PRIVACY AND GDPR
On 25th May 2018, the GDPR (EU General Data Protection Regulation 2016/679) has been implemented.
All the organizations that process personal data of data subjects located in the European Union must comply with the Regulation.
Personal data means any information relating to an identified or identifiable natural person such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Under the Regulations, the Legislator has introduced heavy penalties (up to 20 million euros or up to 4% of annual turnover) for the non-compliance cases.
(CLIENTS, SUPPLIERS, CONSULTANTS, WEBSITE USERS, ETC.)
(DATA PROCESSING AGREEMENT, APPOINTMENT LETTERS)
RECORDS OF PROCESSING ACTIVITIES
DATA PROTECTION OFFICER AS A SERVICE
APERSON ACTING UNDER THE AUTHORITY OF THE CONTROLLER OR OF THE PROCESSOR