The General Data Protection Regulation (GDPR) will apply from 25 May 2018 and is a policy that protects the rights of personal data of individuals within the EU.
While many of the principles build on current EU data protection rules, the GDPR has a wider scope, more prescriptive standards and substantial fines. For example, it requires a higher standard of consent for using some types of data and broadens individuals’ rights with respect to accessing their data. It also establishes significant enforcement powers, allowing a company’s supervisory authority to seek fines of up to 4% of global annual revenue for certain violations.
In particular, REDSTARSURF is committed to the following:
- Control: Customers are able at any stage to request access to data that is held within our system, and if desired, deletion of this data can be requested.
- Consent: Consent must be freely given, specific, informed and unambiguous for usage of Personal Data.
- Accountability: All efforts are made to ensure the security of Personal Data, however in the event of a breach of data the appropriate supervisory authorities shall be informed within 72 hours of the breach.