Summary: Vanquis, british bank specializing in financial inclusion with more than 2.4 million customers, implemented OneTrust to automate their processes of privacy. Today, with data mapping, automatic evaluations, management of rights of persons and third-party control in a single system.
The challenge
The arrival of the GDPR exposed manual processes and fragmented in Vanquis. Lacked:
- A repository unified treatment records of data.
- Flows automatically to requests for access or deletion of data.
- Centralized visibility on providers that manage data.
This made it difficult to comply with regulatory requirements, to efficiently respond to headlines and reduce legal risks.
The solution
To modernize its privacy program, Vanquis chose OneTrust and implemented:
- Data Mapping: to identify and track personal data in the whole group.
- Assessment Automation: to automate privacy impact assessments (PIA/DPIA).
- Data Subject Rights Automation: to respond to requests of the holders.
- Third-Party Risk Management: to evaluate and monitor suppliers that handle data.
Implementation and operation
Vanquis has appointed a Data Protection Analyst intern to lead the project with the support of the CISO and the teams of compliance. OneTrust is integrated with existing systems, allowing you to generate automatic reports, updates, logs and audits more robust.
Results
- Repostes automated and auditableimproving times and efficiency.
- Complete traceability of personal datain clients, employees and suppliers.
- Efficient management of the rights of the holderswith workflows, metrics and clear.
- Impact assessments centralized, less risk and greater consistency.
Testimony of Vanquis
“OneTrust was selected because it is a platform focused on the business, easy to use, adaptable to specific needs, and provides transparency auditable across the enterprise.”
Mike Dronfield, CISO – Vanquis Banking Group
Conclusion
Vanquis demonstrated that a financial institution with millions of customers can address the privacy of a strategic way. The implementation of OneTrust allowed to migrate from manual processes to an integrated platform, strengthening their compliance and trust.
