On May 25th, 2018 came into force the new European Data Protection Law, the General Data Protection Regulation or simply RGPD. If you have a simple blog or a small company, maybe you think that this is not of your incumbency. A serious mistake.
It is precisely here where this regulation fully applies, because the raw prime matter of your work is precisely the personal data of its subscribers, clients, potential clients, students, affiliates, shareholders, stakeholders, etc.
Do you think that you can manage personal information of others without knowing the rules that regulate your treatment?
As if this were not enough, one of the most controversial and mediatic points has been precisely the large fines to which those who do not comply with it are exposed.
If you do not know how to manage that information according to the specific rules and regulations established, your entire strategy is shaken and your business is at risk.
Every company, autonomous organization or public entity that processes personal data in the development of its activity, be it workers, clients or suppliers, must comply with the current data protection law, that is, the General Regulation of Data Protection (RGPD) and the Spanish Organic Law on Data Protection and Digital Rights Guarantee (LOPD-GDD). Failure to do so can result in significant penalties that can rise to 20 million euros in some cases.
Now, thanks to this fantastic offer, you can adapt your business or organization easily and quickly; so you can carry out your activity in a 100% secure way.
The self-employed, like any other company or entity which deals with personal data are compelled to comply with the Organic Law on Data Protection.
For example, if you make a purchase in a store or receive a service from a company, the company will have knowledge of your personal information, such as your name, ID, phone, email, etc. In this case, the company must assure you that it will treat those data in a confidential manner and will not use them without your consent.
You, as a self-employed person or SME, must also guarantee this protection to your own clients. This, in addition to being a legal obligation, is another point in his favor as a responsible businessman and increasing the confidence of his clients.
What does this offer of adaptation to the RGPD and LOPD-GDD include?
- Previous analysis of the activity.
- Registration of Treatment (old registration of files in the Spanish Agency for Data Protection).
- Drafting of Security Document.
- Obligations if you use Cloud Computing (Hosting, Dropbox, Mailchimp …).
- Clauses and contracts, including contracts with third parties, and information clauses to be inserted in company documents (invoices, e-mail, data collection with obtaining the consent of the affected party, etc.).
- Confidentiality contracts for employees, as well as definition of duties and obligations.
- Protocol for the exercise of rights by interested parties.
- Compliance with obligations in the case of Video Surveillance.
- Privacy Policy, Legal Notice and Cookies Policy for your website or online store (LSSICE).
- And, in general, everything necessary to comply with the regulations.
THE FIGURE OF THE DATA PROTECTION DELEGATE IT IS NOT INCLUDED, EXCEPT FOR THE CASE OF A SEPARATE CONTRACT.