General Data Protection
The GDPR 2016/679/EU (General Data Protection Regulation) was adopted on April 14, 2016. In order to process personal data, data controllers and processors must comply with this regulation. The GDPR harmonizes the protection of fundamental rights and freedoms of natural persons with regards to the processing of their data and to ensure the free flow of personal data between Member States.
The GDPR’s material scope covers the processing of all personal data, which relates to an identified or identifiable person. The territorial scope covers all processing, which was done in the context of the activities of an EU established controller or processor, irrespective of whether the processing itself was done in the Union. When the controller or the processor are located outside of the EU but offers goods or services to, or monitors the behavior of data subject in the Union, the GDPR is applicable.
In order to be able to lawfully process personal data, the controller or processor have to do the following:
- Keep a record of processing activities;
- Comply with the requirements of the regulation, and have written proof thereof;
- Process personal data only under one of the lawful bases under Article 6 of the GDPR;
- Comply with all the requirements set by the GDPR;
- Appoint a Representative if it does not have presence in the EU, but offers goods or services to, or monitors the behavior of data subjects located in the Union.
Our services are backed by over 25 years of experience giving regulatory, consulting, and European Authorized Representative services. We are located within a walking distance of the European Commission, maintaining close relations with the EU Administration.
- General Data Protection Regulation
- General Data Protection Compliance Process
- General Data Protection Services
- EU Consultancy, Legal & Training
Interested in our GDPR services? Contact us and one of our experts will immediately be in touch with you!Get in touch