At FinSkool, our mission is to make people investment decision right in their journey, and we believe the protection of our customers' and their end users' data is fundamental to this mission.
GDPR was a codification of many of the steps we were already taking: only collect the personal data you need to provide the service you’re offering; don’t sell personal information; give people the ability to access, correct, or delete their personal information.
As data protection is an ever-evolving environment, FinSkool will continue to monitor ongoing developments globally and will update this page as appropriate.
As per GDPR, we as a data controllers and processors are obliged to return or delete all personal data after the end of services, or on expiry of a contract or agreement, unless it’s necessary to retain the data by law. Individuals have a right to have personal data erased and to prevent processing in specific circumstances: First where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed Second when the individual withdraws consent Third when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing Fourth when personal data was unlawfully processed (in breach of the GDPR)and last the personal data has to be erased in order to comply with a legal obligation.
So, if just one of these conditions applies, it is the responsibility of the data controller to delete and remove data and recorded calls ‘without undue delay’, and specifically within a month, barring exceptional circumstances.