General Data Protection Regulation (GDPR)
GDPR is a regulation applicable to the European Union (EU) requiring businesses to protect the personal data and privacy of EU citizens for processing of their personal data. While a summary of GDPR is reflected hereunder, details could be reviewed at https://gdpr.eu/tag/gdpr/.
At ProductDossier, we believe that GDPR is relevant to any global organization and not just to those that are based out of the EU.
What are the objectives of GDPR?
- Protection of natural persons about the processing of personal data and rules relating to the free movement of personal data.
- Protection of the fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
What are the principles of GDPR?
Personal data shall be:
- collected lawfully, fairly, and transparently.
- collected for specified, explicit and legitimate purposes.
- adequate, relevant, and limited.
- stored for no longer than is necessary.
- processed in a manner that ensures integrity and confidentiality.
What has ProductDossier done about GDPR?
- Defined a clear policy on data privacy and protection in line with GDPR.
- Created a distinct role for Data Protection Officer supported by other relevant roles.
- Championed the cause for data protection through employee orientation sessions.
- Relevant processes and controls have been instituted in line with GDPR.
- Regular assessments (internal and external) are conducted to review GDPR compliance.