Modelo de tratamiento de datos RGPDUse of a payment card number in connection with the sale of goods or the provision of services at a distance

Por: Ludwig Karneth

PrivateOrders and Payments

This processing model relates to the use of payment card numbers in the sale of goods or the provision of remote services, including subscriptions taken out online or goods reservations

Finalidades (6)

La finalidad de un tratamiento es el objetivo principal del uso de los datos personales. Estos datos deben ser recopilados para un propósito bien determinado y legítimo y no deben ser tratados posteriormente de manera incompatible con este objetivo inicial.

Fight against fraud

Obligación legal - art. 6-1 c)

Simplification of any subsequent purchases on the merchant's site

Consentimiento - art. 6-1 a)

Reservation of a good or service

Medidas contractuales o precontractuales - art. 6-1 b)

Offer of payment solutions dedicated to distance selling by payment service providers

Intereses legítimos del responsable o de un tercero - art.6.1 f)

Settlement of subscriptions taken out online involving defined and regular payments

Medidas contractuales o precontractuales - art. 6-1 b)

Completion of a transaction for the delivery of a good or the provision of a service in return for payment

Medidas contractuales o precontractuales - art. 6-1 b)

Datos (1)

El artículo 30 del RGPD exige el registro de las categorías de datos tratados. Se trata aquí de definir las categorías de datos tratados. Estas pueden ser consideradas comunes o sensibles.

Data required to carry out a remote payment card transaction

Detalles de los datos

Cardholder identityopcional

Visual cryptogramrequerido

expiration daterequerido

Credit card numberrequerido

Reglas de conservación

Base activa:

Data must be kept for no longer than is necessary for the purposes for which they are processed. The retention of the cryptogram after the first transaction is prohibited in all cases, including for subscriptions requiring different payments. In the case of one-off payments (one-off purchases or subscriptions with no tacit renewal, paid in a single instalment), the period for which card details are kept must correspond to the time required to complete the transaction, i.e. the actual payment, which may be deferred until receipt of the goods or performance of the service, plus, where applicable, the withdrawal period stipulated for distance sales of goods and provision of services (article L.121 -20-12 of the French Consumer Code); With regard to subscriptions involving staggered payments, the retention of bank details is justified: - until the last payment due date, if the subscription does not provide for tacit renewal; - until termination of the subscription in the event of tacit renewal, subject to applicable provisions and in particular the information of the persons concerned prior to renewal.

Personas afectadas (1)

Una persona interesada es toda persona cuyos datos son recopilados, retenidos o tratados por el tratamiento de datos en cuestión. Ej: En el marco de un tratamiento de gestión de reclutamiento, cualquier candidato para el puesto en cuestión constituye una persona interesada.

Other

Autor:

Ludwig Karneth

Creado el:07/08/2023

Actualizado el:00/01/1970

Número de usos:4

Modelo de tratamiento de datos RGPDUse of a payment card number in connection with the sale of goods or the provision of services at a distance

Finalidades (6)

Datos (1)

Data required to carry out a remote payment card transaction

Personas afectadas (1)

Acceda al modelo completo