General Data Protection Regulation
Privacy is very important in the efforts to handle data responsibly. The General Data Protection Regulation (GDPR) is designed to balance the need for businesses’ and customers’ data information to flow freely, and the need to protect the rights of the individual.
As a professional organization, we are aware of the legal requirements of the GDPR to ensure we are compliant in protecting the rights of data subjects, personal data and in handling data in the digital economy appropriately.
Regulation (EU) 2016/6791, the European Union’s (‘EU’) new General Data Protection Regulation (‘GDPR’), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU.
It doesn’t apply to the processing of personal data of deceased persons or of legal entities.
The rules don’t apply to data processed by an individual for purely personal reasons or for activities carried out in one’s home, provided there is no connection to a professional or commercial activity. When an individual uses personal data outside the personal sphere, for socio-cultural or financial activities, for example, then the data protection law has to be respected.
• Articles 1 and 2 and Recitals (1), (2), (14), (18) and(27) of the GDPR Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).