Understanding Sensitive Personal Information and its Pitfalls

What is sensitive personal information and how do you become aware of pitfalls in this area? When dealing with this type of information and the handling of the same, it is first important to know the difference between general personal data and personal sensitive information.

The former is information that can be traced back to a specific person, which can be any information that can identify him or her in context. This can be anything from a picture, name, address, medical records, social security number, fingerprints, age, education, etc.

In contrast, personal data or information is data that a company, according to data protection law, must be extremely careful about handling. This information includes the following:

• Political beliefs
• Ethnicity and race
• Religious beliefs
• Trade union membership
• Genetic data
• Data of a biometric nature for identification purposes
• Health information
• Sexual orientation or relationship

If you would like further information and clarification, you can read more about this on Datatilsynet.dk. Here you can also find information on legislation and paragraphs related to the subject.

Get help for correct handling from Meo

At Meo, we help with efficient handling of sensitive personal information. Our primary task is to ensure that your company and associated customers can exchange and work with sensitive personal information confidential and legal.

We help ensure control over this information and store it in a protected and central location so that there is full control over its handling. We can help with risk assessments, ongoing monitoring, follow-ups, reports and much more.

Meo is a Danish company operating in RegTech and including customer data management using an identity platform and software - Meo, which is our software system.

You are always welcome to contact us regarding questions on what is personal data or our platform and services in relation to compliance and KYC processes. We are available to have a no-obligation chat about how you can streamline processes and thus free up time and resources in your daily KYC work.

Too long, too personal

According to recent research, 68% of consumers abandoned an application for a financial service in 2021. A 3% rise since 2020 and a huge missed business opportunity. Not surprisingly, the two key reasons were the longer-than-expected application process and the amount of personal information requested.

Bad UX in onboarding is still a major pain

While a bit of friction is necessary in industries providing services where consumers have personal finances or delicate information at stake, too much friction is detrimental to successful onboarding.‍

Meo partners with e-Boks

Our new partnership with e-Boks results in a more safe and seamless user experience than ever seen before within KYC.

A solution that meets companies’ growing need for access to data, now requested through the most trusted digital postbox, allowing the customers to share data through a platform that they are familiar with and comfortable using.

Frontrunners in the KYC space are dedicating resources to improve onboarding flows and make them more similar to UX leaders like Apple, Amazon etc., while adding just the right amount of friction to induce trust.

Increased scepticism towards data requests

Consumers can be fickle. While increased public attention to GDPR has raised consumers expectations towards regulatory compliance, they still want to share as little personal information as possible.

Research shows that consumers have become increasingly sceptical due to fear of data breaches. Thus, to cater to the digitally enlightened consumer, factors such as data privacy, data transparency and data control are powerful generators of trust in a company or brand.

Where to begin?

As indicated by the data above, speed, UX, data volume and trust are major arenas for battle when it comes to improving onboarding and winning customers. While regulation may prohibit you from reducing the amount of personal information you request, there is a lot to be done in how and where you ask for information. Tuning in on those factors can potentially be a game changer to ensure your customers complete onboarding.

To mend the trust gap and make onboarding and KYC simpler for consumers, we are partnering with e-Boks, the most trusted digital postbox in Denmark. Our customers can now deliver data requests to a provider that consumers know, use and trust with their data already. With conversion rates up to 98% on data requests in e-Boks, completing onboarding feels both more familiar and more safe.

Its Purpose, Process, and Necessity

Are you questioning: what is a declaration of consent? In this article, we can answer the questions of what it is, how it is filled in and why it may be necessary. This is a written document that is created when having to give consent or permission for a specific action.

More specifically, it is used in the context of travel with children, professional consent in regards to private collaboration, which is both within and outside the legal framework. It can, therefore, also be a written agreement on how an external company manages data security in another company, and so on.

What does such a statement entail?

A declaration of consent is a written agreement that covers a wide range of issues and situations. But generally speaking, there is always one party giving permission to another party to perform a particular action.

Among other things, the consent form involves:

• Identifiable descriptions of all parties
• The time period of the consent
• What is consented to - the object in question
• How the consent itself is to be used
• What a possible cancellation or revocation looks like

Which parties are involved in this document?

When filling in a declaration of consent, there are always several parties present. This involves the "giving" party and the opposite party to whom the consent is given. The descriptions and information in such a statement must be referable, which means that they must be able to identify the parties.

The essence of this whole covenant and permission is that the giving party must give consent voluntarily. This is regardless of the context. There are some points and areas which must also always be complied with and completed.

Understand what is a declaration of consent and what the points are

It can be beneficial to have a declaration of consent template that a company or individual uses in situations where consent is required.

• Descriptions of the parties should include the full names of all parties and contact details provided, together with any social security or company registration numbers.
• The time period must be clearly defined. This gives an indication of when and for how long it may be used.
• What is consented to is the most essential, as it implies the object. It can be the given data used in the collaboration, the certificate used, the person, the company or whatever this may be.
• How the consent and this declaration of consent are to be used is in several places a more optional point. However, if a company wants this point included, the purpose of the act can be described.
• How to withdraw consent may be a beneficial area to cover in the event that parties disagree or rules are broken for the consent form in place.

Reduce risks with digital data management platform

At Meo, we work with data security through a digital platform. Therefore, in addition to being able to introduce you to what is a declaration of consent, we can also assist with digital help to handle everything from verification, monitoring, checking of customers - current as well as new.

We automate time-consuming KYC procedures, creating more time for your work and reducing the possibility of errors.

What does due diligence mean?

Due diligence means, in short, a thorough investigation. This process involves a careful review of various elements related to drawing up or designing a contract regarding a change of ownership of a company.

It is necessary in this context to closely examine the assets that the company has and generally their financial status. Therefore, the following elements are often investigated:

• The financial statements
• Management
• Marketing
• Tax situation
• Contracts and rights of an intellectual nature
  

However, the investigation varies depending on the purpose of the change of ownership and the specific industry. Which information is crucial can vary depending on the purpose of the investigation. It can be advantageous to use professional tools such as relevant platforms for this due diligence process.

This is how it works in practice

How this process works in practice can vary, but what is often done in practice is to divide the company's assets and areas into groups and phases, and then each area and phase is investigated step-by-step.

First and foremost, a preliminary investigation of the company can provide insight into whether there are any parameters that generally prevent the agreement and the change of ownership from being completed. This preliminary investigation can, therefore, also put a natural hold on the upcoming investigation, due diligence if some areas are inadequate.

The next step in a due diligence process is to collect data on the company. This data can cover the aforementioned areas, which are analyzed and interpreted thoroughly and with care.

Finally, a report is prepared that outlines areas where there may be issues. This is done with a view to the further negotiation of the contract or potential termination of the negotiation.

Who are we at Meo?

At Meo, we work on streamlining KYC procedures and digital data management systems, which includes our software solution: Meo Identity. We specialize in streamlining processes with clients, as well as ensuring the best possible handling of data.

We automate verifications, check and monitor current and future customers, as well as perform risk assessments.

We make it possible for your company to share data internally and with customers, quickly and efficiently, without worrying about sensitive personal data or other security measures.

In addition to knowledge about due diligence, you can read much more on our site about areas such as money laundering and AML, as well as PEP lists and data security. We help companies with a compliance check to investigate where you can optimize and need updates.

What is compliance - Get answers and take a non-binding check up

Let us help you understand "what is compliance" and why regular compliance check ups are important. We conduct non-binding surveys and check ups of your KYC processes, where we provide an overview of the efforts and procedures you can optimise and how.

At Meo, we treat your data and responses confidentially and securely, in order for you to receive a compliance check up with peace of mind. But allow us to introduce Meo and our identity, as well as put you in the picture of what compliance is.

What is meant by a compliance check up?

When talking about a compliance check up, we mean an examination of whether rules, legislation and guidelines are being adhered to in the respective processes. This applies to processes in connection to customers as well as internally.

In the same process, the term KYC compliance is used. KYC is primarily an abbreviation of Know Your Customer, and this term, therefore, covers knowing your customers legislation and guidelines and what you need to be aware of. The term is used in financial contexts.

These concepts and efforts have been created to safeguard customers against corruption, money laundering, fraud and other types of financial abuses.

The purpose of conducting these check ups, and gaining knowledge on what constitutes compliance, is to avoid pitfalls that can, in the worst case, lead to sanctions if you violate laws, guidelines or other regulations.

Who is Meo?

We are a RegTech company located in Denmark, working on platforms for the benefit of secure customer data handling.

At Meo, we offer complete solutions through software to automate customer verification, checks, monitoring as well as risk assessments and onboarding flows allowing you to save resources.

We help save you time on cumbersome processes that are essential to avoid breaches of legislation, regulations or guidelines. By automating or streamlining processes and gaining a deep understanding of "what is compliance", we can ensure that everyday life is easier and more manageable for both you and your clients.

So spend time wisely on other processes and streamline your efforts while ensuring your data exchange is secure and confidential.

What is a DPO?

What is a DPO? This term is an abbreviation of the word, Data Protection Officer. This person or company carries out tasks, such as data security checks, in a company. This includes compliance with the GDPR.

Public authorities and bodies must have a DPO, Data Protection Officer, who carries out these tasks. This DPO must also advise the data controller of the specific body. It is a legal obligation for these authorities and bodies to have a data protection officer appointed, which may also be the case for several companies.

You can read much more about GDPR,, the Personal Data Act, the Data Protection Act and the difference between them in our articles on this page. Where and for how long can a company keep personal data? Who is covered by the GDPR? These are questions that a DPO, Data Protection Officer can help answer.

A Data Protection Officer will often act as a liaison between the Data Protection Authority and the data controller in the company. In addition, a company's DPO must be independent and external, and must not receive instructions on the selection of tasks.

How does Meo work with data security?

At Meo we can help you with the secure transfer of information to and from customers, as well as a software system that can act as an administration tool for both: verification, checking and monitoring of current and prospective customers, as well as a tailored risk assessment.

This system, Meo Identity, helps you and your DPO to check and manage data correctly, and this system and automation of data management ensures your compliance with GDPR, avoiding penalties, in the form of fines or similar.

We are ISO 27001 certified, as GDPR and AML compliant, which means we are internationally approved and certified in information security and data handling.

Manage your data securely with a DPO, Data Protection Officer

It is essential to work correctly with data, as there may be major penalties for violations of, among others, GDPR, the General Data Protection Regulation. With an automated system, not only can you free up resources from semi-manual processes, but you also ensure control and reduce risk.

A Data Protection Officer will, by advising on a company's data security, look into the handling and guide employees to the extent that potential knowledge about data security, GDPR and the exchange of data with customers or clients is lacking.

This advisor may therefore also provide guidance or recommend useful applications or IT systems that may be relevant for maintaining data security.

Let us help make your client management transparent and secure, so that all processes take place under legal conditions.