Who does the GDPR apply to?
The Regulation has the following territorial scope:
- Data processing within the organization’s activities, established in the European Union and the EEA, no matter whether the processing takes place in the Union or not.
- Processing of personal data of data subjects (natural persons) by controller or processor, who has not been established in the European Union, when the activities on data processing are related to the offering of goods and/or services of data subjects, located in the EU; or related to the monitoring of their behaviour within the Union (the so called profiling).
- Data processing by organizations, not established within Europe, but in a place where Member State law applies by virtue of public international law.
What is considered personal data under the GDPR?
If you work with personal data, you are in the game!
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
How does the GDPR affect businesses and all of us?
Each company, working with data, related to EU citizens, will have to comply with the requirements of the GDPR, if it falls into the territorial scope of the Regulation. The Regulation will be applied directly with priority over the norms of domestic legislation. The GDPR applies to all organizations which process and store the personal data of data subjects in the European Union under the above mentioned methods, regardless of the company’s registered seat.
The GDPR imposes severe fines for breaching the data protection requirements and imposes larger obligations onto organizations, by obliging them to be able to prove at any moment that they lawfully and purposefully process and protect the personal data of the EU citizens.
The GDPR course is supported by high quality training materials – presentations, visual materials, sample models, useful legislation extracts, etc. The quality of the GDPR course is on European level – the material is provided by lecturers with many years of experience in the public and private sector, working on European law and information security.
It is of crucial importance to know how the GDPR will affect your company – what measures you should take in order to ensure compliance and avoid fines and penalties. During our seminars we will take you through all that you should know. Those, who have completed our seminar, will have clear theoretical and practical knowledge about what you should do to prepare your business and your personnel for the GDPR.
We can make an audit of your current environment and provide you with an analysis for the compliance of your organization with the new requirements of the GDPR. The duration of the audit depends on your environment, scope and the cooperation you provide.
Through our consulting services you can achieve maximum effect in measuring, estimating, defining the compliance and recommendations, related to the GDPR. The last step also includes review of the newly established by your undertaking controls, processes and templates in compliance with the requirements of the GDPR.
Do you have a specific GDPR question?
You have a specific GDPR question that you do not know how to answer from IT and/or information security and/or legal point of view. Please, specify your question and we will provide you with a specific answer in 24 hours.