Data protection is an issue that becomes more important as the technology evolves and the internet gets to be the main instrument for collecting and processing personal data from people around the world. The situation becomes more complicated when we think about the fact that data gets abroad very fast and is very hard to control the way they are handled, used and transferred.

Luckily, the law has evolved along with the technology and people have now stronger means to obtain protection and to claim compliance from the controllers. Also, people can obtain public accreditation and compensations when their rights are infringed.

That is why the controllers must be compliant with the law, especially starting from 25th of May 2018, when the new Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation – GDPR) came in force. It brings new regulations and stricter rules in the area.

A legal person, public authority, agency or other body is processing personal data if he operates on them by one or more of these ways: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

A legal person, public authority, agency or other body  is a controller if he gets to determine the purposes and means of the processing of personal data.

On this page we explain the basic rules stated by the law. Every controller must know that their specific activity implies different kinds of processing, requiring specific measures and assistance.

We are here to help you, so don’t hesitate to contact us.