Keeping Your Data Secure since 1995
But some of the greatest changes since the beginning have just been made…
New rights for people to access information that companies hold about them, obligations for better data management for businesses, and new fines.
You can find the full 2018 GDPR in the Official Journal of the European Union.
Are U.S. Businesses Affected?
In some cases, personal data can be processed without the data subject’s permission. According to Article 6, there has to be at least one legal basis to process data without consent. The lawful purposes are:
- (a) If the data subject has given consent to the processing of his or her personal data;
- (b) To fulfill contractual obligations with a data subject, or for tasks at the request of a data subject who is in the process of entering into a contract;
- (c) To comply with a data controller’s legal obligations;
- (d) To protect the vital interests of a data subject or another individual;
- (e) To perform a task in the public interest or in official authority;
- (f) For the legitimate interests of a data controller or a third party, unless these interests are overridden by interests of the data subject or her or his rights according to the Charter of Fundamental Rights (especially in the case of children).