October 29, 2020

Volume X, Number 303

Advertisement

October 29, 2020

Subscribe to Latest Legal News and Analysis

October 28, 2020

Subscribe to Latest Legal News and Analysis

October 27, 2020

Subscribe to Latest Legal News and Analysis

CNIL Revised Guidelines on Payment Card Data Used for Online Transfers

On 15 November 2017 the CNIL created a special page on its website with a view to highlighting  its 2013 guidelines on processing of payment card data for online transactions (The 2013 guidelines were modified in July 2017).

The guidelines highlight the following:

  • The permitted purposes some of which have to be presented as separate to the data subject (e.g. retaining data for card fraud detection) or require a separate consent (e.g. retaining data or for future transaction),
  • The necessary data (identity of the cardholder is not one of them, except for fraud prevention),
  • The retention periods (in any event, the cryptogram cannot be retained after the transaction)
  • Information of the data subjects
  • Security measures
© Copyright 2020 Squire Patton Boggs (US) LLPNational Law Review, Volume VIII, Number 9
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Stephanie Faber International Business Attorney Squire Patton Boggs Paris, France
Of Counsel

Stephanie Faber heads the Data Privacy & Cybersecurity Practice and the Intellectual Property & Technology Practice in the Paris office. She specialises in international business law, with more than 20 years of experience. Her legal practice encompasses business transactions and operations, as well regulatory and compliance work.

In relation to the Data Privacy & Cybersecurity Practice, Stephanie advises on:

  • GDPR gap assessment and compliance programs
  • Data breach management and notification
  • Database creation, international...
33 1-5383-7400
Advertisement
Advertisement