A payment service provider must not access, process or retain any personal data for the provision of payment services by it, unless it has the explicit consent of the payment service user to do so.
Version status: In force | Document consolidation status: Updated to reflect all known changes
Version date: 13 January 2018 - onwards