GDPR or General Data Protection Regulation is more like fundamental rights of the citizen living in EU that specify how customers data can be used and protected. The primary objective is to give citizens back control of their personal data.
PERSONAL DATA :
Sensitive data — genetic and biometric data;
Basic identity information such as email, address, and ID numbers
Web data such as location, IP address, cookies data, and RFID tags
Health, genetic, and biometric data
Racial or ethnic data
GDPR applies to all the organizations that are registered in EU or have an establishment or subsidiary in EU. It also applies to an organization which sells goods or services to citizens of the EU and process or monitor the personal data of EU residents.
General Data Protection Regulation (GDPR) is effective from the 25th May 2018. Introduced by the EU but applicable globally it affects what, how, why, where, and when personal data is used and processed. Grund is committed to protecting users right to data
OBLIGATIONS AND INITIATIVES
As a data processor,
Identifying personal data – Data maps have been created to
Transparency – A key aspect of GDPR is how the collected data is used. As a data processor,
We have allocated a data privacy team to oversee GDPR activities
WHAT DOES THIS MEAN FOR GRUND.SPACE USERS?
The GRUND.SPACE network is built for our users and without
As an individual user you have the following rights:
The right to be informed -This right provides the data subject with
The right of access- GDPR brings the right for Data Subjects to get information about how, where and for what purpose their personal data is being processed.
The Rights to be notified – Transparency and choice are two cornerstones of the GDPR regulation. At the outset of any request for data, businesses must be as clear as possible on how they will process data, who will process it, and where it could end up.The regulation lays out an extensive outline over communications with data subjects in varying areas such as third party legitimate interests and data subject rights. Individuals should be able to contact the data controller with any queries they may have.
The right to rectification – This right provides the data subject with the ability to ask for modifications to his or her personal data in case the data subject believes that this personal data is not up to date or accurate.
The right to erasure OR Right to be Forgotten- Also known as Data Erasure, the right to be forgotten entitles the Data Subject to have his/her personal data deleted from the logs of Data Controllers. The right to be forgotten also enables them to halt or cease further distribution and use of the data by third parties.
The right to restrict processing – The data subject shall have the right to obtain from the controller restriction of processing his personal data;
The right to data portability – The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
The right to object – The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her, including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
If you have any concerns or queries relating to data privacy, please do not hesitate to contact us at firstname.lastname@example.org.