PRIVACY BY DESIGN
PCR technology was conceived to support global privacy regulation using technologies specifically designed to deliver privacy protection as a priority.
Best-in-class proprietary global data sharing architecture
Technology-driven solution for current and expected data privacy requirements
Innovative Privacy-First platform encrypts all PII data both in transit and at rest
Unique tokenization and multi-data center approaches mitigate privacy breach risk
Evolving global capabilities to store PII in the jurisdiction of origin (NA, EU, Asia)
Support for data subject rights
Jurisdictional Privacy Hubs
PCR runs on a global network of "privacy hubs" located in key privacy jurisdictions such as USA, Canada, UK, Switzerland, Singapore, Abu Dhabi and Buenos Aries (1). This architecture ensures that personal information is stored and processed in the jurisdiction governing the data subjects we process.
Digital Enrollment Safely Obtains Consent
PCR’s Privacy Hub is responsible for gathering information required to enroll investment accounts and produce digital letters of authorization (LOA) that account owners sign to instruct custodians and managers to share account owner information. This process is designed to eliminate the manual handling of personal information, printing of LOA’s and unsafe emailing of this sensitive information. All consent is recorded, tracked and delivered via electronic signature.
Segregating “Data That Identifies You” from "Data
That Links You" to “Data About You”
This is the foundation of our architecture and focuses on ensuring that any security breach, no matter how egregious, limits the potential for a privacy breach. The LOA produced above contains personal information as it requires presenting the account holder names and account numbers to the counterparty. To further protect identities, we do not store the account numbers in this infrastructure but rather tokenize the account number and store the actual value in a second, isolated infrastructure.
Pseudonymization and Tokenized Data
All custodians and managers send sensitive personal data in their files and documents. As PCR has no influence on the market place, we immediately tokenize any Personally Identifying or Personally Linking in the source files and store that actual values in two separate database in the regional privacy hub. All processing, storage and transport occurs on tokenized data with the original data provided by custodian is destroyed after processing.
There are times that we must De-Tokenize Information by matching tokenized references in the data with information in the in the two token registries. Detokenization is generally limited to automated process responsible for preparing the data for transfer to approved designated systems (a clients wealth tech platform or banks reporting system). In the infrequent case that a manual check of data is required, only a small number of closely monitored team members have access to dynamically detokenize a single field at a time.
Preventing Privacy Breaches
If the Privacy Hub were breached, there is the possibility, after overcoming stringent encryption at rest protections, that a name and email could be obtained. But because we do not store account numbers or other information categorized as sensitive personal information, the identity breached has no context and cannot be linked to other information.
If the Token Registry were breached, the hacker would find a random character string associated with something like 11-1231-12321 (a brokerage account) with no context of the account owner is or what firm it is associated with.
If the Aggregation Hub were breached, the only information exposed would be quantities in securities and related transactions. Private security names, transaction comments, and account numbers would all be tokenized and unreadable.
Therefore, to have a breach of the type firms fear most, the infrastructure would have to suffer a simultaneous breach of three completely isolated data centers to associate an identity (Privacy Hub) with information such as account number that links an identity (Token Registry) to their investment data (Aggregation Hub).
Privacy Rights Management Built-In
Every row of data in our database is linked to the digital authorization obtained and as such enables us to trace the origin of a data subject’s information. Workflows are provided that automate our ability to service data controller requests:
What information do we store
Under what consent to we have the authority to store
Where has the information been transferred
Receive a copy of data
Delete my data and anonymize any record of me
Privacy Tech for the Future
We have chosen a technology approach rather than over-reliance on people, agreements, and insurance to protect our clients most valuable asset - their privacy. Our continuous commitment to innovation on the privacy-tech front ensures that our clients will continuously benefit and our service trusted.
(1) UK, Abu Dhabi and Buenos Aries Operational Q2 2021.