Data, a strategic asset for Societe Generale
Today, data is central to customer relations and the Societe Generale Group organisation. In a digital environment, the Bank improves its services to its clients, its risk management, and its operational efficiency, thanks to data use while ensuring its quality, security and protection.
With millions digital contacts every month, digital is becoming customers' main point of entry with the Bank. With new technology, these ever-multiplying data are analysed more closely, enabling Societe Generale to offer its customers more personalised and relevant service, by pairing the best of human and digital resources.
At the same time, data is central to the concept of trust. Societe Generale’s role as a trusted third party is a real competitive advantage that the Group must retain.
Data management has always been in Societe Generale’s DNA.
Data management has always been in Societe Generale’s DNA. New technology is moving us closer to our customers, where we play our advisory role by pairing the best of our human and digital resources. We are transforming in depth, to better optimise and protect this strategic asset for the Group. To respond to these two issues, the Group is rising to many challenges:
Optimising data to provide a better service to customers through more than 200 data usage development initiatives, some of which are still in the experimental phase (closer analysis of the consumer credit risk), while others are already in production (personalised customer solutions).
Setting up data use conditions, while ensuring their security and protection, with a decentralised organisation that is close to the businesses and the spread of a data culture, in respect of regulations, notably General Data Protection Regulation. Ensuring the technological and human resources for our ambition. Societe Generale invested in a big data platform to put data at the centre of its information systems. To attract and internally promote the top data-processing talent and skills, the Group relies on a targeted recruitment approach with traditional schools, the Grande Ecole du Numérique and an internal training programme known as Big Data Academy.
Personal data privacy at Societe Generale
The Group’s business lines have always collected, used and stored certain personal data about their clients so they can propose services that meet clients’ requirements and continually improve their product and service offering. In the age of the digital revolution, the volume of available data is growing, enabling the Group’s businesses to offer ever more personalised products and services.
Societe Generale is aware of the importance for its clients to be able to retain control of their personal data, and it reaffirms its commitment to processing these data responsibly. The policy and principles will be adapted for each of the businesses and regions in which the Group operates, in accordance with local regulations.
To be compliant with this regulation and strengthen the trust of our customers and employees, Societe Generale group is committed to 25 guiding principles that constitute the common framework for all Group entities and departments. They are divided into 4 major themes:
- Objectives & commitments
- Consent management
- Roles and responsibilities
- Standards & Security
In Asia Pacific, we work closely with country regulators and data privacy commissioners to ensure Societe Generale complies and respect each countries’ data privacy regulations. The goal is to ensure data protection is secured in any location in the world.
What's a DPO ?
The Data Protection Officer (DPO) is a genuine "driving force" behind data protection compliance. His or her main tasks are:
- to inform and advise the data controller or subcontractor and their employees;
- to monitor compliance with the regulation and national data protection laws;
- to advise the organisation on carrying out impact studies on data protection and to verify their implementation;
- to co-operate with the supervisory authorities and to be their point of contact.
We must identify all our processes that involve personal data. Rather than simply identifying these processes, this will also give us the opportunity to review the purpose and reason for our processing activities and how they are managed...
Societe Generale’s DPO