Home News The GDPR

The GDPR

by Mr Smith
3 comments

The General Data Protection Regulation (GDPR) is a comprehensive data protection and privacy regulation that came into effect on May 25, 2018, within the European Union (EU) and the European Economic Area (EEA). Its primary aim is to provide individuals with greater control over their personal data and to harmonize data protection laws across the EU member states.

The goal of the GDPR is to enhance data protection and privacy rights for individuals while establishing clear and harmonized regulations for the collection, processing, and storage of personal data of EU’s citizens.
Mr Smith

KEY PRINCIPLES

  1. Consent: Organizations must obtain clear and explicit consent from individuals before collecting or processing their personal data. Consent must be freely given, informed, and easily withdrawable.
  2. Right to Access: Individuals have the right to know what personal data is being collected and processed about them, as well as the purposes for which it’s being used.
  3. Right to Erasure (Right to be Forgotten): Individuals have the right to request the deletion of their personal data if it’s no longer necessary, if consent is withdrawn, or if the data is being processed unlawfully.
  4. Data Portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.
  5. Data Protection Officer (DPO): Some organizations are required to appoint a Data Protection Officer, responsible for overseeing data protection strategy, compliance, and handling data protection issues.
  6. Data Breach Notification: Organizations must report certain types of data breaches to the relevant supervisory authority within 72 hours of becoming aware of the breach. Individuals must also be notified if the breach poses a high risk to their rights and freedoms.
  7. Privacy by Design and Default: Privacy considerations must be integrated into the design of systems, processes, and services from the outset (privacy by design). Default settings should also prioritize data protection and privacy (privacy by default).
  8. Data Processing Agreements: Organizations that process personal data on behalf of others (data processors) must have clear agreements in place that outline the responsibilities and obligations related to data protection.
  9. Territorial Scope: The GDPR applies not only to organizations located within the EU/EEA but also to organizations outside the EU/EEA that offer goods or services to EU/EEA residents or monitor their behavior.
  10. Fines and Penalties: Non-compliance with the GDPR can result in significant fines, which can be as high as 4% of the organization’s global annual turnover or €20 million, whichever is higher.

The GDPR has had a significant impact on how organizations handle personal data, prompting them to implement stricter data protection measures and provide more transparency to individuals about how their data is used.

You may also like

3 comments

Marina 8 July 2017 - 09:18

Et harum quidem rerum facilis est et expedita distinctio. Nam libero tempore, cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere.

Marina 8 July 2017 - 09:18

Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil.

Marina 8 July 2017 - 09:18

Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore.

Comments are closed.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00