Get in touch
Guaranteed delivery service for traders with VAT number
The General Data Protection Regulation (GDPR) is a European regulation that governs how companies and other organizations process personal data. It is the most significant data protection measure in the last 20 years and has major implications for any organization in the world that caters to EU citizens.
The legislation aims to give every individual control over the use of their data, protecting "the fundamental rights and freedoms of natural persons": with this in mind, it establishes precise and strict requirements for data processing, transparency, documentation to be produced and retained, and user consent.
Every organization must document and monitor personal data processing activities.
As a data controller, each organization must record and monitor personal data processing activities. This includes personal data processed not only within the organization but also by third parties - so-called data controllers.
Data controllers can range from Software-as-a-Service providers to third-party embedded services that track and profile visitors to the organization's website
Both data controllers and processors must be able to account for the types of data being processed, the purpose of processing, as well as the countries and third parties to which the data is transmitted
If personal data is sent to organizations or jurisdictions that are outside the scope of the GDPR or are not considered "adequate" by the GDPR itself, you must be specifically informed about this and the risks involved
All consent must be recorded as evidence that consent has been given.