You collect or process personal data, i.e. “any information relating to an identified or identifiable individual.”
You carry out operations involving personal data (collection, registration, organization, conservation, adaptation, modification, extraction, consultation, use, communication by transmission or any other form of provision, reconciliation).
You want to take steps to ensure that this data is used to respect the privacy of the individuals involved.
You are wondering if having a data protection representative in your organization is mandatory.
What is GDPR ?
The General Data Protection Regulation (GDPR) is a legal framework in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). As the GDPR is a regulation and not a directive, it is directly binding and applicable, but certain aspects of the regulation can be adjusted by the individual member states, when they implement it into national law.
The GDPR’s primary aim is to enhance individuals’ control and rights over their personal data and to simplify the regulatory environment for international business. The regulation contains a number of provisions and requirements related to the processing of personal data of individuals located in EEA. As one of the toughest privacy laws, the GDPR imposes obligations onto organizations anywhere in the world, as long as they target or collect data related to people in the EEA, regardless of the citizenship of these individuals.
This solution will provide your company guidance on how to become and stay compliant with the GDPR.
Smart Global Governance is the operational software solution that automates key processes in Ethics, Compliance and Controls. It can be used for implementation and compliance management with all local and international regulations as well as internal controls and procedures.