This policy describes the organisational and technical safeguards Trapets has implemented to protect personal data as processor for our customers.
Data policy
Trapets provides services and systems to the global finance industry for transaction monitoring, KYC, customer due diligence, including screening, and market and trade surveillance.
This policy describes the organisational and technical safeguards Trapets has implemented to protect Personal Data processed by Trapets within our service delivery, asa processor for our customers (the controllers).
Data protection policy
Any information relating to an identified or identifiable natural person (data subject).
Any operation or set of operations performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The natural or legal person, public authority or other body, who determines the purposes and means of the processing of personal data, in this case Trapets’ customer(s) or their affiliate(s).
The natural or legal person, public authority or other body that processes personal data on behalf of the data controller, in this case Trapets, including Trapets affiliates and sub-processor(s).
An identified or identifiable natural person.
Content in the agreed and specified screening lists included in the agreed Screening services. Such lists can be company information and beneficial ownership lists, sanctions lists, PEP lists or other lists, as specified in the applicable customer agreement.
Personal data shall always be:
Trapets as a processor does not determine the scope or purposes for the processing we perform for its customers as controllers.
All personal data processed by Trapets as a processor for our customers is processed in accordance with the agreement, including the Data Processing Agreement and applicable instructions, with each customer.
Trapets may assist customers by providing an overview of the data or categories of data that our products or services require to perform their intended functionality. The data or categories of data that are finally processed for each customer are defined by the customer.
The Controller should take necessary steps to ensure that the information and Personal Data sent to Trapets is correct and up to date.
Trapets provides Screening Data "as is", it is therefore incumbent on the Customer to check that the Screening Data is of high enough quality for its use of the Customer.
Depending on the product, Trapets offers a standard configuration and/or the possibility for each Controller to define customised deletion routines or to request deletion on an ad hoc basis in accordance with the Controllers’ internal retention policies.
Trapets uses a data classification system that ensures integrity and confidentiality. All personal data processed by Trapets as a processor is subject to the highest level of security, and access is restricted to employees with a need for such access for the performance of Trapets’ services. All Trapets employees are bound by a confidentiality undertaking.
In the course of service delivery for its customers, Trapets will process personal data of the following categories of data subjects.
A categorisation of each data field has been made if it contains personal data or not in the indata specification for the data being processed. The detailed indata specifications for each product are found on the Trapets documentation site.
Data protection
Trapets has technical and organisational measures in place, including but not limited to information security policies and regular training in secure handling of personal data. Trapets is certified according to the ISO 27001 Standard in Information Security Management, which confirms Trapets' ability to uphold a high level of information safety and security. More information can be found in Trapets’ Information Security Policy and other documentation made available by Trapets.
Data protection policy
Find the full documentation for the Data protection policy and read more here.
Trust centre
We understand that security and customer data are crucial to our solutions and adhere to the highest information security management standards.
We must observe high ethical principles in all our activities. Each individual is critical in defining and protecting our most valuable asset - trust.