GDPR implementation

< >

After several years of negotiation, the European Parliament approved the new General Data Protection Regulation (GDPR), which became mandatory for all state members of the EU in May 25, 2018.
Considering the principle of individual freedom and the right to privacy, GDPR is seen as a great evolution (and revolution) of the current “information society”.

.the_problem {

This new regulation responds to the needs of “information society”, where the internet, social networks and other digital spots of information sharing, had create a situation of difficult resolution: people share their personal data online easily. While this, companies and organizations are investing in obtaining targeted information from their target audience. This way, they can orientate offers and products to people more likely of wanting to acquire them.

}

.GDPR overview {

.person’s rights {

It significantly increase the persons’s rights and the information that has to be provided in relation to the activities of data processing.

}

Z

.agreement {

Information systems and processes that use personal data are required to ensure confirmation of acceptance of conditions from a statement or other unequivocal positive act, it is no longer possible to presume consent, or to make use of pre-selected options.

}

+

.data portability {

Individuals now have the right to circulate, copy or transfer personal data, whether public institutions or companies, even if they are competitors.

}

.application scope {

It covers all companies, public institutions and even organizations that process data on behalf of third parties within the EU – even if they are based outside the EU.

}

i

.compliance proof {

It’s not enough to comply with the GDPR. Institutions are now required to provide evidence of the implementation of standards of the GDPR’s “responsibility” requirement. This implies ensuring and being able to provide proof of the existence of registration processes and systems to ensure compliance with these regulations.

}

~

.privacy from start to finish {

Incorporation of privacy considerations in all ways, and only the data strictly necessary for the purpose for which they are intended can be used.

}

.mandatory reporting of data breach {

Data controllers must notify the local control authorities – CNPD, in Portugal – within 72 hours of becoming aware of the fact. Serious violations must be notified to affected persons.

}

.person in charge of data protection {

Mandatory requirement for all public institutions. It requires expertise in data protection law and it’s a necessity that can be outsourced to service providers.

}

.fines {

They may be up to 4% of the annual overall turnover, or 20 million euros, whichever is the biggest. The fine may be imposed even if there is no loss of data.

}

else.drop us a line {

  • By submitting your e-mail address on our form you are giving us consent to use your e-mail address to send marketing information.
    Your data will be kept for the terms and conditions legally provided, in accordance with the new General Regulation on Data Protection and the guidelines provided by the National Data Protection Commission.
    You have the right to request access to your personal data, as well as rectification or erasure, and the limitation of treatment, or the right to object to processing, as well as the right to portability of data.
    You also have the right to withdraw your consent at any time without compromising the lawfulness of the treatment made up to the moment you withdraw consent.
    You also have the right to complain about the processing of data with the National Data Protection Commission.
    For the safety of your data, appropriate technical and organizational measures will be applied to ensure a level of security appropriate to the risks.
    You will be notified in case of violation of your personal data, together with the notification to the National Data Protection Commission, under the terms and conditions provided by law.

R.Major Neutel de Abreu
16 A/B/C
1500-411
Lisboa
}

+351 211 380 568
info@codefive.pt
www.codefive.pt
}

  • By submitting your e-mail address on our form you are giving us consent to use your e-mail address to send marketing information.
    Your data will be kept for the terms and conditions legally provided, in accordance with the new General Regulation on Data Protection and the guidelines provided by the National Data Protection Commission.
    You have the right to request access to your personal data, as well as rectification or erasure, and the limitation of treatment, or the right to object to processing, as well as the right to portability of data.
    You also have the right to withdraw your consent at any time without compromising the lawfulness of the treatment made up to the moment you withdraw consent.
    You also have the right to complain about the processing of data with the National Data Protection Commission.
    For the safety of your data, appropriate technical and organizational measures will be applied to ensure a level of security appropriate to the risks.
    You will be notified in case of violation of your personal data, together with the notification to the National Data Protection Commission, under the terms and conditions provided by law.

codefive

news.get updated {

  • By submitting your e-mail address on our form you are giving us consent to use your e-mail address to send marketing information.
    Your data will be kept for the terms and conditions legally provided, in accordance with the new General Regulation on Data Protection and the guidelines provided by the National Data Protection Commission.
    You have the right to request access to your personal data, as well as rectification or erasure, and the limitation of treatment, or the right to object to processing, as well as the right to portability of data.
    You also have the right to withdraw your consent at any time without compromising the lawfulness of the treatment made up to the moment you withdraw consent.
    You also have the right to complain about the processing of data with the National Data Protection Commission.
    For the safety of your data, appropriate technical and organizational measures will be applied to ensure a level of security appropriate to the risks.
    You will be notified in case of violation of your personal data, together with the notification to the National Data Protection Commission, under the terms and conditions provided by law.

Share This