From May 25, 2018 every company and organization processing data from European residents will have to obey a new set of data security rules whether or not the company is based in the European Union. The year 2018 will be resolutely placed under the sign of personal data protection!
What exactly are we talking about?
To prevent the misuse of users’ personal data Europe has decided to legislate. The RGPD aims to protect users by giving them greater control over how their data is used. In concrete terms, from May 25, the RGPD makes the individual’s explicit consent a prerequisite for any collection of personal data
These new rules concern 4 areas to be identified and clearly defined:
- Data acquisition and processing
- Enterprise data storage and backup
- Information security
- Individuals’ rights to consult, rectify or refuse data collection
What’s the difference?
For the user, not much. Services are still accessible, just as before. The RGPD does, however, reinforce measures for the right to be forgotten, especially if your data has been hacked. Companies that use data must now ensure users’ consent before harvesting their data, limit collection to the strict minimum and secure this data.
What’s in this law?
The RGPD defines the measures that companies must take for the collection and protection of personal data. The text also defines the penalties for non-compliance: up to 4% of company sales for cheaters.
Measures to be implemented :
- Obligation to keep a processing register. This register will be available to the CNIL in the event of an inspection.
- Appoint a data protection officer
- Cleaning databases
- Make your forms compliant (based on opt-in)
- Respect the two rules of email marketing (recall subject line, allow unsubscribing)
- Adapt your cookie policy (Inform the user with a brief message and create a dedicated “Learn more” page)
- Ensuring the compliance of your service providers
RGPD, an opportunity for companies and Internet users.
The RGPD represents a real asset for consumers as it helps them to better understand their rights, at the same time as it leads them to familiarize themselves with advertising’s contribution to the quality, freedom and impartiality of content.
At the same time, the RGPD will make publishers more accountable for data collection, pushing them to focus on the data they really need to optimize their service. Having to explain the reason for this collection to the user will help fight against any superfluous collection. There’s a lot of data out there, but very little intelligence applied to it.
“The RGPD is a real revolution, the impact of which no one is really measuring today. Indeed, for my part, it’s essential to take advantage of the opportunity presented by the RGPD to address all the issues linked to data confidentiality, whether they fall under privacy or not. It is necessary to rely on different technologies, different types of data protection products. The reality is that on the French market, there are very few tools that can easily resolve all data protection issues. Our technology fully meets the technical aspects demanded by the RGPD.”
Eric Stefanello – Difenso – TRSb Partner
Source : trsb.net
