Search:
Clear
  • Clear

TEGOS carried out a full GDPR compliance audit and created an implementation plan for TransferGo

We carried out a full GDPR compliance audit and created an implementation plan for TransferGo, a leading international fintech company with over 8 million customers in 160+ countries. The goal was to find any gaps, improve data protection practices, and align the company’s operations with current EU and global privacy standards.

TransferGo is one of the fastest-growing digital platforms for cross-border payments. It offers fast and affordable services aimed especially at migrants and people without easy access to traditional banking. As the company expanded globally, strong data protection became key to meeting regulatory requirements, earning customer trust, and supporting long-term growth.

We covered a wide range of GDPR topics across multiple companies within the group, including:

  • Reviewing and updating Records of Processing Activities (RoPA)
  • Analysing Data Processing Agreements (DPAs) with both internal teams and outside vendors
  • Assessing how the company manages data subject rights, such as access, deletion, and portability
  • Reviewing how data is transferred to non-EU countries, including use of standard contractual clauses (SCCs) and vendor checks
  • Supporting Data Protection Impact Assessments (DPIAs) for high-risk areas like fraud prevention, AML checks, and transaction monitoring
  • Recommending improvements in governance, documentation, and internal GDPR training

As a global fintech working in a high-risk area (financial services, cross-border payments, and vulnerable groups like migrants), TransferGo needed more than just basic GDPR compliance. Our audit helped the company: (i) lower regulatory risk across different countries, (ii) prove accountability and show progress in GDPR compliance to regulators and partners, (iii) build privacy protections into products and customer services from the start.

We acted as TransferGo’s external GDPR strategy partner, working closely with their legal, compliance, IT, and product teams. We delivered a practical plan with clear short-, mid-, and long-term actions, provided risk-based solutions aligned with both business needs and privacy requirements, and supported internal knowledge-building through workshops and guidance for leadership.

Our work helped TransferGo improve its data protection across both EU and global markets. It also supported their mission to stay a reliable and privacy-conscious financial service provider for millions of people. The project strengthened their reputation as a responsible, forward-looking player in the international payments space.