GDPR
GDPR (the General Data Protection Regulations) created a mighty splash when the companies affected by it realised they were going to have to launch projects to comply.
The regulation is large and potentially a lengthy read. This may be the reason that few of the people involved in dealing with it seem to have read it. This post will zoom in on Article 13, where key information related to the rights of the data subject (ie the person whose personal data is held) can be found.
A great deal of information is contained in Article 13 of the regulation. Here were learn the it is mandatory to
*Make clear the identify of the Data Controller
*Give the contact details of the Data Protection Officer
*Specify the purposes for which the data is held
*Say were the processing of the data takes place
*Who might be receiving the personal data
*The length of time for which the personal data will be stored (this is a responsibility of the data controller)
*The existence of the right to request access to the personal data and to the right to have errors rectified
*The right to lodge a complaint
*The existence of any automated decision making (profiling)
For anyone wanting a quick overview of what GDPR entails, this is an excellent place to start. It is quite instructive to consider how many websites you have visited really comply with all of this. Maybe not many.
Comments
Post a Comment