The General Data Protection Regulation was formally adopted in April 2016 by both European Commission Council and European Parliament. Today, on 4th of May of 2016, with the publishing of the regulation in the official journal, the transition period of two years initiated and now companies have to adapt their websites, data processors, privacy policies, etc., to the new regime.
Since this recent event, there has been an increased concern about user’s data protection. Many people have a lot of questions and because there is so much mixed information on search engines, it is difficult to understand what is what and the correct rights that users, websites and processors have. The purpose of this article is to list some key definitions about Data Protection, Data Subject, Data Controller and many more.
You can understand data protection as the legal control over the access and use of the data stored on your computer. This means that any kind of regulation – local or international – that protects the access or use of your personal and/or sensitive data, is data protection regulation.
Data protection laws are created by governments to limit the access that organizations would have to your personal and sensitive data. Personal data is any kind of information that is related to an identified or identifiable natural person. This information can be of any kind but it enables that an individual is recognized.
In contrast, sensitive personal data is any kind of personal data that can be used in a discriminatory way against you. The sensitive data is the kind of information that is most covered in data protections laws because it brings risk to the user if there is a case of leakage.
Data privacy is not the same thing as data protection. Data privacy is the relationship between the collection and dissemination of data. It tells you what are the advantages and issues between collecting and sharing the data information of a natural person.
The organization that collects and processes the data information from a user is known as data processor. They must always work together with a data controller, which is the responsible to determine the purposes in which the data is being requested and which are the security policies in which the data is being kept.
Data security, finally, refers to the protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. This means that data security applies the actions that you do to avoid data leakage, for example.
Keep tuned on our blog posts for much more information about Data Protection and Data Privacy.