[USER STORY] Privacy Rights Management - The right to be informed

[JustusOrtlepp]

Story Title

As a DFSP customer, I want to understand what my data will be used for, who is controlling the processing of the data, the lawful basis of that processing, the data retention period and any other recipients of the data so that I can base my comfort with the processing of my personal information on a complete understanding of that processing and so that I can verify that my privacy rights are managed according to applicable legislation

Acceptance criteria

1. Given (context) and (more context) when (event) then (outcome) and (another outcome)...

[JustusOrtlepp]

Depending on the specific regional legislation, a data subject will need to be informed when they submit information to the DFSP (direct submission) and also when the Mojaloop Switching Hub and the Mojaloop FRM system receives the DFSP user's information from the DFSP (indirect submission). All these data processors would then be obliged to inform the DFSP user that their information is being procesed.