym you are bound to have heard or seen on any screen. And still, the issue is not new. The old legislation already dates back from 1995 and had to be revised to be able to deal with the current volumes and uses of personal data. That is exactly why you need to consider the implementation of the General Data Protection Regulation (GDPR) somewhat as a big bang.

Maximum scope of application

In defining personal data, the legislator has been as broad as possible: “any information relating to an identified or identifiable natural person”. Unlike the 1995 Directive, explicit reference is made to names, location data, online identifiers and genetic elements, in addition to identification numbers (bank account, telephone number, licence plate, etc.) and physical, physiological, psychological, economic, cultural or social characteristics.

From a territorial point of view, the GDPR constitutes a single regulation applicable both to all organisations within the European Union (EU) and to companies which are not established in the EU, but which offer goods or services to persons located in the EU. This means that American technology giants Google, Amazon or Facebook are now required to comply with European legislation.

Your rights to your data

Thanks to GDPR establishes you have many rights to your personal data: such as:

  • The organisation’s duty to provide informationt
    When collecting data, every organisation has an obligation to inform you of the purposes of the processing and of their rights.
  • Right of access
    Every organisation is required to provide you upon request with all the data concerning you, and to inform you of the processing that has been carried out.
  • Right to be forgotten
    The right to be forgotten or right of erasure provides for the deletion of any personal data in a series of cases. For example, they must be deleted if you object to their processing, if they are no longer necessary for the purposes pursued or at the end of the legal retention periods/the periods set at the time of data collection.
  • The right to data portability
    You can request to receive all your personal data in a commonly-used, machine-readable format in order to transmit them to another data controller. This right will facilitate the transfer of personal data when changing banks, social networks, telephone operators, etc

Enhanced security

Every organisation collecting personal data must be able to prove that it has taken all the technical and organisational measures required to ensure its protection. This includes the appointment of a Data Protection Officer (DPO) and the security of the information system.

Any data leak must be reported to the competent national authority, the Data Protection Authority in Belgium. In the event of non-compliance, the organisation can incur significant penalties, including fines of up to €20 million or 4% of turnover for large companies.

At Keytrade Bank …

… you of course have the same rights. Do you want to know how we are handling and protecting your privacy and your personal data? Be sure to read our Privacy Policy in detail. It contains all the info, mostly in a convenient question and answer format.

Discover other articles with the same tags