Javascript is required
logo-dastralogo-dastra

GDPR Data processing modelRisk assessment and prevention of website payment fraud

By: Ludwig Karneth
Legal ServicesPrivateOrders and Payments
This processing is intended for risk assessment and prevention of website payment fraud, in the marketing sector

Purposes (3)

A purpose is the objective pursued by the setting up of your file. It indicates what the processing of personal data will be used for, its purpose. This purpose must be clear and understandable

1
Register accounts through which potential fraud is detected
Potential fraud refers to the illegitimate use of payment cards or the data attached to them, or of cheques where such use is likely to have harmful consequences. A manual check on a case-by-case basis is recommended after registration in the file
Legitimate interest
2
Use a real-time payment risk assessment tool
Allows data relating to detected fraud attempts to be stored for in-depth analysis of subsequent transactions displaying one or more of these characteristics.
Legitimate interest
3
Remove the possibility for the prospect/customer to pay for his order by cash on delivery
If payment on delivery is possible
Legitimate interest

Data categories (3)

Personal data is any information relating to an identified or identifiable natural person. A natural person can be identified either directly (eg surname and first name) or indirectly (eg phone number, social security number, email or postal address, but also voice or image)

Login information

Data details

Timestamp informationrequired
IP addressrequired

Data conservation rules

Active base:

In the event of order cancellation, the accounting department keeps a paper record of the order and the exchange with the card issuer for 6 months. Data is kept for a maximum of 3 years. All other data is deleted at the end of the verification procedure. Copies of supporting documents are kept for a maximum of six months

Payer identification data

Data details

Country of residencerequired
Civilityrequired
Product orderedrequired
Emailrequired
Telephone numberrequired
Department of residencerequired
Delivery terms and addressrequired
Postal Addressrequired
Name and surnamerequired

Data conservation rules

Active base:

In the event of order cancellation, the accounting department keeps a paper record of the order and the exchange with the card issuer for 6 months. Data is kept for a maximum of 3 years. All other data is deleted at the end of the verification procedure. Copies of supporting documents are kept for a maximum of six months

Economic and financial information

Data details

Partenaire monétiquerequired
Payment statusrequired
Payment methodrequired

Data conservation rules

Data subject (1)

A data subject is any person whose data is collected, retained or processed by the data processing. e.g. In a recruitement process, any candidate for a position proposed in recruitement management process

  • Customers
Author:
Ludwig Karneth
Ludwig Karneth
Created at:07/08/2023
Updated on:00/01/1970
License: © Creative commons :
Attribution / Pas d'utilisation commerciale
CC-BY-NC AttributionPas d'utilisation commerciale
Nb using:3

Access the full processing template

Try Dastra now to access all of our data processing templates that you can customize for your organization.It's free and there's no obligation for the first 30 days (no credit card required)

Add to my data processings record
Subscribe to our newsletter

We'll send you occasional emails to keep you informed about our latest news and updates to our solution

* You can unsubscribe at any time using the link provided in each newsletter.