The European Union’s new general data protection regulation (GDPR) mandates strict protection requirements over personal data concerning EU citizens.

Retailers that offer financial services may have to think extra hard about how they manage personal data.

Equifax Inc, the US based consumer credit reporting agency, offers identity theft protection as well as fraud prevention products.

Steve Martin, Data Protection Officer at Equifax highlights the importance of a consistent approach to making privacy notices understandable and accessible, in the GDPR era.

“Data sharing and analysis can bring huge benefits to consumers, but raises concerns about how personal information is used, and who can access it. The new general data protection regulation will apply to the UK from May 2018 and emphasises the need for transparency over how personal data is used. It’s a major development designed to provide new rights for individuals, and also strengthens some of the rights that exist under current legislation.

“A core element of GDPR is to ensure companies communicate clearly with consumers, with important provisions around privacy notices detailing how a company manages data. To achieve the regulation’s objective of better communication with consumers, it’s vital that financial service providers work together to agree common wording for these notices.

“Our industry is notorious for using too much jargon and the changes GDPR brings are an opportunity to improve the public’s understanding of how their personal information is used and kept safe, and their rights to access, control and correct information held on file.”