Visa Data Privacy Request Manager

Providing support in relation to data subject rights requests.

The Visa Data Privacy Request Manager provides support to Client Issuers and Acquirers in relation to Data Subject Rights (DSR) requests, in particular in relation to requests made under the General Data protection Regulation (GDPR).

available for use by:

Issuer Banks
Acquirer Banks

Enabling client banks to submit DSR requests on any of the DSR types

Visa has implemented the Visa Data Privacy Request Manager set of APIs to address the General Data Protection Regulation (GDPR) requirements.  Specifically, enabling client banks to submit DSR requests on any of the DSR types (Access, Rectification, Erasure, Restriction, Portability, Object, Automated Processing).  Each request will prompt the creation of at least one “case” that will be used to track the progress of the request. 

Key Features

Descriptive image text here

Secure transmission of request and responses

Descriptive image text here

Ability to track a request and obtain status on the request

Descriptive image text here

Supports in delivering on data subject rights requests

Why Use It?

Visa has implemented the Visa Data Privacy Request Manager set of APIs to support Issuers and Acquirers in relation to GDPR requirements, where Visa holds the personal data as a 'processor' on behalf of the controller. Specifically, enabling client banks to submit DSR requests on any of the DSR types (Access, Rectification, Erasure, Restriction, Portability, Object, Automated Processing). Each request will prompt the creation of at least one “case” that will be used to track the progress of the request. 

 

Visa Data Privacy Request Manager APIs can be used by any client bank developer in the sandbox with registration and acceptance of terms and conditions.  Bank participation is subject to Visa approval and execution of the participation agreement.

 

You can use the API explorer provided in the API Reference section to understand the usage of the APIs in the Sandbox. Currently, the APIs are only available for client bank use in the European region. 

 

Check back on this page later for further updates on expanded access (e.g. additional regions) to these APIs.

How Does It Work?

Under the GDPR regulation, Visa is required to comply with the 7 DSR's pertaining to customer data. For regulatory compliance all DSR types are represented, enabling client banks to submit specific request and obtain pertinent results. This is all done through a secure communications channel with Visa. All requests will be fullfilled in a timely manner as governed by the GDPR regulation. Clients will also have the capability, via the API, to assess status of their reqeust. 

 

 

 

Visa Data Privacy Request Manager Architectural Diagram

APIs Included

Submit a DSR Request (/submit)

Client banks can submit requests. A receipt of the request will be communicated back to the client bank. Included in the communication will be the Case Number that can be used for status inquiries.

Check Status for a DSR Request (/checkStatus)

Client banks can check the status of an existing case by using this API

Ready to start with Visa Data Privacy Request Manager?
Need Support?