A while ago, the General Data Protection Regulation (GDPR) began to govern and you see, read, listen and talk a lot about this, but do you know what it means?
The Regulation covers a legal space on the use and collection of personal data, in other words, it protects the right to privacy and privacy of European citizens. This is not to say that there are no current laws to support it, but because technology always goes later and still contemplates scenarios in which there are no “common” laws that govern them. It began to rule on May 25, 2018.
This Regulation replaces the Organic Law on the Protection of Personal Data (LOPD, in Spain) and applies to any organization that is in the European Union or for those that use data of European citizens.
What's new in the GDPR?
It gives a new definition to personal data, since it is considered that any information, even indirect that allows to identify a user is also considered a personal data, for example an IP, a user code or a temporary physical location.
The consent of the user who enters a website must be explicit and have a clear legal basis. Without consent, there is no such thing.
What new things does the Regulation have?
What are the implications for companies?
The GDPR will cause companies to comply with an operational methodology and be audited periodically, and will also perform an analysis of:
The main question is whether this limits companies from acquiring user data. The answer is: not necessarily.
While we will need to increase previous communication with users and the permissions they give us, we can continue to gain insights from the data that users leave us.
What is the new scenario for users?
This is simply a step forward towards the transition of a digital society into a framework of security and trust, and data analytics reverts to better services to consumers.
For their part, users always have the decision-making power, so they can proactively control what information they will give way. This is how they can proactively exercise their rights.
What's going on in Costa Rica?
If you carry out cross-border activities with european Union countries and also have information from citizens of this community in its databases, it is important that you know these statutes and abide by them.