The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union (EU) that governs how organizations collect, use, and protect personal data of individuals within the EU. Its main goal is to enhance individuals' control over their personal information and to unify data protection laws across EU member states.
Key Principles of GDPR:
- Lawfulness, Fairness, and Transparency: Personal data must be processed lawfully, fairly, and in a transparent manner.
- Purpose Limitation: Data should be collected for specified, explicit purposes and not processed beyond those purposes.
- Data Minimization: Only data necessary for the intended purpose should be collected.
- Accuracy: Personal data must be kept accurate and up to date.
- Storage Limitation: Data should not be retained longer than necessary.
- Integrity and Confidentiality: Personal data must be processed securely to prevent unauthorized access or breaches.
- Accountability: Organizations must demonstrate compliance with GDPR principles.
Rights of Individuals Under GDPR:
- Right to access their personal data.
- Right to rectify inaccurate data.
- Right to erasure (“right to be forgotten”).
- Right to restrict or object to processing.
- Right to data portability.
- Right to withdraw consent at any time.
GDPR applies to:
- Organizations operating within the EU regardless of where they are based.
- Organizations outside the EU offering goods or services to, or monitoring behavior of, EU data subjects.
How we comply:
We adhere strictly to GDPR requirements by implementing strong security measures, being transparent about data use, obtaining necessary consents, and respecting your data rights.
If you have questions about your data or wish to exercise your rights, please contact our Data Protection Officer.
Comments
0 comments
Please sign in to leave a comment.