The introduction of international automatic exchange of financial account information (AEOI) represents a significant leap forward in combatting tax fraud and avoidance. Meanwhile, data protection legislation is developing rapidly to take into account the latest progress in information technology and more rights are being granted to data subjects. The aim of this article is to determine the extent to which data protection provisions may impact the AEOI and identify a minimum common standard of taxpayer rights from a data protection perspective.