How to cope with GDPR?

JUDr. Ondřej Preuss, Ph.D.
12. 7. 2018
4 minutes of reading
4 minutes of reading
Tradesmen and companies

GDPR – General Data Protection Regulation is the new EU data protection regulation. It came into force on 25 May 2018, yet not everyone is ready for it.

ruce házející dokumenty do popelnice

The regulation has brought a number of new features, such as a greater emphasis on the security of personal data, the right to portability of automatically held data and the right to be “forgotten” (i.e. not to appear in search results, etc.).The GDPR applies to all companies and institutions, but also to individuals and online services that process user data.

In particular, businesses need to urgently adapt their terms and conditions and other legal documents in order to properly use personal data in their databases. They must also better secure these and take note of new and higher sanctions.

The regulation is a response to the ever-growing jungle of personal data in the online world. The legislators’ intention was to give European citizens more control over what happens to their data. That’s why, in addition to the GDPR, the European Union is preparing an ePrivacy Regulation. This is intended to be a complement to the GDPR. The general GDPR only protects personal data. In comparison, the forthcoming ePrivacy Regulation guarantees the confidentiality of all electronic information, regardless of whether it contains personal data. However, it is currently being heavily criticised.

As mentioned above, the GDPR introduces a number of new rules (data portability, regulation of profiling, etc.) while developing existing ones. Compliance with all the rules will have to be demonstrated by each controller and processor of personal data at all times during processing. It is therefore necessary to adapt existing documents and, as the saying goes, “set up processes” for the future.

The GDPR applies globally to everyone who processes personal data, everyone who moves within the EU. With it, the authors promise a clear and uniform framework for the protection of personal data.

They aim to establish the trust that will allow the digital economy to develop across the EU internal market, primarily through a uniform level of protection and the elimination of national differences. It is therefore also an opportunity and the Regulation offers the possibility to ‘play’ with the client database and manage it better and more securely. On the other hand, it also brings an extension of existing obligations, confusion and a lot of red tape. Only the future will therefore show what impacts will prevail. It must be stressed that the basic principles and principles of data protection remain essentially unchanged (the need to have a legal basis for processing, security of personal data, transparency towards the data subject, etc.).

GDPR audit for businesses

Our GDPR audit for entrepreneurs will reliably prepare you for everything that the Data Protection Regulation brings. We guarantee that you will be able to find the right solution according to the current legislation. We’ll get everything done quickly and so that you don’t have to worry about a thing. You can pay only after the service has been provided.

New obligations

However, the General Regulation develops these principles and introduces new obligations:

  • the obligation to keep more detailed records and to better protect the database
  • to carry out a ‘qualified data protection impact assessment’ (DPIA) or to seek prior consultation from the authority when ‘qualified data collection’ takes place
  • reporting data breaches to the Authority – in effect, a kind of self-policing
  • appointment of a Data Protection Officer

However, most small businesses do not have to worry about the obligation to appoint a data protection officer. A data protection officer must be appointed in three cases, i.e. if:

    1. processing is carried out by a public authority or public body (except courts),
    2. the main activities of the controller or processor consist of processing operations which require extensive regular and systematic monitoring of citizens,
    3. the main activities of the controller or processor consist of large-scale processing of special categories of data or personal data relating to criminal convictions and offences.

Examples of large-scale processing of personal data under the GDPR include the processing of patient data in the course of the normal activities of a hospital, the processing of travel data of individuals using public transport (e.g. tracking via chip card) or the processing of personal data by a search engine for the purposes of behavioural advertising.

Another interesting novelty is the so-called portability. This is actually an extension of the right of access to data. It can be exercised subject to two conditions which must occur simultaneously: i.e. A. the processing is based on the person’s consent or on a contract and B. it is carried out by automated means. The right to data portability is then reflected in the obligation of the controller to transmit to the data bearer all information processed about him in a structured, commonly used, machine-readable format. By exercising this right, a person gains greater control over his or her personal data and also has the possibility to transmit it in the form thus obtained to another controller.

The last innovation we will mention is the so-called profiling. This is, in very loose terms, automated processing of data which has direct consequences for a specific person – an automatic evaluation of that person. For example, online banking often offers pre-approved loans of a certain value. Profiling is not prohibited, it just needs to be explicitly disclosed.

Are you solving a similar problem?

Dostupný advokát team of online lawyers will solve it for you.

GDPR audit for businesses

Our GDPR audit for entrepreneurs will reliably prepare you for everything that the Data Protection Regulation brings. We guarantee that you will be able to find the right solution according to the current legislation. We’ll get everything done quickly and so that you don’t have to worry about a thing. You can pay only after the service has been provided.

Preset Prices
When you order, you know what you will get and how much it will cost.
Online and in person
We handle everything online or in person at one of our 4 offices.
We Work Fast
We handle 8 out of 10 requests within 2 working days.
Experienced Team
We have specialists for every field of law.

Has this content helped you? Give it a rating

No rating yet. Be first to rate and help others.

Author of the article

JUDr. Ondřej Preuss, Ph.D.

Ondřej is the attorney who came up with the idea of providing legal services online. He's been earning his living through legal services for more than 10 years. He especially likes to help clients who may have given up hope in solving their legal issues at work, for example with real estate transfers or copyright licenses.

Education
  • Law, Ph.D, Pf UK in Prague
  • Law, L’université Nancy-II, Nancy
  • Law, Master’s degree (Mgr.), Pf UK in Prague
  • International Territorial Studies (Bc.), FSV UK in Prague

Reviews of the Dostupný advokát service

Recenze služby
Waste Management Worker

Ing. Jana Žáčková, Prague

My boyfriend and I had the lease contract for our first apartment checked by Dostupný advokát and were glad to learn about our rights, and all the steps we needed to take.

Recenze služby
LinkedIn

Lukáš Řezníček, Prague 6 – Bubeneč

I am giving both the website and service provided my very highest rating. Dostupný advokát found a hidden risk in my contract for the transfer of an apartment, which would have cost me tons of money.

Recenze služby
graphic designer

MgA. Anna Leschingerová, Cvikov

I had no idea that there was an online service that could arrange all your legal paperwork for you. I’m so glad I found your service! Using Dostupny Advokat gives me the time to enjoy with my family and loved ones, instead of hassling with legal issues I don’t fully grasp.

View All Testimonials

You could also be interested in

We can also solve your legal problem

In person and online. Just choose the appropriate service or opt for an independent consultation when you are unsure.

Google reviews
4.9
Facebook reviews
5.0
5 200+ people follow our Facebook
140+ people follow our X account (Twitter)
140+ people follow our LinkedIn
 
We can discuss your problem online and in person

You can find us in 4 regional towns

Quick contacts

+420 775 420 436
(Mo–Fri: 8–18)
We regularly comment on events and news for the media