Call us 24/7 and get a free diagnosis
General Data Protection Regulation
The General Data Protection Regulation (GDPR) is the EU framework aimed at protecting data and privacy.
The General Data Protection Regulation (GDPR) is the EU regulatory framework aimed at protecting data and privacy of people and businesses in the EU. It was passed on April 14, 2016, and came into force on May 25, 2018.
Requirement for explicit consent:
Companies have the requirement to obtain explicit consent when processing data from individuals after transparently informing them of their aims (processing, storage and other uses of the data). It is no longer sufficient simply to inform users, now they must actively consent.
Right of access:
All citizens have the right to receive confirmation from companies about whether they posses and process their personal data. If so, they may access this data and the organization is obliged to provide a copy and to explain the purpose of the data processing, the criteria and the period for which the data will be kept. The GDPR also establishes the right to correct any personal data.
Right to be forgotten:
This establishes the right of the user to have their data erased under certain circumstances: where the data is no longer required for the purpose for which it was collected, the consent has been revoked, if the data was collected in relation to a time limited offer of services or if the data was obtained illegally, etc.
Right of portability:
Users have the right to request that the organization holding their personal data transfer or provide a copy of the data to a third party.
Responsibilities of the organization:
In general, the responsibilities of businesses and organizations have increased. The new regulation obliges them to implement systems for monitoring data processing as well as documenting data collection, storage and use procedures.
Failure to comply with the GDPR can incur sanctions on four levels:
- A warning
- A caution
- Suspension of the right to process data
What it means for citizens
The right to be forgotten.
Any user has the right to contact any company and ask for their personal data to be erased. The company then has 30 days to erase the data of this user from its systems.
Less marketing and advertising material.
Sometimes, simply accepting the terms of a service agreement has been taken as consent to receiving advertising. Consent has been considered implicit by most companies. The GDPR obliges companies to obtain the explicit and informed consent of consumers before their data is used for the purposes of advertising, etc.
Protection of minors.
Teenagers and young adults should receive proper training on how to safely use social networks, but the GDPR also reinforces their protection by allowing potentially embarrassing messages to be deleted. In countries such as the UK, young people also have additional protection: since 2018, users of Facebook, Twitter and Instagram can delete all posts published before they were 18 years old..
Keep all your devices safe with Panda Dome antivirus and anti-malware.
Subscribe now and secure an unlimited* number of devices: from laptops to smartphones, tablets and smartwatches.Protect yourself with Panda Security