The General Data Protection Regulation has been binding since May 25, 2018. Internet platforms should already comply. They should no longer simply offer Internet users to click on a “yes” to validate their conditions of use. Indeed, the GDPR advocates more clarity in the collection and processing of personal data. The explicit consent of the user is now essential, and the latter now benefits from the right to be forgotten. If you do not yet have a site that complies with the requirements of the GDPR, discover the changes that this law brings as well as the procedure to update your platform. This law applies to all European companies . It places several constraints on online platforms. They must have a summary register for data processing. The regulatory body can request this document at any time.
Better, the site only requires this information for a proven need: contract signature, product shipment, etc. No more anarchic recovery of Internet user data! Companies are committed to securing all personal information collected. This requires them to put operational procedures in place to protect this data. This requirement also applies to their service providers, suppliers and subcontractors. According to the GDPR , online companies must take data security into account when developing their platform. With this law, Internet users can refuse the collection of their personal data ( right of opposition ). They have the possibility of asking the site to erase the data whose collection they had authorized ( right to be forgotten ).
Take The Bulls By The Horns!
The GDPR also allows them to limit the use of the information collected ( right to restriction of processing ). Finally, online platforms mustreport to regulators any violation of the personal Taiwan Phone Number List data of Internet users within 72 hours. They also send a notification to the holders concerned. To comply with these requirements, companies make several updates. Before addressing them, understanding the concept of personal data is essential. Under French law, personal data represents any information relating to a natural person. The surname, first names, geographical address, email address are among the personal data of an Internet user. All online businesses collect this information as part of the CRM or for e-mailing campaigns.
From now on, their collection is subject to regulations. Indeed, the GDPR prohibits the storage of personal data without a purpose. The law requires that their processing respond to a concrete need. In addition, the holder must be informed. His consentremains unavoidable. As soon as companies no longer use this data, they must erase it. This assumes that this data is stored in a specific location. Each Internet user must be able to access, modify and delete their data. The compliance of a site with the GDPR occurs in several stages. This step is decisive in the procedure to comply with the requirements of the GDPR. But, it turns out to be quite simple in practice. Updating of legal notices In terms of cookies , the platform must notify the user of their use and purpose.
Clarification Of The Act Of Consent
the services likely to access this data; the different uses of personal information; the procedure for consulting the data processed; the procedure for modifying or unsubscribing from the communication services; the exercise of the right to be forgotten and the guidelines for the deletion of data. Adapt your forms The final step is to make your forms compliant with GDPR requirements . This update is based on Article 6 of the GDPR which states: “Processing is only lawful if the data subject has consented to the processing of his or her personal data for one or more specific purposes. “. This implies compliance with 2 fundamental principles. Clarification of the act of consent You must provide a button so that the Internet user clearly notifies his consent . The action must not suffer from any ambiguity.