The 10 keys to the new Data Protection Regulation

Advancing Forum Analytics at China Data
Post Reply
sakib25
Posts: 35
Joined: Sat Dec 07, 2024 4:20 am

The 10 keys to the new Data Protection Regulation

Post by sakib25 »

Many of you have probably heard about a new regulation that will regulate the way in which companies use personal data, and these will have to adapt to it under penalty of heavy sanctions. In less than a month, on May 25, the new General Data Protection Regulation (GDPR) will be applied , whose objective is to unify the regimes of all member states of the European Union on the subject.
With it, it is intended to give European citizens greater control over the personal data that organizations collect, use and store. From International Marketing we explain the ten most important aspects of the regulation so that you can understand it more easily:
1. Who does it apply to? To companies or entities that process personal data and are established in the European Union , or outside the European Union but offer goods or services to people who reside here.
Also to natural persons? No, unless they are registered as self-employed and process personal data as part of their activity.
2. It includes the Anglo-Saxon principle of “Accountability” , which requires organizations sweden phone number list to be proactively responsible and to be able to demonstrate that they comply with the set of established obligations. What does this mean? That the data controller must apply technical and organizational measures to guarantee and demonstrate compliance. In this sense, it will be mandatory to keep a continuous record of data processing activities .
3. The processing of personal data will only be lawful if the interested party has given their consent freely, specifically, informedly and without ambiguity , which must be demonstrable by the company. The interested party may withdraw consent at any time. In short, the organization must offer the necessary facilities to make it as easy for the user to give consent as to withdraw it .

Image

What is the minimum age from which consent is considered valid? 16 years . Below that age, the guardian must give or authorize said consent.
4. It establishes the standard of “ data protection by design” , which consists of the introduction of the necessary technical and organizational measures, taking into account the context and technological advances, that guarantee the protection of personal data from the initial planning phase of the procedures and systems.
5. It regulates what is popularly known as“right to be forgotten” , the right of every citizen to request the immediate deletion of personal data concerning them, in order to prevent the dissemination of personal information over the Internet when the adequacy requirements are not met.
6. In the event of a breach of personal data security , the data controller must notify the competent supervisory authority (in our case, the Spanish Data Protection Agency) within a maximum period of 72 hours of having become aware of it. If the security breach entails a high risk for the data subjects, for example, fraud or identity theft, they must also be notified.
7. Establishment of a new figure: Data Protection Officer (DPO). It will be mandatory to appoint a DPO in certain cases:
Post Reply