The General Data Protection Regulation (RGPD) is the result of 4 years of work by the U.E. to unify and solidify the protection of data for all citizens in the European Union, which is a right established by the Charter of Fundamental Rights of the European Union.
RGPD thus ensures greater control over how your data is used, while giving us a simple legal framework where we can operate safely as a company. Basically, this is an important and positive change for both parties.
The new regulation comes into effect as early as May 25, 2018 and we would like to inform you that the Creative Industry is committed to complying with all provisions in order to comply with the RGPD.
RGPD: What will change?
The RGPD regulates all processing of personal data in the European Union (collection, storage and transfer), and the concept of “personal data” is now much more comprehensive and covers all personal information that can identify a person or make it identifiable information.
It is the data holder who has to give his express and positive consent for the transfer of data, as well as to be informed a priori of the lawfulness of his treatment by the company.
Increased security measures
Now companies are required to maximize their technological security to prevent data breach and redesign their operations in order to limit the possibility of individual use of the personal data held in their possession.
Communication of safety breaches
The RGPD requires that companies report violations of personal data to the responsible authorities and in certain circumstances communicate them directly to the affected owners.
New requirements for profiles and monitoring
The RGPD imposes additional obligations for services that imply profiling and behavioral monitoring of individuals in the EU.
Increased application capacity
The RGPD is a central point of application and standardization for organizations operating in the EU or processing data from individuals in the EU states by requiring organizations to work with supervisory authorities when transferring data between countries. The Portuguese entity responsible for the implementation of the RGPD is the National Commission for Data Protection.
How we implemented the RGPD in the Creative Industry
We always strive to ensure the highest possible security of our users’ data. We are committed to the protection of the personal data entrusted to us. For this reason, we frequently re-evaluate our services, processes and information systems in order to ensure the highest possible degree of compliance with applicable law: EU Regulation 2016/679, General Regulation on Data Protection (RGPD).
Whenever we find it appropriate, we will introduce new features so that we can give our users more control over their data.
What have we done to comply with the RGPD?
- Thorough analysis of all areas of our company and services that are affected by the RGPD.
- Elaboration of a strategy for implementing RGPD directives regarding data security in terms of architecture and information system security for each phase of the services we provide.
- Elaboration of a strategy for the implementation of the legal aspects of the RGPD in our internal and external legal procedures.
- Collect our declarations of compliance with the RGPD from our partners.
- Alter and revise the configurations of the functionalities of our site in order to include the consents and clauses required for the use of our services.
- Preparation of the RGPD compliance dossier.
- Post the necessary information on our site in order to inform our users about their rights and how they can exercise them.
- Implementation of changes to internal processes and procedures.
- Updating of all Creative Industry documentation as required by the RGPD.
- Appoint a Data Protection Officer.
- Test all changes to see if they are in fact compliant with the RGPD.
- Communicate RGPD compliance.
If you have any doubts, please send us an email to firstname.lastname@example.org