Save 50% on a 3-month Digiday+ membership. Ends Dec 5.
The race is on for banks to comply with the GDPR, the European Union’s landmark data privacy regulation.
On May 25, EU companies will no longer be able to collect and use personal data without the individual’s consent, under the General Data Protection Regulation. U.S.-headquartered banks and fintech companies with global operations are anxiously preparing to comply with the new rules, anticipating a time when U.S. customers will demand the same protections from their home institutions.
GDPR applies to any organization operating within the EU, as well as those located outside of the EU which offer goods or services to customers or businesses in the EU. “Personal data” can include basic personal identifiers like a name, photo, email address or bank details, as well as things like posts on social networking websites, medical information or computer IP addresses. Customers have the right to a copy of the data institutions keep about them, as well as the right to be forgotten, or demand those institutions delete that data.
For U.S.-based banks with a global reach, it opens up questions about how to handle EU customer data and make sure they obtain customers’ consent to collect and hold their personal information.
More in Marketing
Visa extends its reach into the creator economy’s liquidity crunch
The financial firm is working with creator financial platform Lumanu.
Why Carter’s new CMO wants more emotional, relatable marketing across channels
Carter’s CMO Sarah Crockett joined the company in the summer of 2025 with a goal of doing more realistic, relevant storytelling around childhood and parenting. In an interview with Modern Retail, she shared more about her approach.
U.K. retailer Tesco wants advertisers to see it as equal to any traditional media partner
Tesco’s client development director, Nick Ashley, talked to Digiday about its latest Upfront, the importance of shopper data, as well as how much its ad business impacts profit margins.