GDPR is an acronym formed from the initials of General Data Protection Regulation, (meaning a general data protection regulation in Hungarian) any company or enterprise (including Self Employed) with at least 1 employee or 1 customer, 1 business relationship or even 1 data manager (this includes dormant companies as they are related to the accountant, they also manage the data of their shareholders, directors and secretaries.) must comply with this data protection law.
The Deadline was 25.05.2018!
The aim of the regulation was to provide natural persons with uniform, EU-wide protection for the processing of their personal data throughout the European Union. (This is independent of the Facebook – Cambridge Analityca scandal)
The scope of the regulation applies to the processing of personal data of natural persons. The most important concepts are the concepts of personal data, data management and data processing. All companies are data controllers and / or data processors in this sense. The principles of the Regulation are legality, due process and transparency, purpose, data economy, data accuracy, limited storage, integrity and confidentiality.
The controller is responsible for complying with the principles and must be able to demonstrate compliance. There is a reverse rule of evidence in the field of data protection, which means that it is not the authority that has to prove the breach during an inspection, but the data controller has to prove compliance with the regulation!
The processing of personal data becomes lawful if it has all the legal bases described in the Regulation.
Without wishing to be exhaustive, we would mention a few as:
– the consent,
– the performance of the contract,
– compliance with a legal obligation to which the controller is subject,
– the protection of the person concerned vital interests
– within the framework of data management in the public interest or public authority conferred on the controller powers exercised,
-if the data management of the controller or a third party with a legitimate necessary to safeguard its interests
The data subject has the right to restrict the access, rectification, erasure or processing of personal data concerning him or her and to object to the processing of such personal data, as well as the right to data portability. You have the right to withdraw your consent at any time and you have the right to lodge a complaint with the supervisory authority.
An important rule is that the necessary information must be provided to the individual concerned before the data is collected. (Data controller and his / her representative, name, purpose of data processing, legal basis, duration of storage of personal data.) The consent of the data subject must be sought for the processing of his / her data. The regulation provides for the registration of data processing activities. According to the Regulation, a data protection incident is a breach of security which results in the accidental or unlawful destruction or loss, alteration, or unauthorized disclosure of, or access to, personal data transmitted or stored or otherwise handled. (loss of laptop or mobile phone, trashed payment list, unauthorized copying of contact lists, attacks on server, hacking of website, etc.) If such a situation occurs, the data controller must report the data processing incident to the supervisory authority without undue delay within 72 hours.
Most common corporate data management activities:
– data of personnel register employees,
– data of job applicants, data management related to entry and exit
– accounting data management
– data management of contractual partners
– loyalty lists
– contact data of partners’ representatives
– data management related to direct marketing activities
– visit, registration on the company’s website, newsletter service, web store, etc.
The new EU regulation is quite serious and imposes a very complex administrative burden on businesses.
Do not forget! Mandatory from 25.05.2018!
Our company undertakes to prepare the data protection regulations of your company for a total fee of £ 220. The completed data protection regulations must be reviewed annually, for an annual fee of £ 150.
Get more information about GDPR!
We are looking forward to contacting you as soon as possible!
Phone: +44 (0) 1357 – 340 – 000
Skype: Symfalogic Corporation
We will send you a confirmation immediately after ordering to confirm that the form has been filled in correctly. In the email you received, please check that the information provided is correct. (There are no errors, misspellings, etc.) If there is, please indicate it immediately please.
After submitting the form, it will be transferred to the Symfalogic Corporation’s store, where you will select the service you have already ordered, and then the system will guide you through the payment process.
As soon as the amount arrives, we will send you a confirmation immediately and we will inform you of any further steps.