General Data Protection Regulation [GDPR]
Why Choose Dastawezz ?
INTRODUCTION
In the European Union (EU), General Data Protection Regulations (GDPR) is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, and non-compliance could of the same would cost companies dearly. Companies that collect data on citizens in EU countries need to comply with these strict rules around protecting customer data.
PROCESS
The following is the process along with the key elements for framing an effectuve GDPR complaint policy for a company:
- Identification – The data controller should include their full legal name and contact details for ghe purpose of identifying which entity handles the data.
- Collection of personal data – Information regarding as to how ,what and which way personal data is collected must be included and every type of data collection must be listed including the types of cookies used if applicable.The policy must specify to individuals about what type of personal data is being collected. Personal data means any information relating to an identified or identifiable natural person. The GDPR requires that individuals are to be given control over how their personal data will be used and so how and when individuals can exercise such control must be stated within the policy
- Reason for collecting personal data -The reason for collecting the personal data and how the data controller intends to use the same must specified. The dats controller should not use personal data for any reason other than as stipulated in the privacy policy.
- Sharing personal data -Companies must specify when an individual’s personal data is being disclosed to third parties and the reason for doing so and also provide links to the third party privacy policies. If personal data transfers take place outside the European Union the data controller must inform individuals the privacy policy and specify mechanism which will be used to protect the same.
- Duration for keeping personal data and Legitimate Interests- Organisations must specify in their privacy policies how long personal data will be stored for. Details of the legitimate interests for processing data must be made clear and included in your privacy information.
- Rights of individuals – Under the GDPR, individuals have the following rights:(i)requesting access to, rectification of or, deletion of their personal data(ii)requesting their personal data to be transferred to another person; (iii)complain to a supervisory authority.
- Policy language – Privacy policies should be clear and easy to understand by individuals who have no knowledge of privacy law.
- When to provide the policy – It is recommended that individuals are provided with required information by companies from the first point of communication.
ADVANTAGES / FEATURES
- Personal Data of the customers is protected.
- Data Protection Officers shall be responsible for aling sure that these regulations are implemented.
- One has the right to Ensure Rectification and Restrict Processing and GDPR fines the respective companies for non compliance.
DOCUMENTS REQUIRED
All identification and financial proofs of the company collecting the data.