Logo Advokátní kancelář roku 2023

How to cope with GDPR?

GDPR – General Data Protection Regulation is the new EU data protection regulation. It came into force on 25 May 2018, yet not everyone is ready for it.

ruce házející dokumenty do popelnice
4 minutes of reading

The regulation has brought a number of new features, such as a greater emphasis on the security of personal data, the right to portability of automatically held data and the right to be “forgotten” (i.e. not to appear in search results, etc.).The GDPR applies to all companies and institutions, but also to individuals and online services that process user data.

In particular, businesses need to urgently adapt their terms and conditions and other legal documents in order to properly use personal data in their databases. They must also better secure these and take note of new and higher sanctions.

The regulation is a response to the ever-growing jungle of personal data in the online world. The legislators’ intention was to give European citizens more control over what happens to their data. That’s why, in addition to the GDPR, the European Union is preparing an ePrivacy Regulation. This is intended to be a complement to the GDPR. The general GDPR only protects personal data. In comparison, the forthcoming ePrivacy Regulation guarantees the confidentiality of all electronic information, regardless of whether it contains personal data. However, it is currently being heavily criticised.

As mentioned above, the GDPR introduces a number of new rules (data portability, regulation of profiling, etc.) while developing existing ones. Compliance with all the rules will have to be demonstrated by each controller and processor of personal data at all times during processing. It is therefore necessary to adapt existing documents and, as the saying goes, “set up processes” for the future.

The GDPR applies globally to everyone who processes personal data, everyone who moves within the EU. With it, the authors promise a clear and uniform framework for the protection of personal data.

They aim to establish the trust that will allow the digital economy to develop across the EU internal market, primarily through a uniform level of protection and the elimination of national differences. It is therefore also an opportunity and the Regulation offers the possibility to ‘play’ with the client database and manage it better and more securely. On the other hand, it also brings an extension of existing obligations, confusion and a lot of red tape. Only the future will therefore show what impacts will prevail. It must be stressed that the basic principles and principles of data protection remain essentially unchanged (the need to have a legal basis for processing, security of personal data, transparency towards the data subject, etc.).

GDPR audit for businesses

Our GDPR audit for entrepreneurs will reliably prepare you for everything that the Data Protection Regulation brings. We guarantee that you will be able to find the right solution according to the current legislation. We’ll get everything done quickly and so that you don’t have to worry about a thing. You can pay only after the service has been provided.

New obligations

However, the General Regulation develops these principles and introduces new obligations:

  • the obligation to keep more detailed records and to better protect the database
  • to carry out a ‘qualified data protection impact assessment’ (DPIA) or to seek prior consultation from the authority when ‘qualified data collection’ takes place
  • reporting data breaches to the Authority – in effect, a kind of self-policing
  • appointment of a Data Protection Officer

However, most small businesses do not have to worry about the obligation to appoint a data protection officer. A data protection officer must be appointed in three cases, i.e. if:

    1. processing is carried out by a public authority or public body (except courts),
    2. the main activities of the controller or processor consist of processing operations which require extensive regular and systematic monitoring of citizens,
    3. the main activities of the controller or processor consist of large-scale processing of special categories of data or personal data relating to criminal convictions and offences.

Examples of large-scale processing of personal data under the GDPR include the processing of patient data in the course of the normal activities of a hospital, the processing of travel data of individuals using public transport (e.g. tracking via chip card) or the processing of personal data by a search engine for the purposes of behavioural advertising.

Another interesting novelty is the so-called portability. This is actually an extension of the right of access to data. It can be exercised subject to two conditions which must occur simultaneously: i.e. A. the processing is based on the person’s consent or on a contract and B. it is carried out by automated means. The right to data portability is then reflected in the obligation of the controller to transmit to the data bearer all information processed about him in a structured, commonly used, machine-readable format. By exercising this right, a person gains greater control over his or her personal data and also has the possibility to transmit it in the form thus obtained to another controller.

The last innovation we will mention is the so-called profiling. This is, in very loose terms, automated processing of data which has direct consequences for a specific person – an automatic evaluation of that person. For example, online banking often offers pre-approved loans of a certain value. Profiling is not prohibited, it just needs to be explicitly disclosed.

Are you solving a similar problem?

Dostupný advokát team of online lawyers will solve it for you.

GDPR audit for businesses

Our GDPR audit for entrepreneurs will reliably prepare you for everything that the Data Protection Regulation brings. We guarantee that you will be able to find the right solution according to the current legislation. We’ll get everything done quickly and so that you don’t have to worry about a thing. You can pay only after the service has been provided.

Preset Prices
All services pre-priced for no surprises.
We Do Everything Online
Save time, money and the hassle of travel.
We Work Fast
90 % of issues get solved by the following day.
Experienced Team
We have specialists for every field of law.

Has this content helped you? Give it a rating

No rating yet. Be first to rate and help others.

Author of the article

JUDr. Ondřej Preuss, Ph.D.

Ondřej is the attorney who came up with the idea of providing legal services online. He's been earning his living through legal services for more than 10 years. He especially likes to help clients who may have given up hope in solving their legal issues at work, for example with real estate transfers or copyright licenses.

Education
  • Law, Ph.D, Pf UK in Prague
  • Law, L’université Nancy-II, Nancy
  • Law, Master’s degree (Mgr.), Pf UK in Prague
  • International Territorial Studies (Bc.), FSV UK in Prague

Reviews of the Dostupný advokát service

Recenze služby

Lukáš Řezníček, Prague 6 – Bubeneč

before 3 years

I am giving both the website and service provided my very highest rating. Dostupný advokát found a hidden risk in my contract for the transfer of an apartment, which would have cost me tons of money.

Recenze služby

Jan Sekanina, Prague

before 3 years

My grandparents wanted to give me an apartment, but I was extremely busy at the time and couldn’t afford to put any time into finding out what I needed to do. I also had no idea how to get the transfer of ownership handled at the Land Registry. Dostupný advokát arranged everything for me, and (zobrazit více) the apartment transfer was legally arranged with no issues. Thank you and thumbs up!

Recenze služby

Jan Vrátný, Veselí nad Lužnicí

before 3 years

I work as a self-employed craftsman and I know my field very well. Unexpected events happen, however, and I sometimes have to deal with problems where I need quality legal advice. I don’t like calling legal offices, getting sucked into discussions with terms I don’t understand. Dostupnyadvokat.cz is different. My first time, they replied immediately (zobrazit více) and together we created a contract custom tailored to my exact needs. I continue to be very happy with both their work and their price.

View All Testimonials

You could also be interested in

About us in public media
Logo Česká advokátní komora Logo Advokátní kancelář roku 2023
Follow the news
Facebook Dostupný advokát Twitter / X Dostupný advokát