The purpose of the conference was to inform participants, about the new EU regulation on personal data protection for all individuals, within EU, that will be enforced on May 25th, 2018, across all EU countries. EXES Strategy Consultants attended the Conference to assist its clients in the implementation of the regulation.
According to EU GDPR portal:
“The EU General Data Protection Regulation (GDPR)…. was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy”
The new regulation requires from all organizations that handle or process personal data to maintain appropriate security and also give EU citizens’ greater control over their “personal data” as precisely defined by the GDPR.
As presented at the Conference, key points of the GDPR that a business owner should consider, are:
Data Protection Principles and Obligations
Data Subject’s Rights:
- Lawful, fair and transparent
- Limited purpose
- Retention Period
- Individual rights
- Overseas transfers
- Accountability – Demonstrating Compliance
- Right to be informed
- Right of access to their personal data
- Right to rectification
- Right to erasure (the right to be forgotten) • Right to restrict processing
- Right to data portability
- Right to object
- Rights in relation to automated decision making and profiling
All organisations must comply by May 25th, 2018, since fines up to €20m or 4% of annual global turnover, whichever is greater, may be imposed for failure to meet certain GDPR requirements.