Category Archives: GDPR

GDPR

General Data Protection Regulation (GDPR) – Layman’s Introduction

Leave a comment
  • Data of any EU citizen / entity cannot be shared without explicit consent. Terms & Conditions / Privacy checkbox doesn’t suitably give consent as per this law. Explicit consent is required
  • Records of when consent was given, how, what time, when revoked, etc. must be stored
  • Any breach of data or hacking must be informed to the stakeholders within 72 hours
  • It applies to whole of EU
  • Consent can be withdrawn anytime & when they want, and data processor / controller must comply
  • There is an option for right to be forgotten. If someone says to a data processor / controller that “FORGET ME” they must remove all data on them. It applies to all places which store & process / control the relevant data
  • GDPR applies to Production environment of Digital Systems which have data on EU citizens or entities. If Test / Pre-Production environment has unmasked data of EU citizens / entities again this law applies
  • https://www.zdnet.com/article/gdpr-an-executive-guide-to-what-you-need-to-know/