You are one of the companies bombarded by information about the proximity of the provisions of Regulation no. 679 / 27.04.2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data? As you can easily see, you do not know too much about the Regulation and you do not even know what you have to do to fully comply with the rigors imposed by it. We could even say that the name of the Regulation will not be as familiar as the names of the internal normative acts are known, referring here to the Laws, Decisions, Simple or Emergency Ordinances, etc.
What is this data protection regulation for online stores??
Regulation no. 679 / 27.04.2014, also referred to as the General Data Protection Regulation, is a binding legislative act to be applied in its entirety in all Member States. It bears this name because it is a transposition of the legislation in force in the European Union. It should be noted that the regulations of this normative act are not an absolute novelty because previously, the provisions of the Directive no. 95/46 / EC, but the latter are not mandatory..
What does the general data protection regulation provide?
It is about how personal data are processed by economic agents, who will be required to adhere to a set of rules in the way they manage and use that data. Under certain conditions, economic agents will be required to designate a person responsible for the protection of personal data, referred to as the DPO. After the entry into force of the Regulation, companies processing personal data will be required to comply with the much stricter new rules. Among the new regulations are: the right to delete, privacy by design, the right to data portability, the obligation to create a general register of processing operations, etc. The regulation requires companies to collect, process and protect their personal data in superior safety. The regulation is designed to give EU citizens more control over their own information. For companies, the regulation requires a higher risk management, the establishment and implementation of clear security policies, and the optimization of information and communication technologies. All companies will have a legal obligation to comply with the new GDPR regulations, for which it is necessary to carry out the following main operations: Identify the personal data with which the commercial agent operates, Analyze the way they manage them, Adopt protective measures of these data against internal and external risks, reporting and ensuring the availability of information on request. All the main activities identified above involve each other a number of other activities that need to be well structured and managed so that the overall personal data management activity is well-organized, avoiding the possibility of creating breaches in the system management and use of these data types. In order to carry out the personal data management operations it is necessary besides a good knowledge of the normative act and a careful involvement in the activity of guidance of the institution with the role of verification and control, respectively the National Supervisory Authority for Personal Data Processing is required such an approach in the context in which the normative act that comes into force starting with May 25th, becomes a set of norms that regulates for the first time in our country the domain of personal data, which is easy to understood the lack of experience of previous situations as well as the difficult implementation of certain provisions transposed ad-literam from the European legislation, long confronted with this problem which has already caused material damage, while in our country we are in the phase to which we only record moral effects. This situation actually seems to be encouraging, but we must be aware that the evolution of socio-economic relations will create sensitive situations that are likely to bring material damage to those who do not comply with the GDPR provisions, which is why our company will propose the granting of an informed support by a the team constantly pursuing the way evolving the needs of the relevant factors in this field, we can offer you permanent support in solving these problems. Specifically, we propose to buy a package of services designed to ensure the information, implementation and follow-up of compliance with the normative act so that you can not be guilty of non-compliance with GDPR for online stores.