The EU General Data Protection Regulation (GDPR) entered into application on 25 May 2018. The Data Protection Regulation is directly applicable legislation, and it is also integrated in our company’s operations. It is an updated version of the 1995 data protection directive which defines processing rules of personal data in a more detailed manner harmonized among the EU member states.
Appropriate processing of personal data strengthens the rights of a data subject and increases openness and transparency. Key points in the data protection regulation include, among other things:
- emphasizing the legality of personal data processing;
- reducing amount of collected personal data and improving its accuracy;
- ensuring clear and open notification procedures.
For individuals, i.e. data subjects, the implementation of the new modernized regulation can be seen, for example, as introducing the new rights. According to the updated regulation data subjects have now more rights including the newly defined ones. That allows the data subjects to better understand and monitor collection and use of their personal data.