This guide is for informational purposes only and should not be relied upon as legal advice.
The European General Data Protection Regulation 2016/679 and the UK Data Protection Act 2018 (together, GDPR) is – as most now know – a broad-sweeping and comprehensive data protection law. The GDPR likely applies to any First AML customer which has clients (or individuals within client entities being verified) based in the EU/UK.
First AML Data Processing Addendum (DPA)
What is a DPA?
If the GDPR applies to you, a DPA enables the lawful transfer of EU/UK personal data from you to First AML.
Do you need to sign the DPA?
If you’re a new First AML customer and the GDPR applies to you, our DPA will automatically apply to your use of our services – there is no need to separately sign.
If you’re an existing First AML customer based outside of the EU/UK and your business is expanding to the EU/UK, please get in touch to ensure our DPA applies.
As an organisation at the forefront of data protection and privacy, we’re extremely passionate about ensuring compliance with data protection laws to the highest standard. We do this by:
Our customer documentation has been prepared, and is regularly reviewed, with the highest standards of data privacy in mind.
We’ve also gone to great lengths to ensure your clients – who we’re engaging with in the course of providing our services – have a clear understanding of our respective roles in the handling of their personal data, and the manner in which they can exercise their rights under relevant data privacy laws.
If you have clients (or individuals within client entities being verified) based in the EU/UK, your handling of their personal data through use of our service is as a ‘data controller’. We, in turn and in most situations, are a ‘data processor’.
The GDPR gives the subjects of the data you collect various rights, such as the right to access, correct, delete, and restrict how their data is used. As the data controller, it is your responsibility to ensure data subjects can exercise those rights. We help to facilitate your compliance wherever possible, including by:
We will assist in any other way we can to ensure our joint compliance with relevant data privacy laws.
Need more information? Below are links to some helpful GDPR resources: