You can see the rules and regulations in other jurisdictions.
The GDPR and the Austrian Data Protection Act (supplementing the GDPR) govern data protection in Austria.1
Under the GDPR, personal data that enables the identification of natural persons is safeguarded and subject to a rigorous system. Those individuals whom data is processed about (the outlined data subject) have certain rights that cannot be undermined by the Act. This includes gaining clear information from the controller, getting incorrect personal data modified, being able to be forgotten, limiting any extra processing and objecting to having their information used.1
Fintechs often utilise profiling of customer information, which is protected by the GDPR. This includes the automated use of data to assess attributes related to a person such as their occupational ability, financial standing, health, personal predilections and even behaviour; all of which are subject to the GDPR's rules - one being the right for customers to challenge the profile constructed on them.1
The GDPR requires that controllers undertake a prior assessment of any processing operations likely to lead to a high risk to the rights and freedoms of data subjects. This is especially necessary when it comes to fintechs with business models based on large-scale data mining, processing or profiling, taking into account the type, scope and purpose of the processing activities.1
The GDPR imposes fines between €10 and €20 million and 4% of the worldwide annual turnover of the preceding financial year, whichever is higher.1
Austrian banking secrecy laws are stringent, protecting all client data and even the fact that someone is a bank's customer. This extends to legal persons too, and applies to any service provider acting for a bank in Austria, such as a fintech company providing outsourcing services. Breaches of this secrecy come with significant repercussions including criminal liability.1
Cross-border payments in Austria
Legal support for FinTech and Blockchain projects
We work for international SMEs, startups and Telco's
Comprehensive legal services for businesses on corporate, tax law, cryptocurrency legislation, investment activities