Internet and social networks
Can a website ask me for a copy of my ID?
Yes, but only in certain cases.
The APDP pay particular attention about the methods used to collect identity documents. The aim is to combat theft and identity theft, the illicit use of personal data contained in these documents, and the consequences that this can have for the victims.
With regards to merchant websites, the collection may be allowed to manage payment or refund requests following participation in a game.
The APDP therefore requests that the remote collection procedures be protected and in particular that copies of identity documents be deposited on a secure page.
It also recommends that individuals whose copies of identity documents are collected be invited to submit them in black and white and crossed out to make any potential reproductions difficult.
Can a website store my bank details?
Yes, but only under certain conditions.
Bank data may be stored in intermediate archives for the purpose of proof in case of a potential dispute over the transaction for thirteen months after the debit date. This period may be extended to fifteen months to account for the possibility of using deferred debit payment cards.
These data may be kept for a longer period provided that the express consent of the customer is obtained, and the customer has been informed in advance of the purpose pursued (for example, to facilitate payments for regular customers).
This consent may be collected through a check box, which is not pre-checked by default, and cannot result from the acceptance of general terms.
Data related to the visual cryptogram must not be stored. When the expiration date of the credit card is reached, the data related to the card must be deleted.