Like most of us, your mailbox is probably swamped with a bunch of companies reaching out to you to let you know about their latest policy changes in regards to the new European Union General Data Protection Regulation — or GDPR.
The GDPR is a new set of regulations designed to give power back to individuals over how their personal data is processed and used. You may have already heard of it under the phrase “the right to be forgotten.” The GDPR comes into full effect on May 25th, 2018.
When we talk about personal data, what we mean is data that can be used to identify you personally as an individual.
This data includes things that you might share with a company, like your name, address, email, or location data.
The GDPR comes with a list of new rights for individuals.As with most regulations, they are full of legal jargon and many, many details. For the sake of simplicity, we’ve summarised them here so you can get up to speed without getting a law degree first:
The right to be informed
One of the key requirements of the GDPR aims to increase transparency. You have the right to be informed about the collection and use of your personal data.
The right of access
The right of access gives you the right to obtain a copy of your personal data. It is supposed to help you understand how and why a business is using your data.
The right to rectification
You have the right to have inaccurate personal data rectified, as well as incomplete personal data completed.
The right to erasure
The right to erasure, also known as “the right to be forgotten,” gives you the right to have personal data erased. This right is not absolute, however, and only applies in certain situations.
The right to restrict processing
You can limit the way that an organisation uses your data, which can be used as an alternative to requesting the erasure of their data.
The right to data portability
You have the right to request your personal data in structured, commonly used and machine-readable format. This also allows you to reuse your data across different services.
The right to object
You have the right to object the processing of your personal data under certain circumstances.
While this might seem like a lot to take in for now, it’s actually not. Zuper has offered you most of these things right from the beginning, so they shouldn’t be new to you. We just want to make sure you know about your options.
We will also appoint a Data Protection Officer (DPO), who will have many responsibilities, such as:
Put in simpler terms; the DPO will ensure not only the safety of your data but also of your previously mentioned rights.
To be honest, not many things will change for us. The team at Zuper has always embraced a privacy-first attitude with everything we are doing and we promise to continue doing so.
We keep your data safe and private using TÜV certified security measures and provide you with everything you need to take full control over the data you share with us.
Just to be clear, none of these changes require any action from your side.
If you do have any questions, feel free to reach out to us at firstname.lastname@example.org.