GDPR - everything you need to know!

GDPR or the EU Privacy Regulation targets all entities that handle personal data - employees, customers, clients, or suppliers. It will enter into force in May 2018.

The Regulation newly introduces the principle of so-called accountability, which is based on the obligation of administrators and data processors, irrespective of their size or number of employees, to introduce technical, organizational and procedural measures to demonstrate compliance with GDPR principles.

What are the obligations imposed on GDPR by institutions and companies?

Applying the principle of responsibility will cover the following areas in particular:

  • implementing deliberate and necessary data protection
  • impact assessment on personal data protection, DPIA or Data Protection Impact Assessment in English
  • the appointment of a Data Protection Officer (DPO)
  • the introduction of so-called pseudonymization of personal data
  • keeping records of processing activities
  • consultations with the supervisory authority before the processing of personal data itself
  • significant changes in corporate legal documents
  • adherence to the processing principles
  • change in requesting consent to processing
  • requiring but also providing guarantees with the processing of the personal data

Another principle falling within the sphere of responsibility is the obligation of the administrators or processors to keep records of the processing activities for which they are responsible. Each administrator and processor will be required to cooperate with the surveillance authority and, at his request, make the records available for monitoring purposes.

Records of activities must include the following information:

  • the name and contact details of the administrator and the processor including the name of the DPO
  • processing purposes
  • compliance with the principles
  • life cycle of personal data
  • a description of the categories of data subjects and categories of personal data
  • the category of recipients to whom the data was or will be made available
  • information on the international transfer of personal data
  • deadlines for the deletion of individual personal data
  • description of technical, safety and organizational measures

Do not hesitate to contact us for more information!

UBK s.r.o.
Denisovo nábřeží 6
301 00, Plzeň

T: +49 9123 98 98 6 245
Skype: ubk_sro

Custom-made software development

Mobile Software development

Programmers to hire

GDPR

Establishment of development teams

Workflow management

SAP consultants

This website uses cookies for providing services, customization and traffic tracking. By using this website you agree. More info