GDPR
HOW WE IMPLEMENT THE NEW PERSONAL DATA PROTECTION REGULATIONS IN OUR COMPANY?
-
What is the General Data Protection Regulation?
It is the normative act that encompasses the new regulations adopted by the European Union on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. (EU Regulation 2016/679).
-
Why is the General Data Protection Regulation important?
Because it applies to all organizations that process personal data.
-
What changes does the General Data Protection Regulation bring to the current legislation?
-
The new regulation imposes new rules on the processing of personal data and severe sanctions (up to 10 million euros, but no more than 2% of the global turnover, reaching 20 million euros in some cases, but no more than 4% of the global turnover), in case of violation of the legal provisions on the processing of personal data.
- The main changes brought by the General Data Protection Regulation at company level:
Records of personal data processing actions
Appointment of a Data Protection Officer
Promoting the security of processed data, as a principle
New rules on contracts with data processors
The obligation to assess the impact on personal data