AEGIS - GDPR: Analyze, Limitation, Documentation, Accountability.

Start In Use:

The new EU General Data Protection Regulation (GDPR - 2016/679) is the largest change in data protection legislation in the last 20 years and is directly applicable to all Member States from 25/05/2018 without the need for state legislation.

AegisField Of Application:

Regulation 2016/679 applies to all bodies (private and public enterprises, state authorities, associations, etc.) that manage, process, store and distribute personal data, whether they are based and operating in a European Union country or not, as long as the data relates to European citizens or relates to any kind of services and goods to European citizens.

GDPRControls and Penalties:

The Authority for the Protection of Personal Data is granted the right to control compliance with the Regulation. In case of violation, fines of 10,000,000 euros or 2% of the total annual annual turnover of the previous financial year (depending on which is higher) are provided for violations of the obligations of Art. 8, 11, 25 to 39, 41 par. , 42 and 43 and fines of 20,000,000 euros or 4% of the total global turnover of the previous financial year (depending on which is higher) for violations of basic principles (no. 5,6,6,7,9), Subject rights (art. 12 to 22) and the conditions for transfer to a recipient in a third country (art. 44 to 49). Finally, the right to compensation of the subject and the responsibility of the controller are defined.

  • INCREASED RIGHTS OF THE SUBMITTED DATA
  • INSPIRATION OF CHILDREN'S PROTECTION
  • KNOWLEDGE OF PRODUCTION OF DATA OF PERSONAL CHARACTER
  • DATA PROTECTION BY DESIGN AND BY DEFAULT
  • RESPONSIBILITY OF THE CONDITIONS OF THE COMPLETION PROCEDURE OF THE SUBMITTED DATA
  • REPLACEMENT OF ANTIQUE RELATED TO THE PROTECTION OF THE DATA
  • ARCHIVES OF ACTIVITY ACTIVITIES

Observance of the Principles Governing the Regulation

The new regulation strengthens the established framework for the protection of personal data, establishing new obligations for the person in charge of personal data processing with 3 main axes: compliance with predetermined basic principles for processing personal data, taking appropriate technical and organizational measures and strengthening rights. of the subjects as they are presented in detail below:

Lawfulness, Fairness & Transparency

The data is processed in a legal, legitimate and transparent manner.

Data Minimisation

The data is appropriate, relevant and limited to the purposes for which it is being processed.

Storage Limitation

The data is kept in a form that allows the data subjects to be identified only for the period required for the purposes of processing personal data.

Purpose Limitation

Data collection is for specific, explicit and legal purposes and is not further processed in a manner incompatible with those purposes.

Accurasy

The data must be accurate, up-to-date and all reasonable measures must be taken to immediately delete or correct personal data which is inaccurate in relation to the purposes of the processing.

Integrity & Confidentiality

The data is processed in a way that guarantees the appropriate security of personal data.

The controller is responsible for proving compliance with the above principles.