Breaking News

GDPR


GDPR

GDPR it is the General Data Protection Regulation. It is part of the new European regulation on the legitimacy of EU citizens' use of data by companies, by imposing strict rules on acquiring the consent of the people to process their data. The European Parliament ratified it in April 2016 for it to be implemented.

How to protect data?

Companies need to question their customers about their data in a clear and accessible way. Customers have the right at any time to request to delete their data. Companies who collect data if they discover an incident, must inform their customers of what happened within 72 hours.

Did not affect us?

Because any organization dealing with European data is subject to these regulations, regardless of its headquarters in the world, they must respect the rules of the Union.
The identification was taken for the protection of data limited to e-mail and social security numbers and bank account, but it was expanded to include all the data that can be used in identification, including property intellectual property, fingerprints.

What if companies did not comply?

Each company must pay a fine of 20 million euros, or 4% of its annual turnover, the highest amount being withheld. Sanctions can become more severe.

What is the problem about the organization?


The European Union started the application of GDPR as early as 25 May 2018, forcing companies to protect personal data for transactions in the Member States of the European Union. It covers all companies that process data from EU citizens, in particular banks, insurance companies and other financial companies.
The full text of the GDPR includes 99 articles, which specify the rights of individuals and the obligations imposed on regulated companies. The provisions of the new Data Protection Act also require the protection and regulation of all personal data transmitted outside the European Union.

What data is protected by the GDPR?

Two essential points must be emphasized:
First: the right to delete data. If you do not want someone to get your data, you have the right to ask for it to be deleted.
Secondly, the right of applicability of the notifications to the users must, with regard to the clauses of "subscription/withdrawal", be very clear and in conformity with their conditions.
The GDPR requires clear justifications, the following types of data are covered:
(1) personally identifiable information, including names, addresses, date of birth and social security numbers.
(2) Web data, including user location, IP address, cookies and RFID tags.
(3) Health (HIPAA) and genetic data.
(4) Biometric data.
(5) ethnic data.
(6) political opinions.
(7) sexual orientation.
What are the standards imposed by the GDPR of the Data Protection Act?
As mentioned earlier, the requirements of the Data Protection Act cover a total of 99 difficult problems to solve, but any company that stores or processes personal information about EU citizens in the EU must comply to the Data Protection Act, even if it does not have a commercial presence in the European Union.

 Companies are subject to EU law if:

(1) The activity of the company is present in the EU countries.
(2) if the company processes personal data of the European population, even in the absence of physical presence in the EU.
(3) Companies with more than 250 employees.
(4) If the data processing of the company affects the rights and freedoms of the persons concerned, even if the number of employees is less than 250 employees.


Some websites in the United States have banned their services completely rather than comply with new regulations: dozens of American newspapers are now banned in Europe, such as the Los Angeles Times, the New York Daily News and the Chicago Times. Some web services such as Instapaper have operated in the EU indefinitely.

 What about Facebook and Google?

According to the latest reports, Facebook and Google will already face fines of up to $ 8.8 billion after the implementation of GDPR laws.
The new European privacy laws are not born today, but well after years of deliberation: the information trade, which uses the data and privacy of individuals as goods to sell and buy and sometimes to influence the behavior of individuals and change their orientation.

 privacypolicies to use for sites, blogs , YouTube and mobile apps


For more details : GDPR for mobile apps (part 1, part 2)