Personal data protection
- Preparation of the initial analysis,
- Providing the services of the responsible person for the maximum insurance cover.
Preparation of the initial analysis and provision of the services of the responsible person for the maximum premium coverage.
From 25.5.2018 businessmen will be obliged to fulfill several obligations under Regulation no. 2016/679,
within which they must have their internal settings of documents and processes, websites, and more
administrative outcomes to adapt to the new data protection law.
A fine of up to € 20 million EUR may be imposed for the infringement, or 4% of the annual turnover.
Some obligations are
– Establishment a Data Protection Officer
It concerns entities:
– public subjects,
– processors of a particular categorys of personal data and those who monitor a large scale of the persons concerned,
The person in charge must be professionally qualified and for breach of the duty of the person provision or provision only formally, i. without this person really area controlling and fulfilling all duties properly and in time, threatens to be fined up to 10. Million EUR.
Responsible person can be an employee or an external contractor where is possible simplified procurement procedure without an electronic marketplace. The employee’s disadvantage is his limited liability for damage. In the case of an external supplier, it is for the same reason advantage his insurance.
Towns and other communities governed by public law can also determine jointly responsible person to reduce the costs. The main tasks of the responsible person are to provide advice, supervision and communication with the Authority. The responsible person must be involved in all internal procedures and be subordinate
directly to the statutory authority.
Those who employ 250 employees or process specific category data must keep records about scope, purpose of data processing, transfer to third countries, erasure periods, security measures and so on.
In addition, other obligations must be met, in particular:
– Consent must be explicit, cannot be inferred from the beliefs that the person has not done anything,
e.g. has refused to do anything, cannot be a part of the contract terms,
in the case of persons under the age of 15, the consent of the legal representative must also be granted,
webservices, it will be necessary to ensure that such consent is given from the parents, or show that the service is not intended for younger people under 15).
– In case of security breach or leakage, it is necessary to report it to the Authority within 72 hours and also to the persons concerned, if there is a serious breach of their rights.
– the right to request that its data should be deleted from search engines, behind this Google, Yahoo … and other operators are bound to make the necessary forms available on the site. There will also be an entitlement to receive and transfer data to another operator free of charge.
– where the processing of personal data is risky, in terms of protection, information about health status, biometric data, etc., the operator is required to develop an impact analysis on protection of personal data if the Authority confirm the risks and ask the Authority for Consultation.
The first step to comply with the Regulation is to analyze the company’s internal environment (contracts, business documents and correspondence, web, internal regulations, etc.) in cooperation with a lawyer or other experts, whose output should be a list of concrete steps for reconciliation of factual status with the new legal regulation.
The cost of the service to perform the function of the person responsible for the protection of personal data with insurance to The maximum amount of damage of our office is 277 euros per month, the price for the initial analysis is typically 600 euros excluding VAT.