The General Data Protection Regulation (GDPR) is the EU Regulation No. 2016/679 dated 04/27/2016 “On the protection of individuals with regard to the processing of personal data and their free movement” and the repeal of the Directive on General Data Protection Provisions of the European Union No. 95/46.
This algorithm began to operate on May 25, 2016 and is fundamental for use in the countries of the European Union.
All EU member states that take into account the personal data of individuals – members of the European Union when selling or offering them various services or products.
As well as those who monitor the behavior of the subject of these in the vastness of the EU.
These aspects take into account the following aspects:
The updated GDPR document denotes such concepts as “controller” (English controller) and “processor” (English processor) of personal data.
An individual or legal entity, the state, as well as any government agency or organization that, individually or in combination with others, forms the purpose and methods of processing PD is a “controller”.
This entity has the following responsibilities:
A legal entity or an individual, a state, or a separate body that processes personal information on behalf of and on a control order is a “processor”. His direct responsibilities are:
The EU document applies to all companies that collect, store or process personal data of members of the European Union (i.e. processors and controllers), regardless of the location of these entities.
These Regulations prohibit the movement of personalized data of EU members outside of it, threatening the application of sanctions.
As of April 2018, the European Commission recognizes those countries that do not have an adequate level of PD protection: New Zealand, Guernsey, Uruguay, Switzerland, Liechtenstein, Norway, Iceland, Andorra, South Korea, Argentina, Canada, Israel, Fr. Maine, Faroe Islands, Japan. USA.
The main principle of the Regulation is if it is not possible to force the processor or controller of personal data in a particular country to bear the responsibility that is provided for in the Regulation, then all operations with PD of members of the European Union will be illegitimate.
The main innovations include:
The GDPR provides for substantial sanctions for non-compliance with the processing rules for PD of current residents of the European Union. The fine is estimated at about 20 million Euros, or 4% of the total financial turnover of the corporation).
These requirements are not limited to the limits of the established non-disclosure policy of the Internet resource.
To fully align your company with GDPR rules, we recommend the following:
Eternity Law International experts will assist you in analyzing your Internet resource for compliance with GDPR requirements, draw up the correct Privacypolicy, and also advise you on individual legal issues.