The citizen as the owner of his own data
From the citizen's perspective, the new regulations allow us to regain real ownership of our data. From now on, personal databases will not be the property of a specific company but of the owners of that data.
This implies that the company will use them in accordance with the criteria of legitimacy established by the Regulation, mainly; based on the express consent given by the owner of that data or his guardian, therefore the company will be considered responsible for the correct custody and protection of the data, but never the owner of it.
The entire chain will be responsible
On the other hand, from the perspective of the company, professiona india whatsapp shopping data l or public institution, as we have already pointed out, from now on the controller can no longer be considered to be the owner of the personal data they handle, but rather the controller of its processing.
This means that they must adopt a proactive and responsible attitude, while also getting involved in compliance with the law by adopting and adapting the new culture of personal data protection.
In fact, not only must the company protect the data, but it must also ensure that third parties involved who, for various reasons, have access to the data it holds, also comply with the regulations and carry out responsible actions in the processing of the data.
More obligations for companies
New records and responsibilities
The obligation to register files with the AEPD has been abolished , but the Registry of Processing Activities has been created as a legal requirement for companies with more than 250 employees or that process sensitive data or data that may generate significant risks for the interested parties.
They are also born out of common sense:
the Registry of Data Processors,
the Customer Registry when acting as data processor,
- Board index
- All times are UTC
- Delete cookies
- Contact us