SlideShare una empresa de Scribd logo

How to get ready for GDPR compliance

Descargar como PPT, PDF
Cleeng
Cleeng

Learn more about the new GDPR regulation and how can you adapt to it by following our practical guide.

Derecho
1 de 13
www.cleeng.com GDPR and Cleeng Get ready for compliance!
2 What is GDPR? The General Data Protection Regulation requires businesses to protect the personal data and the privacy of EU citizens for transactions carried out within EU member states.
What lead to GDPR?
4 Who is affected? Any company that: • Has a presence in an EU country. • Don’t have a presence in the EU, but process the personal data of European residents. • Has more than 250 employees. • Has fewer than 250 employees but your data-processing impacts the rights of data subjects or includes certain kinds of sensitive personal data.
What does the numbers say? • 92% of U.S. companies consider GDPR a number one data protection priority (PwC survey); • 50% of the companies affected by GDPR will not be in full compliance by the end of 2018 (Gartner); • Enforces fines of up to €20 million or 2-4% of global turnover, whichever is greater.
Individuals rights and roles definition The most important feature of the GDPR is that it clearly defines what individual’s rights are: Individual rights to Access their own personal data Rectify inaccurate personal data Challenge automated decision making Object to direct marketing “To be forgotten” Data portability
What changed? Where are the regulations tighter? Major changes Explanation Increased Territorial Scope GPDR makes it very clear - it will apply to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not. Consent The conditions for consent are strengthened. Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear language, for every data capture. Breach Notification The data controller must report data breaches to the data protection authorities without undue delay and in any event within 72 hours of the time of becoming aware of a data breach. Right to Access The controller has to provide a copy of the personal data, free of charge, in an electronic format. Right to be Forgotten The right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. (no longer relevant to original purposes for processing, or data while withdrawing consent) Data Portability The right for a data subject to receive the personal data concerning them, which they have previously provided in a 'commonly use and machine readable format' and have the right to transmit that data to another controller. Privacy by Design Inclusion of data protection from the onset of the designing of systems, rather than an addition.
Best practices from our industry Adoption of pseudonymization This type of partial encryption technique means that personal data can no longer be attributed to a specific data subject without the use of additional information, and that information is kept separately and can be thought of as an encryption key. It enhances security, and allows much freer use of data under the workings of the GDPR. Revision of consent points Use compliance from tech partners Under the GDPR, consent given by the customer is valid only if customers give it freely, based on clear and specific information for each processing operation needed. Under the old rulings such operations could be bundled together; that is no longer the case. Ex. AWS has its DPA that will meet the requirements of the GDPR which is available to all AWS customers. Need to contact our AWS account manager.
Who needs a dedicated Data Protection Officer (DPO)? The GDPR Section 4, states that Data Protection Officers are to be appointed if: (a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; (b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, scope and/or purposes, require regular and systematic monitoring of data subjects on a large scale; or (c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 of the GDPR and personal data relating to criminal convictions and offences referred to in Article 10 of the GDPR. Importantly, the DPO: • Must be appointed on the basis of professional qualities and, in particular, expert knowledge on data protection law and practices; • May be a staff member or an external service provider; • Contact details must be provided to the relevant DPA; • Must be provided with appropriate resources to carry out their tasks and maintain their expert knowledge; • Must report directly to the highest level of management; • Must not carry out any other tasks that could results in a conflict of interest.​ The good news is Cleeng can handle most of the sensitive user data management, and with our strong European base and background, many of this functions can be off-loaded to us.Want to know more? Contact us
GDPR checklist – 12 steps
Current status at Cleeng Major changes Status 1 GDPR awareness Every key position at Cleeng is well informed, and has specific role in meeting the GDPR compliance. 2 Held information Cleeng encrypts its end-user data to keep it safe from potential intrusion. It also complies with Amazon Web Services, and meets the SAE16 SOC1 certification. 3 Communicating privacy information Cleeng communicates its Privacy Policy on its official website. 4 Right to Access End-users can access their private information via the “My Account” feature. The personal data is hidden/masked within our infrastructure. Right to be Forgotten Cleeng users can explicitly ask to be forgotten. Then, all the personal information is permanently erased while only a User ID is kept for potential future activity. Note: As an eCommerce company, Cleeng obliges the local fiscal laws and has to keep personal data for bookkeeping (up to 10 years). Right to Export Data Within the “My Account” feature, end-users have the opportunity to request and receive a data export in an appropriate format for further processing. 5 Update procedures Cleeng has been working on the GDRP compliance in the past year, and our systems and processes are up to date. 6 Lawful basis for processing personal data As an eCommerce company, we have to collect personal information in order to identify users and enable the service of our clients. However, the company keeps only the minimum required information (name, email, account entitlement, services purchased) related only to the purchased services. Any information collected from our users will not be sold, shared, or rented to others in ways different from what is disclosed in this privacy statement. 7 Consent On the Cleeng website there is a mandatory opt-in option on all of our data capture and account creation points. 8 Children Information The Cleeng service does not store age or children-related information. The service itself is targeted to users aged 18+ and we also recommend our clients to limit their parental control functions to account restriction independent of age. 9 Data Breach Notification In accordance with the European laws, Cleeng is partnering with the best-in-class cybersecurity companies, which monitor our platform 24/7 and run ad-hoc penetration tests. 10 Subject access request/Data processing Role-based administration is in place at our main data systems: The Broadcaster Dashboard and the Cleeng Admin. 11 Data Protection Officer Cleeng has appointed an official DPO since September 2017 who is in charge of Privacy and Security compliance 12 International As an international organization based in the Netherlands, Cleeng is governed by the Dutch DPA (Wet bescherming persoonsgegevens).
Additional reading – useful links http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf http://www.nscreenmedia.com/gdpr-personal-data-protection/ https://knect365.com/media-networks/article/0a5f401c-e9c3-434f-b177-7bece4e99309/five-ways-european-data-privacy-regulations-will-d http://www.moorestephens.co.uk/news-views/january-2017/gdpr-the-impact-on-technology-businesses http://digitalmarketingmagazine.co.uk/digital-marketing-data/how-will-gdpr-impact-tech-companies-and-it-departments/4664 https://medium.com/@kylegibson/how-will-the-gdpr-affect-adtech-and-martech-nobody-really-knows-c2721706eb60 https://www.gdprandbeyond.com/blog-post/data-privacy/gdpr-affect-non-european-companies/ https://www.ft.com/content/5365c1fa-8369-11e7-94e2-c5b903247afd http://www.wired.co.uk/article/what-is-gdpr-uk-eu-legislation-compliance-summary-fines-2018 https://ico.org.uk/media/for-organisations/documents/1624219/preparing-for-the-gdpr-12-steps.pdf https://blog.willis.com/2017/06/guide-to-gdpr-for-tech-media-and-telecommunication-companies/ https://ico.org.uk/media/about-the-ico/consultations/2013551/draft-gdpr-consent-guidance-for-consultation-201703.pdf https://www.eugdpr.org/key-changes.html https://aws.amazon.com/blogs/security/aws-and-the-general-data-protection-regulation/
www.cleeng.com

Recomendados

Launching an OTT service within minutes
Launching an OTT service within minutesLaunching an OTT service within minutes
Launching an OTT service within minutes
Cleeng
 
Cleeng versus in-house
Cleeng versus in-houseCleeng versus in-house
Cleeng versus in-house
Cleeng
 
Cleeng 2014 achievements
Cleeng 2014 achievementsCleeng 2014 achievements
Cleeng 2014 achievements
Cleeng
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 

Recomendados

Launching an OTT service within minutes
Launching an OTT service within minutesLaunching an OTT service within minutes
Launching an OTT service within minutes
Cleeng
 
Cleeng versus in-house
Cleeng versus in-houseCleeng versus in-house
Cleeng versus in-house
Cleeng
 
Cleeng 2014 achievements
Cleeng 2014 achievementsCleeng 2014 achievements
Cleeng 2014 achievements
Cleeng
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
seri bangash
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubham Wadhonkar
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
RRR Chambers
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
Julian Scutts
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
Khushdeep Kaur
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
bd2c5966a56d
 
Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx
2020000445musaib
 
Appeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfAppeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdf
PoojaGadiya1
 
Doctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddpptDoctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddppt
2020000445musaib
 
THE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labourTHE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labour
BhavikaGholap1
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
bd2c5966a56d
 
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
PsychicRuben LoveSpells
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
ShashankKumar441258
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
SUHANI PANDEY
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
RRR Chambers
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
PSSPRO12
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
Kelechi48
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...
James Watkins, III JD CFP®
 
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxAudience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
MollyBrown86
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Jong Hyuk Choi
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 

Más contenido relacionado

Último

3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
seri bangash
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
RRR Chambers
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
bd2c5966a56d
 
Appeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfAppeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdf
PoojaGadiya1
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
bd2c5966a56d
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
ShashankKumar441258
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
SUHANI PANDEY
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...
James Watkins, III JD CFP®
 
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxAudience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
MollyBrown86
 

Último (20)

3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
 
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptxCOPYRIGHTS - PPT 01.12.2023 part- 2.pptx
COPYRIGHTS - PPT 01.12.2023 part- 2.pptx
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
 
Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx
 
Appeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfAppeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdf
 
Doctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddpptDoctrine of Part-Performance.ddddddddddppt
Doctrine of Part-Performance.ddddddddddppt
 
THE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labourTHE FACTORIES ACT,1948 (2).pptx labour
THE FACTORIES ACT,1948 (2).pptx labour
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
 
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...
 
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxAudience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
Audience profile - SF.pptxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 

Destacado

Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Applitools
 

Destacado (20)

Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
 

How to get ready for GDPR compliance

  • 1. www.cleeng.com GDPR and Cleeng Get ready for compliance!
  • 2. 2 What is GDPR? The General Data Protection Regulation requires businesses to protect the personal data and the privacy of EU citizens for transactions carried out within EU member states.
  • 3. What lead to GDPR?
  • 4. 4 Who is affected? Any company that: • Has a presence in an EU country. • Don’t have a presence in the EU, but process the personal data of European residents. • Has more than 250 employees. • Has fewer than 250 employees but your data-processing impacts the rights of data subjects or includes certain kinds of sensitive personal data.
  • 5. What does the numbers say? • 92% of U.S. companies consider GDPR a number one data protection priority (PwC survey); • 50% of the companies affected by GDPR will not be in full compliance by the end of 2018 (Gartner); • Enforces fines of up to €20 million or 2-4% of global turnover, whichever is greater.
  • 6. Individuals rights and roles definition The most important feature of the GDPR is that it clearly defines what individual’s rights are: Individual rights to Access their own personal data Rectify inaccurate personal data Challenge automated decision making Object to direct marketing “To be forgotten” Data portability
  • 7. What changed? Where are the regulations tighter? Major changes Explanation Increased Territorial Scope GPDR makes it very clear - it will apply to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not. Consent The conditions for consent are strengthened. Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear language, for every data capture. Breach Notification The data controller must report data breaches to the data protection authorities without undue delay and in any event within 72 hours of the time of becoming aware of a data breach. Right to Access The controller has to provide a copy of the personal data, free of charge, in an electronic format. Right to be Forgotten The right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. (no longer relevant to original purposes for processing, or data while withdrawing consent) Data Portability The right for a data subject to receive the personal data concerning them, which they have previously provided in a 'commonly use and machine readable format' and have the right to transmit that data to another controller. Privacy by Design Inclusion of data protection from the onset of the designing of systems, rather than an addition.
  • 8. Best practices from our industry Adoption of pseudonymization This type of partial encryption technique means that personal data can no longer be attributed to a specific data subject without the use of additional information, and that information is kept separately and can be thought of as an encryption key. It enhances security, and allows much freer use of data under the workings of the GDPR. Revision of consent points Use compliance from tech partners Under the GDPR, consent given by the customer is valid only if customers give it freely, based on clear and specific information for each processing operation needed. Under the old rulings such operations could be bundled together; that is no longer the case. Ex. AWS has its DPA that will meet the requirements of the GDPR which is available to all AWS customers. Need to contact our AWS account manager.
  • 9. Who needs a dedicated Data Protection Officer (DPO)? The GDPR Section 4, states that Data Protection Officers are to be appointed if: (a) the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; (b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, scope and/or purposes, require regular and systematic monitoring of data subjects on a large scale; or (c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 of the GDPR and personal data relating to criminal convictions and offences referred to in Article 10 of the GDPR. Importantly, the DPO: • Must be appointed on the basis of professional qualities and, in particular, expert knowledge on data protection law and practices; • May be a staff member or an external service provider; • Contact details must be provided to the relevant DPA; • Must be provided with appropriate resources to carry out their tasks and maintain their expert knowledge; • Must report directly to the highest level of management; • Must not carry out any other tasks that could results in a conflict of interest.​ The good news is Cleeng can handle most of the sensitive user data management, and with our strong European base and background, many of this functions can be off-loaded to us.Want to know more? Contact us
  • 10. GDPR checklist – 12 steps
  • 11. Current status at Cleeng Major changes Status 1 GDPR awareness Every key position at Cleeng is well informed, and has specific role in meeting the GDPR compliance. 2 Held information Cleeng encrypts its end-user data to keep it safe from potential intrusion. It also complies with Amazon Web Services, and meets the SAE16 SOC1 certification. 3 Communicating privacy information Cleeng communicates its Privacy Policy on its official website. 4 Right to Access End-users can access their private information via the “My Account” feature. The personal data is hidden/masked within our infrastructure. Right to be Forgotten Cleeng users can explicitly ask to be forgotten. Then, all the personal information is permanently erased while only a User ID is kept for potential future activity. Note: As an eCommerce company, Cleeng obliges the local fiscal laws and has to keep personal data for bookkeeping (up to 10 years). Right to Export Data Within the “My Account” feature, end-users have the opportunity to request and receive a data export in an appropriate format for further processing. 5 Update procedures Cleeng has been working on the GDRP compliance in the past year, and our systems and processes are up to date. 6 Lawful basis for processing personal data As an eCommerce company, we have to collect personal information in order to identify users and enable the service of our clients. However, the company keeps only the minimum required information (name, email, account entitlement, services purchased) related only to the purchased services. Any information collected from our users will not be sold, shared, or rented to others in ways different from what is disclosed in this privacy statement. 7 Consent On the Cleeng website there is a mandatory opt-in option on all of our data capture and account creation points. 8 Children Information The Cleeng service does not store age or children-related information. The service itself is targeted to users aged 18+ and we also recommend our clients to limit their parental control functions to account restriction independent of age. 9 Data Breach Notification In accordance with the European laws, Cleeng is partnering with the best-in-class cybersecurity companies, which monitor our platform 24/7 and run ad-hoc penetration tests. 10 Subject access request/Data processing Role-based administration is in place at our main data systems: The Broadcaster Dashboard and the Cleeng Admin. 11 Data Protection Officer Cleeng has appointed an official DPO since September 2017 who is in charge of Privacy and Security compliance 12 International As an international organization based in the Netherlands, Cleeng is governed by the Dutch DPA (Wet bescherming persoonsgegevens).
  • 12. Additional reading – useful links http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf http://www.nscreenmedia.com/gdpr-personal-data-protection/ https://knect365.com/media-networks/article/0a5f401c-e9c3-434f-b177-7bece4e99309/five-ways-european-data-privacy-regulations-will-d http://www.moorestephens.co.uk/news-views/january-2017/gdpr-the-impact-on-technology-businesses http://digitalmarketingmagazine.co.uk/digital-marketing-data/how-will-gdpr-impact-tech-companies-and-it-departments/4664 https://medium.com/@kylegibson/how-will-the-gdpr-affect-adtech-and-martech-nobody-really-knows-c2721706eb60 https://www.gdprandbeyond.com/blog-post/data-privacy/gdpr-affect-non-european-companies/ https://www.ft.com/content/5365c1fa-8369-11e7-94e2-c5b903247afd http://www.wired.co.uk/article/what-is-gdpr-uk-eu-legislation-compliance-summary-fines-2018 https://ico.org.uk/media/for-organisations/documents/1624219/preparing-for-the-gdpr-12-steps.pdf https://blog.willis.com/2017/06/guide-to-gdpr-for-tech-media-and-telecommunication-companies/ https://ico.org.uk/media/about-the-ico/consultations/2013551/draft-gdpr-consent-guidance-for-consultation-201703.pdf https://www.eugdpr.org/key-changes.html https://aws.amazon.com/blogs/security/aws-and-the-general-data-protection-regulation/