To understand the operation of consent in the RGPD it is necessary that we know its meaning and purpose. The General Data Protection Regulation or RGPD is a European regulation for the protection of citizens' data. This rule, in force since May 25, 2018, requires companies to report the data that is being used and how it is being treated.
Natural persons have to give consent so that large and small companies can use our information. The main purpose for which the standard was carried out was to unify and regulate the treatment of this data so that it does not circulate without control over the network. This regulation is the same for all the countries of the European Union.
If you need to adapt your company to the RGPD or want to know more about consent in the RGPD, you can find more information in our RGPD advice and adaptation service.
The adaptation of companies to the RGPD
It is mandatory that all companies comply with this regulation, otherwise legal problems could arise. The information that we must take into account is that relating to identifying data such as name, telephone number, marital status, bank details, penalties, subsidies or even an IP address, since it is an identifying data at the geolocation level.
What the BOE indicates about the RGPD
The BOE tells us that the data collected from customers must be treated transparently, for explicit, adequate and limited purposes. In addition, we will not keep them stored longer than necessary.
We will save this data with the consent of the interested party and in order to comply with legal obligations with the objective of executing a contract or dealing with data of public interest.
Security measures to avoid a bad treatment of the data
If in our business or company we work with personal data, it is essential that we implement mechanisms to prevent access to them without consent. For this we will evaluate different security measures so that this does not happen under any circumstances. In addition, our employees will sign a confidentiality agreement to prevent that personal information from reaching the hands of unauthorized persons.
What is the record of treatment activities
The registration of treatment activities is a measure that obliges all companies that store personal data to register such activities under their responsibility. In this record it is necessary that we include questions such as the types of data we collect, the purpose of the treatment or where this data is stored.
Those responsible and in charge of personal data processing must prepare an updated list since the AEPD may request it in an inspection.
What is the purpose of the registration of treatment activities
The purpose of recording this type of activity is based on a principle of proactive responsibility.
The data protection authority of each country may carry out periodic inspections in our company to ensure compliance by imposing financial penalties that will depend on the degree of infringement. The economic amount can reach 20 million euros in the most serious cases.
Citizens' right to rectification of the RGPD
Citizens have the right to rectify their data free of charge if they consider it to be incorrect or inaccurate. They also have the right to object at any time to the processing of their personal data and can demand that it be deleted.
Updating the RGPD is an essential task
As we have seen, the operation of the consent of the RGPD together with an update campaign of the activity register is essential for the proper functioning of the privacy of our clients.
In our company we can help you to carry out this task that may seem a bit complicated to execute. Contact us without obligation to inform you.
0 Comments