Clued up on GDPR?

05 Apr 2018

Written by Alice Smithson

With the new General Data Protection Regulation hot on the press, here at iSalon, we understand the importance of the new law, and are taking every vital step to ensure you, your business and your clients are compliant in time for the deadline on May 25th 2018.

Following on from last weeks part 1 of the GDPR changes, here we look more indepth about the rights surrounding data and the terminology you should be aware off.

  1. Breach notification

Under GDPR, a breach notification will become mandatory in all member states where a data break is likely to result in a risk for the rights and freedoms of the individual. The breach notification must be submitted and completed within 72 hours of first becoming apparent. You will then be advised to notify your clients in question.

  1. Right to Access

Part of the expanded rights of data subjects outlined by GDPR is the right for data subjects to obtain from the data controller confirmation as to whether or not data concerning them is being processed. You must then provide a copy of the data, free of charge, in an electronic format.

  1. Right to be Forgotten

Also known as data erasure, the right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of data and potentially have third parties halt the processing of data.

  1. Data Portability

The right for a data subject to receive the personal data concerning them, which they have previously provided in a ‘commonly use and machine readable format’ and have the right to transmit that data to another controller

  1. Privacy by Design

This has existed for years but has only jut become a part of legal requirement. As it’s core, privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather an addition.