The EU has adopted a new data protection regulation, which is expected to come into force in Norway on 25 May 2018. The regulation is known as the GDPR – the General Data Protection Regulation. The regulation will replace the current Personal Data Act.
VPS has established a GDPR project to ensure that VPS will comply with the new requirements for processing of personal data.
VPS, in its capacity as a Central Securities Depository, is a Joint Controller together with the account operators.
We are also proving many additional services where we are processing data on behalf of issuers or other clients.
The project has based its work on the routines, processes and governing documents implemented in accordance with the current regulations. The project will ensure that necessary adjustments are made in existing system solutions according to the requirements of the GDPR.