What is GDPR? GDPR and Whois
General Data Protection Regulation (GDPR)
After four years of preparation and debate the GDPR was finally approved by the EU Parliament on 14 April 2016. Enforcement date: 25 May 2018 - at which time those organizations in non-compliance may face heavy fines.
Data protection
Better rules for small business
Stronger rules on data protection from 25 May 2018 mean citizens have more control over their data and business benefits from a level playing field. One set of rules for all companies operating in the EU, wherever they are based. Find out what this means for your SME.
What is GDPR personal data ?
- Name
- Address
- Localisation
- Online identifier
- Health information
- Income
- Cultural profile
- and more
Why change the rules?
It's about trust...
A lack of trust in old data protection rules held back the digital economy and quite possibly your business.
of people feel they have complete control over the information they provide online.
And helping business boom...
One set of rules for all companies processing data in the EU
Doing business just got easier and fairer
The new system keeps costs down and will help business grow
estimated economic benefits of having one law.
New rules should boost consumer confidence and in turn business.
What your company must do for GDPR?
Protect the rights of people giving you their data
Communication
Use plain language.Tell them who you are when you request the data. Say why you are processing their data, how long it will be stored and who receives it.
Consent
Get their clear consent to process the data.Collecting from children for social media? Check age limit for parental consent.
Access and Portability
Let people access their data and give it to another company.
Warnings
Inform people of data breaches if there is a serious risk to them.
Erase data
Give people the ‘right to be forgotten’. Erase their personal data if they ask, but only if it doesn’t compromise freedom of expression or the ability to research.
Profiling
If you use profiling to process applications for legally-binding agreements like loans you must:
- Inform your customers;
- Make sure you have a person, not a machine, checking the process
if the application ends in a refusal; - Offer the applicant the right to contest the decision.
Marketing
Give people the right to opt out of direct marketing that uses their data.
Safeguarding sensitive data
Use extra safeguards for information on health, race, sexual orientation, religion and political beliefs.
Data transfer outside the EU
Make legal arrangements when you transfer data to countries that have not been approved by the EU authorities.
Do data protection by design
Processing data for another company?
Make sure you have a watertight contract listing the responsibilities of each party.
Check if you need a data protection officer
Keep records
Anticipate with impact assessments
-
New technologies
-
Automatic,
systematic processing
and evaluation of
personal
information -
Large-scale
monitoring of a
publicly accessible area (e.g. CCTV) -
Large-scale
processing of sensitive
data like biometrics
The cost of
non-compliance
links:https://ec.europa.eu/justice/smedataprotect/index_en.htm
Suggested Reading:
- Meerkat v Periscope: Who will win the live-streaming video battle(Views: 3587)
- Points to remember Choosing between SSD and SAS Drives(Views: 3449)
- Facebook’s Internet.Org Opens Platform to More Mobile Operators(Views: 1807)
- TOP500 JUNE 2018 NO1. SUMMIT of IBM(Views: 1427)
- Online game on the server requirements(Views: 4723)