The platform is built on a GDPR/consent-first architecture. Meaning that every data from a client can be shared with a consent to companies using the Meo platform for KYC and AML.
Every request and onboarding process that a client can complete to share their data, is a way for the client to consent to the sharing of their data.
The client can always see which data they have shared with any company on the Meo platform, and they also have the ability to revoke the consent. Revoking a consent on the Meo platform is essentially a ‘request for the access to be terminated’. The data access cannot be immediately terminated as the company on the Meo platform is subject to the AML legislation which ranks higher than the GDPR framework.
A revoke of the data access would essentially be the same as a termination of the client relationship. Any access revokes should therefore be handled on a case-by-case basis. Before accepting the revoke, you will likely need to archive the data to make sure you are in compliance with the AML legislation. When ready, you can terminate the access and the client’s profile will be removed from your active system.
The client will have a log of which data you had access to in which time frame.