The document provides an overview of the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR such as what it is, who it applies to, lawful bases for processing data, data subject rights, and steps for achieving compliance. Specifically, GDPR is a new EU privacy law that gives more control to individuals over their personal data and imposes fines on companies that don't comply. It applies broadly to any organization that handles EU citizens' data.
General Data Protection Regulation for OpsKamil Rextin
A brief on GDPR & Hubspot for Marketing & Marketing Ops.
This PPT provides a brief background on GDPR & how to implement GDPR compliance with Hubspot , Facebook & Google Analytics
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
The document summarizes key aspects of the EU General Data Protection Regulation (GDPR) that took effect in May 2018. It notes that prior agreements like the EU-US Safe Harbor were invalidated, leading to the GDPR. The GDPR established strict rules for processing and transferring personal data of EU citizens. It requires organizations to implement measures to protect privacy and security, obtain consent, respond to requests, report breaches, designate data protection officers, and only use processors that comply. Non-compliance can result in severe penalties.
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
The document provides an overview of data protection and the General Data Protection Regulation (GDPR). It discusses key principles of data protection law including definitions of personal data, data controllers, processors, and the rights of data subjects. It outlines obligations around obtaining and processing personal data lawfully and with consent. The GDPR introduces stricter rules around security, breach notification, rights of individuals, and increased fines for non-compliance. Businesses need to audit their data practices, put appropriate security measures in place, and may need to appoint a data protection officer to comply with the new regulation.
The slide deck provides an overview of key aspects of the General Data Protection Regulation (GDPR) that businesses need to be aware of and comply with. Some of the main points covered include:
1) GDPR requirements for obtaining and documenting valid consent for processing personal data, providing privacy notices, and respecting individual rights to access, rectify and erase their data.
2) The roles and responsibilities of controllers and processors of personal data and requirements for contracts between them.
3) Lawful bases for processing personal data and additional conditions for processing special categories of sensitive personal data.
4) Requirements for data protection by design and default, conducting data protection impact assessments, and managing data breaches.
This document provides an introduction to the General Data Protection Regulation (GDPR). It begins by defining GDPR and explaining why it is important. It describes the evolution of GDPR from earlier data protection directives and regulations. It then defines several key terms related to GDPR, such as personal data, sensitive data, processing, pseudonymisation, and anonymisation. It outlines the structure of GDPR including its 11 chapters and 99 articles. It also describes various roles defined in GDPR such as controller, processor, data protection officer, and supervisory authority. Finally, it summarizes the six key GDPR principles and six lawful bases for processing personal data.
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
General Data Protection Regulation for OpsKamil Rextin
A brief on GDPR & Hubspot for Marketing & Marketing Ops.
This PPT provides a brief background on GDPR & how to implement GDPR compliance with Hubspot , Facebook & Google Analytics
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
The document summarizes key aspects of the EU General Data Protection Regulation (GDPR) that took effect in May 2018. It notes that prior agreements like the EU-US Safe Harbor were invalidated, leading to the GDPR. The GDPR established strict rules for processing and transferring personal data of EU citizens. It requires organizations to implement measures to protect privacy and security, obtain consent, respond to requests, report breaches, designate data protection officers, and only use processors that comply. Non-compliance can result in severe penalties.
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
The document provides an overview of data protection and the General Data Protection Regulation (GDPR). It discusses key principles of data protection law including definitions of personal data, data controllers, processors, and the rights of data subjects. It outlines obligations around obtaining and processing personal data lawfully and with consent. The GDPR introduces stricter rules around security, breach notification, rights of individuals, and increased fines for non-compliance. Businesses need to audit their data practices, put appropriate security measures in place, and may need to appoint a data protection officer to comply with the new regulation.
The slide deck provides an overview of key aspects of the General Data Protection Regulation (GDPR) that businesses need to be aware of and comply with. Some of the main points covered include:
1) GDPR requirements for obtaining and documenting valid consent for processing personal data, providing privacy notices, and respecting individual rights to access, rectify and erase their data.
2) The roles and responsibilities of controllers and processors of personal data and requirements for contracts between them.
3) Lawful bases for processing personal data and additional conditions for processing special categories of sensitive personal data.
4) Requirements for data protection by design and default, conducting data protection impact assessments, and managing data breaches.
This document provides an introduction to the General Data Protection Regulation (GDPR). It begins by defining GDPR and explaining why it is important. It describes the evolution of GDPR from earlier data protection directives and regulations. It then defines several key terms related to GDPR, such as personal data, sensitive data, processing, pseudonymisation, and anonymisation. It outlines the structure of GDPR including its 11 chapters and 99 articles. It also describes various roles defined in GDPR such as controller, processor, data protection officer, and supervisory authority. Finally, it summarizes the six key GDPR principles and six lawful bases for processing personal data.
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
The document discusses the General Data Protection Regulation (GDPR) which regulates how companies handle personal data of EU citizens. It provides an overview of GDPR including key events leading to its adoption and how it strengthens data protection rights. It highlights some notable differences between GDPR and the previous UK Data Protection Act. The document also outlines an approach for companies to become GDPR compliant including conducting a data assessment, updating policies and processes, and appointing a data protection officer if needed. It notes both the penalties for non-compliance and opportunities that GDPR presents organizations.
Intercity technology - GDPR your training toolkitjoshquarrie
The document provides an overview of the GDPR regulation which comes into force on May 25th 2018. It defines key terms such as personal data, data processing, controllers, processors, and consent. It explains that personal data includes any information relating to an identified or identifiable person. Special categories of sensitive personal data are also defined. Examples of personal data held by companies are provided for employees, customers, and other individuals. The rules around marketing to businesses and consumers are outlined. Data breaches and prevention methods like information security, hardware/software, paper records, and physical security are also summarized.
GDPR Basics - General Data Protection RegulationVicky Dallas
The General Data Protection Regulation (GDPR) is a new EU privacy law that strengthens and unifies data protection for individuals within the European Union. It aims to give EU citizens more control over their personal data and to simplify regulations for international businesses. Key aspects of the GDPR include individuals having the right to access, correct and delete their personal data. It also introduces strict rules on obtaining consent and heightened requirements for companies to protect customer data. The GDPR will be enforced beginning May 25, 2018.
Presentation on GDPR which is not technical, nor product specific, focusing on manufacturing industry and providing a non expert view on what the regulation is all about.
Targeted to Senior Management who has a direct responsibility on the treatment (direct or indirect) of personal data.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
The document provides an overview of the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR such as what it is, who it applies to, lawful bases for processing data, data subject rights, and steps for achieving compliance. Specifically, GDPR is a new EU privacy law that gives more control to individuals over their personal data and imposes fines on companies that don't comply. It applies broadly to any organization that handles EU citizens' data.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
Preparing for GDPR: What Every B2B Marketer Must KnowIntegrate
Considering the consequences of non-compliance (up to €20M/$24M or 4% worldwide annual revenue), this translates to a major problem for B2B marketers.
How can your team ensure its lead gen processes are GDPR-compliant without undermining demand generation performance?
View this deck to see how Julian Archer (Sr. Research Director, SiriusDecisions) and Scott Vaughan (CMO, Integrate) educate B2B marketers on: developing a comprehensive GDPR compliance strategy, putting your compliance strategy into action, and applying software to support your compliance measures.
To watch the on-demand version of the webinar, click here:
https://www.integrate.com/gdpr-compliance-b2b-marketing-webinar
This document summarizes a GDPR breakfast briefing that was held on March 8, 2018. It discusses why the new GDPR regulations are being introduced, as the current Data Protection Act is outdated. Key points of the new GDPR are outlined, including increased responsibilities for controllers and processors of personal data, new rights for individuals, and the six principles of lawful personal data processing. Businesses are advised to conduct a data audit, develop a GDPR compliance strategy and roadmap, and address questions about registration, training, data protection officers and data breaches to prepare for the introduction of GDPR by May 2018.
This document discusses a "nightmare letter" that organizations could receive from customers requesting details on how their personal information is collected and protected. The letter requests information on what data the organization has on the customer, how it is used and shared, details of any past data breaches or security incidents, security and privacy policies and practices, and technologies used to protect information. It is presented as a tool for organizations to test their ability to respond to access requests and identify privacy issues. The document also discusses Symantec solutions that can help organizations address the types of concerns raised in the letter.
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumConstantine Karbaliotis
The GDPR will impact Canadian companies that do business in Europe in several ways:
1. Canadian companies will face new obligations around data protection and privacy to comply with the GDPR, including requirements for obtaining consent from individuals and providing certain privacy rights.
2. The GDPR may impact Canada's status as having adequate privacy laws as determined by European regulators. Canada's privacy laws may need to be strengthened to maintain this status and allow for continued data transfers between Europe and Canada.
3. Canadian companies will need to analyze how the GDPR's new requirements around areas like data breaches, international transfers, and individual rights will operationally impact their business practices and data handling. They may need to make changes to
This document provides an overview of key concepts regarding data privacy and security. It discusses the differences between privacy and security, with privacy focusing on data collection and use and security focusing on data protection. Key privacy principles like consent and purpose limitation are explained. The document also summarizes several US privacy laws like the FTC Act, COPPA, and data breach notification laws, as well as some international laws. Best practices around privacy policies, audits, and governance are also covered.
The document provides an overview of the General Data Protection Regulation (GDPR). It begins with an outline of key GDPR terms, principles, rights of data subjects, and responsibilities of controllers and processors. It then discusses governance topics like the data protection officer and data protection impact assessments. The document outlines the GDPR timeline from 2016 to 2018 and compares GDPR to the EU-US Privacy Shield framework. It ends by discussing how companies are prioritizing GDPR compliance and questions to consider regarding readiness.
The GDPR introduces significant new compliance obligations for any organization handling personal data of EU individuals. It increases fines for non-compliance up to 4% of global annual turnover and strengthens the rights of individuals. Key changes include new consent requirements, breach notification timelines, data protection officers, privacy by design principles, documentation requirements, and extraterritorial jurisdiction. Organizations must review their data protection practices and ensure appropriate technical and organizational security measures are implemented to protect personal data.
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Financial Poise
The United States has no federal data security or privacy law covering all businesses or all U.S. citizens. Instead, federal agencies and individual states have created their own patchwork of laws and regulations which must be evaluated for their application to a business.
This webinar will help you navigate the overlapping and sometimes confusing system of laws and regulations which may impact your business, ranging from emerging state-level privacy legislation to the numerous data breach notification statutes to cybersecurity regulations with extraterritorial effect.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-regulations-and-requirements-2021/
The document provides an overview of the UK Data Protection Act of 1998. It was introduced due to public concerns about privacy with advancing computer technology. The Act gives individuals rights over their personal data and requires organizations to be open about how data is collected and used. It established 8 principles of good practice that require data to be fairly and lawfully processed, stored securely, and not transferred without adequate protections.
After ensuring compliance as a controller and processor of data, Reddico created this presentation for the team - offering further guidance and information on our processes and how we've complied. For accuracy purposes, some information comes directly from the ICO's guidelines.
The General Data Protection Regulation (GDPR) is a European Union law that strengthens and unifies data protection for individuals within the EU. It aims to give control to individuals over their personal data and simplify the regulatory environment for international business. Key provisions include strict rules on consent, rights of access and erasure, breach notification, and increased fines. Under GDPR, all companies that collect EU citizens' data must comply with regulations regarding how personal data is collected, processed, stored, and protected. [/SUMMARY]
It, Legal, Marketing and sales departments are all affected by the European Union's General Data Protection Regulation (EU GDPR). EU GDPR is more than an IT governance issue, it impacts the IT architecture and the user journey of your online and offline data capture processes.
The engaging white paper delivers the core facts you need to understand the fundamental nature of the GDPR regulations and what it means for your business and the management of its data.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
The document discusses the General Data Protection Regulation (GDPR) which regulates how companies handle personal data of EU citizens. It provides an overview of GDPR including key events leading to its adoption and how it strengthens data protection rights. It highlights some notable differences between GDPR and the previous UK Data Protection Act. The document also outlines an approach for companies to become GDPR compliant including conducting a data assessment, updating policies and processes, and appointing a data protection officer if needed. It notes both the penalties for non-compliance and opportunities that GDPR presents organizations.
Intercity technology - GDPR your training toolkitjoshquarrie
The document provides an overview of the GDPR regulation which comes into force on May 25th 2018. It defines key terms such as personal data, data processing, controllers, processors, and consent. It explains that personal data includes any information relating to an identified or identifiable person. Special categories of sensitive personal data are also defined. Examples of personal data held by companies are provided for employees, customers, and other individuals. The rules around marketing to businesses and consumers are outlined. Data breaches and prevention methods like information security, hardware/software, paper records, and physical security are also summarized.
GDPR Basics - General Data Protection RegulationVicky Dallas
The General Data Protection Regulation (GDPR) is a new EU privacy law that strengthens and unifies data protection for individuals within the European Union. It aims to give EU citizens more control over their personal data and to simplify regulations for international businesses. Key aspects of the GDPR include individuals having the right to access, correct and delete their personal data. It also introduces strict rules on obtaining consent and heightened requirements for companies to protect customer data. The GDPR will be enforced beginning May 25, 2018.
Presentation on GDPR which is not technical, nor product specific, focusing on manufacturing industry and providing a non expert view on what the regulation is all about.
Targeted to Senior Management who has a direct responsibility on the treatment (direct or indirect) of personal data.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
The document provides an overview of the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR such as what it is, who it applies to, lawful bases for processing data, data subject rights, and steps for achieving compliance. Specifically, GDPR is a new EU privacy law that gives more control to individuals over their personal data and imposes fines on companies that don't comply. It applies broadly to any organization that handles EU citizens' data.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
Preparing for GDPR: What Every B2B Marketer Must KnowIntegrate
Considering the consequences of non-compliance (up to €20M/$24M or 4% worldwide annual revenue), this translates to a major problem for B2B marketers.
How can your team ensure its lead gen processes are GDPR-compliant without undermining demand generation performance?
View this deck to see how Julian Archer (Sr. Research Director, SiriusDecisions) and Scott Vaughan (CMO, Integrate) educate B2B marketers on: developing a comprehensive GDPR compliance strategy, putting your compliance strategy into action, and applying software to support your compliance measures.
To watch the on-demand version of the webinar, click here:
https://www.integrate.com/gdpr-compliance-b2b-marketing-webinar
This document summarizes a GDPR breakfast briefing that was held on March 8, 2018. It discusses why the new GDPR regulations are being introduced, as the current Data Protection Act is outdated. Key points of the new GDPR are outlined, including increased responsibilities for controllers and processors of personal data, new rights for individuals, and the six principles of lawful personal data processing. Businesses are advised to conduct a data audit, develop a GDPR compliance strategy and roadmap, and address questions about registration, training, data protection officers and data breaches to prepare for the introduction of GDPR by May 2018.
This document discusses a "nightmare letter" that organizations could receive from customers requesting details on how their personal information is collected and protected. The letter requests information on what data the organization has on the customer, how it is used and shared, details of any past data breaches or security incidents, security and privacy policies and practices, and technologies used to protect information. It is presented as a tool for organizations to test their ability to respond to access requests and identify privacy issues. The document also discusses Symantec solutions that can help organizations address the types of concerns raised in the letter.
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
Impact of GDPR on Canada May 2016 - Presented at IAPP Canada SymposiumConstantine Karbaliotis
The GDPR will impact Canadian companies that do business in Europe in several ways:
1. Canadian companies will face new obligations around data protection and privacy to comply with the GDPR, including requirements for obtaining consent from individuals and providing certain privacy rights.
2. The GDPR may impact Canada's status as having adequate privacy laws as determined by European regulators. Canada's privacy laws may need to be strengthened to maintain this status and allow for continued data transfers between Europe and Canada.
3. Canadian companies will need to analyze how the GDPR's new requirements around areas like data breaches, international transfers, and individual rights will operationally impact their business practices and data handling. They may need to make changes to
This document provides an overview of key concepts regarding data privacy and security. It discusses the differences between privacy and security, with privacy focusing on data collection and use and security focusing on data protection. Key privacy principles like consent and purpose limitation are explained. The document also summarizes several US privacy laws like the FTC Act, COPPA, and data breach notification laws, as well as some international laws. Best practices around privacy policies, audits, and governance are also covered.
The document provides an overview of the General Data Protection Regulation (GDPR). It begins with an outline of key GDPR terms, principles, rights of data subjects, and responsibilities of controllers and processors. It then discusses governance topics like the data protection officer and data protection impact assessments. The document outlines the GDPR timeline from 2016 to 2018 and compares GDPR to the EU-US Privacy Shield framework. It ends by discussing how companies are prioritizing GDPR compliance and questions to consider regarding readiness.
The GDPR introduces significant new compliance obligations for any organization handling personal data of EU individuals. It increases fines for non-compliance up to 4% of global annual turnover and strengthens the rights of individuals. Key changes include new consent requirements, breach notification timelines, data protection officers, privacy by design principles, documentation requirements, and extraterritorial jurisdiction. Organizations must review their data protection practices and ensure appropriate technical and organizational security measures are implemented to protect personal data.
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Financial Poise
The United States has no federal data security or privacy law covering all businesses or all U.S. citizens. Instead, federal agencies and individual states have created their own patchwork of laws and regulations which must be evaluated for their application to a business.
This webinar will help you navigate the overlapping and sometimes confusing system of laws and regulations which may impact your business, ranging from emerging state-level privacy legislation to the numerous data breach notification statutes to cybersecurity regulations with extraterritorial effect.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-regulations-and-requirements-2021/
The document provides an overview of the UK Data Protection Act of 1998. It was introduced due to public concerns about privacy with advancing computer technology. The Act gives individuals rights over their personal data and requires organizations to be open about how data is collected and used. It established 8 principles of good practice that require data to be fairly and lawfully processed, stored securely, and not transferred without adequate protections.
After ensuring compliance as a controller and processor of data, Reddico created this presentation for the team - offering further guidance and information on our processes and how we've complied. For accuracy purposes, some information comes directly from the ICO's guidelines.
The General Data Protection Regulation (GDPR) is a European Union law that strengthens and unifies data protection for individuals within the EU. It aims to give control to individuals over their personal data and simplify the regulatory environment for international business. Key provisions include strict rules on consent, rights of access and erasure, breach notification, and increased fines. Under GDPR, all companies that collect EU citizens' data must comply with regulations regarding how personal data is collected, processed, stored, and protected. [/SUMMARY]
It, Legal, Marketing and sales departments are all affected by the European Union's General Data Protection Regulation (EU GDPR). EU GDPR is more than an IT governance issue, it impacts the IT architecture and the user journey of your online and offline data capture processes.
The engaging white paper delivers the core facts you need to understand the fundamental nature of the GDPR regulations and what it means for your business and the management of its data.
On 25 May 2018, the EU’s General Data Protection Regulation
(GDPR) came into effect and applies to all businesses – regardless of size - operating in the U.K., as well as all businesses outside the EU that collect or process the data of EU citizens and residents.
The purpose of this document is threefold:
1: Introduce the GDPR and highlight key pieces of the legislation
that should be front-of-mind for business owners
2: Lay out a path for businesses to follow to ensure compliance
by May 2018
3: Address questions put forward by businesses that completed
our GDPR survey
This webinar from Deeson with digital law specialist Heather Burns offers actionable guidance for business leaders to kick-start the GDPR compliance process.
This document provides an overview of the General Data Protection Regulation (GDPR) and recommendations for businesses to prepare for its implementation. Some key points:
- GDPR applies to any business established in the EU or offering goods/services to EU residents and takes full effect on May 25, 2018. Non-compliance could result in fines up to 20 million euros.
- Businesses need to designate a data protection officer, map their data flows, determine the legal basis for processing personal data, and update processes for responding to access and erasure requests.
- Preparing for GDPR involves training staff, being transparent about data use, implementing privacy by design, and having processes to address data breaches. Proper preparation will
EMMA’s EMEA Regional Director Joseph Yammine explains how the EU’s General Data Protection Regulation applies to the Health Care Industry and how you can prepare your team to follow the regulation and avoid any data breaches.
GDPR + Sales & Marketing A practical guide by Dan Smith DooghenoDaniel Smith
This document provides guidance for sales and marketing teams on complying with the General Data Protection Regulation (GDPR). It discusses how GDPR will impact various marketing and sales activities, including cold emails, event marketing, inbound marketing, and the role of salespeople. The key points are that consent is now required to process and collect personal data, companies must be able to prove consent was given, and marketing activities need to follow principles like transparency, purpose limitation, and data minimization. Fines for non-compliance can be up to 20 million euros.
Key Issues on the new General Data Protection RegulationOlivier Vandeputte
The General Data Protection Regulation is one of the most wide ranging pieces of legislation passed by the EU in recent years. The GDPR comes into effect on 25 May 2018. The new framework is ambitious, complex and strict. It presents any organization that has so far failed to begin preparations with a steep challenge to become GDPR compliant in time.
We have summarized the key issues in our GDPR brochure.
The General Data Protection Regulation (GDPR) is a regulation scheduled to be enacted on May 25, 2018. It is designed to protect the privacy and rights of EU citizens, no matter where they are in the world. These slides cover the basics of these regulations and how you can make sure you are EU compliant.
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
The General Data Protection Regulation is the biggest change to the law on data in years. This webinar features Vicky Brown, Deputy General Counsel at WPP, and Paul King, Head of Data at OgilvyOne discussing what it is, why it matters and what companies are doing.
In general, the GDPR applies to any business that processes personal data by automated or manual processing
A strategic approach is introduced to regulating personal data and the normative foundations of the European Unions General Data Protection Regulation (GDPR)
Existing Requirements imposed by the 1995 Data Protection Directive are refined.
It does this by establishing a uniform framework for data protection legislation across the EU
The General Data Protection Regulation (GDPR) is a new EU data protection law that takes effect in May 2018. It places greater obligations on organizations to protect personal data and privacy. The GDPR expands the definition of personal data, increases requirements for consent and transparency, strengthens individual rights, and imposes tougher fines for non-compliance. Businesses need to review their data protection practices, identify any risks, and make changes to policies and procedures to ensure compliance with the new law. Failure to comply could result in significant fines of up to 4% of global revenue.
Cognizant business consulting the impacts of gdpraudrey miguel
GDPR will fundamentally change the approach to personal data protection in Europe beginning in May 2018. It aims to give individuals greater control over their personal data and places more responsibility on organizations to demonstrate appropriate consent and data usage. While Swiss law already protects personal data, recent updates to Switzerland's Federal Act on Data Protection are intended to closely align it with GDPR. Organizations need to start implementing programs now to assess their compliance and address new requirements around data usage, security, individual rights and oversight.
1) The new GDPR laws taking effect in May 2018 will give users more control over their personal data and require businesses to be more transparent in how they collect and use personal data.
2) All businesses that collect any personal data, whether small or large, will need to be compliant with GDPR by May 25, 2018. Non-compliance can result in fines of up to 20 million euros or 4% of global turnover.
3) Businesses need to audit what personal data they hold, where it was collected from, who they share it with, obtain user consent for data use, update their privacy policies and marketing practices, and be prepared to respond to data breaches within 72 hours to be compliant with
General Data Protection Regulation specifies how customers data can be used and protected. The primary objective of the GDPR is to give citizens control of their personal data. Failing to comply with GDPR can cost you 4% of global turnover or €20 million or whichever is greater.
WordPress is an open-source content management system that allows users to build dynamic websites and blogs. There are three main options to install WordPress: managed WordPress hosting from GoDaddy, one-click install from cPanel, or manual installation by uploading files via FTP. The manual installation process involves downloading WordPress files, creating a database, uploading files via FTP, and configuring WordPress by providing database details.
How Tyrone Systems Leveraged World Cup Cricket 2015Saurabh Pandey
This is a social media case study by dotConverse on how a technology hardware company leveraged sports (WCC 2015) to create thought-leadership and communication disruption
How We Made A Social Media Success Of A Gaming EventSaurabh Pandey
Game Jam Titan is a unique multi-city gaming event targeted at school and college students. Our brief was to create awareness & reach and engagement alongwith tangible metrics growth. We had under 2 weeks. This is the story of how we did it.
Lemp Brewpub -ORM + Social Media Case StudySaurabh Pandey
A restaurant + pub, completely devasted in a few days owing to a storm of negative reviews across media. Things that they did wrong, how the reputation was managed (albeit late) and what metrics looked controlled after some time. Know all about, ideas, processes, metrics and results of INDIA'S WORST ORM NIGHTMARE
4 social media lessons from sachin tendulkar!Saurabh Pandey
What social media marketers can learn from the legendry cricketer Sachin Tendulkar. Thoughts from dotConverse, a leading social and digital agency operating out of Delhi NCR and Singapore
The document discusses how the internet, domain names, and the world wide web work. It explains that web pages are stored on web servers connected to the internet. These servers are identified by unique IP addresses but are easier for humans to access using domain names. The Domain Name System (DNS) converts domain names into the corresponding IP addresses so browsers can locate the correct server. Traffic to a website comes from people directly typing the URL, links from search engines, referrals from other sites, and other online marketing activities.
The template provides sections for key information to include in an online media plan such as objectives, target audience, strategy, tactics, budget, timeline, and metrics. It outlines the goals, channels, budget allocation, schedule, and metrics for measuring success.
Objectives:
- State the goals and objectives of the campaign (e.g. increase brand awareness by 15%, generate 500 new leads)
Target Audience:
- Describe the target audience (demographics, interests, behaviors)
Strategy:
- Explain the overall strategy to reach goals (e.g. leverage social and paid search to drive traffic to website)
Why is Social Media a necessity for the new workplace? How can knowledge be captured, preserved , shared and built upon with the help of social media in the new workplace?
How 'You' are changing the marketing paradigm!Saurabh Pandey
The power is in 'Your' hands- to decide, consume and influence.
Brands have never faced a situation that makes individual consumers so powerful that it has become imperatiive for brands to consider social networks and social media in their marketing strategies.
Blog are an integral part of Social Media Marketing. But how do you know which blogs to invest in? If you run your own blog, then what are the metrics you needs to keep a close tab upon? 22 Metrics to judge a blog (or an interactive website) right here!
Digital Marketing with a Focus on Sustainabilitysssourabhsharma
Digital Marketing best practices including influencer marketing, content creators, and omnichannel marketing for Sustainable Brands at the Sustainable Cosmetics Summit 2024 in New York
3 Simple Steps To Buy Verified Payoneer Account In 2024SEOSMMEARTH
Buy Verified Payoneer Account: Quick and Secure Way to Receive Payments
Buy Verified Payoneer Account With 100% secure documents, [ USA, UK, CA ]. Are you looking for a reliable and safe way to receive payments online? Then you need buy verified Payoneer account ! Payoneer is a global payment platform that allows businesses and individuals to send and receive money in over 200 countries.
If You Want To More Information just Contact Now:
Skype: SEOSMMEARTH
Telegram: @seosmmearth
Gmail: seosmmearth@gmail.com
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...my Pandit
Explore the fascinating world of the Gemini Zodiac Sign. Discover the unique personality traits, key dates, and horoscope insights of Gemini individuals. Learn how their sociable, communicative nature and boundless curiosity make them the dynamic explorers of the zodiac. Dive into the duality of the Gemini sign and understand their intellectual and adventurous spirit.
Easily Verify Compliance and Security with Binance KYCAny kyc Account
Use our simple KYC verification guide to make sure your Binance account is safe and compliant. Discover the fundamentals, appreciate the significance of KYC, and trade on one of the biggest cryptocurrency exchanges with confidence.
Event Report - SAP Sapphire 2024 Orlando - lots of innovation and old challengesHolger Mueller
Holger Mueller of Constellation Research shares his key takeaways from SAP's Sapphire confernece, held in Orlando, June 3rd till 5th 2024, in the Orange Convention Center.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
The APCO Geopolitical Radar - Q3 2024 The Global Operating Environment for Bu...APCO
The Radar reflects input from APCO’s teams located around the world. It distils a host of interconnected events and trends into insights to inform operational and strategic decisions. Issues covered in this edition include:
Brian Fitzsimmons on the Business Strategy and Content Flywheel of Barstool S...Neil Horowitz
On episode 272 of the Digital and Social Media Sports Podcast, Neil chatted with Brian Fitzsimmons, Director of Licensing and Business Development for Barstool Sports.
What follows is a collection of snippets from the podcast. To hear the full interview and more, check out the podcast on all podcast platforms and at www.dsmsports.net
How MJ Global Leads the Packaging Industry.pdfMJ Global
MJ Global's success in staying ahead of the curve in the packaging industry is a testament to its dedication to innovation, sustainability, and customer-centricity. By embracing technological advancements, leading in eco-friendly solutions, collaborating with industry leaders, and adapting to evolving consumer preferences, MJ Global continues to set new standards in the packaging sector.
Storytelling is an incredibly valuable tool to share data and information. To get the most impact from stories there are a number of key ingredients. These are based on science and human nature. Using these elements in a story you can deliver information impactfully, ensure action and drive change.
HOW TO START UP A COMPANY A STEP-BY-STEP GUIDE.pdf46adnanshahzad
How to Start Up a Company: A Step-by-Step Guide Starting a company is an exciting adventure that combines creativity, strategy, and hard work. It can seem overwhelming at first, but with the right guidance, anyone can transform a great idea into a successful business. Let's dive into how to start up a company, from the initial spark of an idea to securing funding and launching your startup.
Introduction
Have you ever dreamed of turning your innovative idea into a thriving business? Starting a company involves numerous steps and decisions, but don't worry—we're here to help. Whether you're exploring how to start a startup company or wondering how to start up a small business, this guide will walk you through the process, step by step.
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Final ank Satta Matka Dpbos Final ank Satta Matta Matka 143 Kalyan Matka Guessing Final Matka Final ank Today Matka 420 Satta Batta Satta 143 Kalyan Chart Main Bazar Chart vip Matka Guessing Dpboss 143 Guessing Kalyan night
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdfthesiliconleaders
In the recent edition, The 10 Most Influential Leaders Guiding Corporate Evolution, 2024, The Silicon Leaders magazine gladly features Dejan Štancer, President of the Global Chamber of Business Leaders (GCBL), along with other leaders.
2. Index
❖ Data Protection Vs Data Privacy
❖ What is GDPR?
❖ How GDPR Structure lookalike?
❖ Who does the GDPR apply to?
❖ Lawful Basis of Processing
❖ Which Information does the GDPR apply to?
❖ Key Components of GDPR
❖ 6 Steps to Become GDPR Compliant
3. Index
❖ Key Rights for Consumer(Data Subject)
❖ What can a company do to prepare?
❖ Develop a plan to tackle GDPR
❖ How GDPR impact Marketing?
❖ Who is most affected?
❖ Practical Tips on GDPR for Marketing
4. Data Protection VS. Data Privacy
❖ Data protection or Data security pertains to ‘protecting the
data’ against ‘unauthorized access’.
❖ However, authorised or unauthorised access can still breach
privacy.
❖ So Privacy and Security/Protection are 2 different things
5. Data Protection VS. Data Privacy
Protection Privacy
Ensures unauthorised access
is not permitted
Ensures privacy is not compromised
in event of unauthorised and importantly
even when there is authorised
access to data
6. The Background
❖ Data protection reforms were started in 2012 in EU.
❖ One of the key components of this reform is GDPR
(General Data Protection Regulation).
❖ Basically GDPR is a set of rules designed to give more
control to EU Citizens over their personal data.
7. What is GDPR
Under the terms of GDPR, not only will organisations have to ensure that
personal data is gathered legally and under strict conditions, but those
who collect and manage it will be obliged to protect it from misuse and
exploitation, as well as to respect the rights of data owners - or face
penalties for not doing so.
8. What is GDPR?
❖ Though this policy is primarily aimed at EU citizens it also covers those who are in possession
of EU-based personal data. Its focus is to ensure that consumers have rights such as:
❖ The right to erasure
❖ The right to restriction
❖ The right to object
❖ Information notices
Those who fail to comply with GDPR may be punished by fines at the equivalent of up to 4% of
their annual turnover or €20 million.
9. GDPR Application
GDPR applies to any organisation operating within the EU, as well as any organisations
outside of the EU which offer goods or services to customers or businesses in the EU.
That ultimately implies that almost every major corporation in the world will need to be ready
when GDPR comes into effect, and must start working on their GDPR compliance strategy.
11. Who does the GDPR apply to ?
❖ DATA CONTROLLER
A data controller is a central figure when it comes to protecting the rights of the data
subject (a.k.a. the individual or the organization).
12. Who does the GDPR apply to ?
❖ DATA PROCESSOR
Organizations that process the data on behalf of the data controller are called data
processors. For e.g. Facebook
13. Who does the GDPR apply to ?
❖ DATA SUBJECTS: The consumers
14. Lawful basis for processing
Data may not be processed unless there is at least one lawful basis to do so:
❖ Consent: the individual has given clear consent for you to process their personal data for a
specific purpose.
❖ Contract: the processing is necessary for a contract you have with the individual,
❖ Legal obligation: the processing is necessary for you to comply with the law
❖ Vital interests: the processing is necessary to protect someone’s life.
❖ Public task: the processing is necessary for you to perform a task in the public interest or for
your official work
❖ Legitimate interests: the processing is necessary for your legitimate interests or the legitimate
interests of a third party unless there is a good reason to protect the individual’s personal data
which overrides those legitimate interests.
15. What is consent?
You need to have a legal basis to process a EU citizen’s personal data. ‘Consent’
is one legal way to do so, as long as it is verifiable and specific.
Verifiable consent requires a written record of when and how someone agreed to
let you process their personal data.
Consent must also be unambiguous and involve a clear affirmative action. This
means clear language and no pre-checked consent boxes.
16. Which information does the GDPR apply
to?
❖ Personal data
The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person
who can be directly or indirectly identified in particular by reference to an identifier, e.g. IP
address, email IDs, User IDs, Photographs, etc.
❖ Sensitive personal data
The special categories specifically include genetic data, and biometric data where
processed to uniquely identify an individual. e.g. Racial, Political Opinions, Health data etc.
18. Six Steps to GDPR Compliant
❖ It is processed fairly, lawfully and transparently
❖ It is collected and processed for specific reasons and stored for specific
periods of time, and that it is not used for reasons beyond its original purpose
❖ Only the data necessary for the purpose it is intended is collected, and not
more
19. Six Steps to GDPR Compliance
❖ It is accurate and that reasonable steps are taken to ensure it remains accurate
❖ It is kept in a form that allows individuals to be identified only as long as is
necessary
❖ It is kept securely and protected from unlawful access, accidental loss or
damage
21. Data Subject Rights
❖ RIGHT TO BE INFORMED
When they are collecting data from you, organisations must properly inform you what data they
are collecting, what they are using for, how long they are keeping it and which organisations it
is being shared with.
22. Data Subject Rights
❖ THE RIGHT TO ACCESS
You have the right to contact an organisation and ask them to provide the data they hold on
you. This includes the data they hold, why they hold it, and what they are doing with it,
including which organisations it is shared with.
23. Data Subject Rights
❖ THE RIGHT TO RECTIFICATION
You have the right to ensure that information about you is correct, and to ensure that
information is corrected if found to be inaccurate.
24. Data Subject Rights
❖ THE RIGHT TO ERASURE
Also known as the “right to be forgotten”, this means you have the right to demand that
information a company holds about you is deleted, in part or entirely. This is not an absolute
right, and in some circumstances this request can be refused.
25. Data Subject Rights
❖ THE RIGHT TO RESTRICT PROCESSING
You have the right to deny consent for an organisation to process your data, even if you have
given consent for it to do so in the past. This right also is not absolute and can in some
circumstances be refused. But an organisation must be able to show you what it is doing with
your data so you can decide to restrict processing if you wish.
26. Data Subject Rights
❖ THE RIGHT TO DATA PORTABILITY
This right gives you the opportunity to take the data an organisation holds on you and extract it
for use elsewhere. A good example are the features that Facebook or Google offers that allow
you to download the profile information accumulated on the service. This is to promote
competition, so that users are not forcibly tied to an uncompetitive service due to the weight of
accumulated data.
27. Data Subject Rights
❖ RIGHT IN RELATION TO AUTOMATED DECISION MAKING
Finally, with the growth in profiling and the use of data to make automated, from targeted
advertising or content to credit decisions or job applications, this provides individuals with the
right to object to or appeal against automated decisions that affect them. This is particularly the
case where decisions have serious legal consequences or similar. All such processing
requires the explicit, informed consent of the individual.
28. Data Subject Rights
❖ THE RIGHT TO OBJECT
This allows you to demand that organizations stop using your data in ways you object to. For
example, sending direct marketing, or making nuisance commercial phone calls.
31. Develop a Plan to Tackle GDPR
❖ Integrate your IT and marketing departments
Between the threat of cybercrime and the necessity for specific monitoring and
implementation strategies, your IT department will be your new best friend.
32. Develop a Plan to Tackle GDPR
❖ Hire a Data Protection Officer (DPO)
DPOs assist you to monitor internal compliance, inform and advise on your data
protection obligations, provide advice regarding Data Protection Impact
Assessments (DPIAs) and act as a contact point for data subjects and the
supervisory authority
33. Develop a Plan to Tackle GDPR
❖ Educate your Staff
Anyone who handles information needs to be educated about GDPR. This
includes staff that interacts with new customers or users, those that maintain CRM
systems, and even data entry personnel.
34. Develop a Plan to Tackle GDPR
❖ Create Tools Which Ensure Privacy
Every day there are more and more companies popping up with pseudonymization
solutions and other ways to keep compliant. Work with your DPO and your IT
department to find the solution that works best for you.
35. Develop a Plan to Tackle GDPR
❖ Do an Audit of your Current data security system
The best way to ensure compliance is to have an accurate assessment of your
current data processes. That way you can identify high-risk areas and fix any
potential problem areas before enforcement begins
36. Develop a Plan to Tackle GDPR
❖ Work with third-party providers who are GDPR-
compliant
This includes your email service provider, your CRM service and your marketing
and PR agencies. You can be held responsible for breaches made by processors
you work with. It’s important to ensure that all aspects of your data processing are
in compliance.
37. How Does the GDPR apply on the basis of Geolocation
Standpoint
❖ Sell or market goods or services to EU citizens (regardless of where they
live) or current EU residents.
❖ Employ EU citizens.
❖ Monitor the behavior of EU citizens or residents.
❖ Collect, process or hold the personal data of EU citizens or residents.
38. How Does the GDPR apply on the basis of Functional
Standpoint
❖ The technical answer is that you need to know whether you’re a processor
and/or a controller as defined by the GDPR.
❖ Controllers store personal data. A payment platform like PayPal is a good
example.
❖ Processors use that data for a specific purpose but don’t store it once that
purpose has been achieved. One example would be people who sell things
online and use PayPal to process payments. They use a buyer’s information for
shipping and payment purposes but don’t store that data after the transaction
has been completed.
39. How GDPR Impacts Marketing
❖ There are only 3 key areas that marketers need to worry about – data
permission, data access and data focus.
40. 1. Data Permission
❖ Data permission is about how you manage email opt-ins –people who request
to receive promotional material from you.
❖ For example, instead of assuming that visitors who fill out a web form want to
receive marketing emails, organisations now need ask visitors to specifically
opt-in to newsletters by ticking the sign up box. This opt-in proof is necessary
to be stored and be available for any audits
42. 2. Data Access
❖ The right to be forgotten has become one of the most talked about rulings in
EU Justice Court history. It gives people the right to have outdated or
inaccurate personal data to be removed and has, in some instances, already
been implemented by companies like Google, who were forced to remove
pages from its search engine results in order to comply.
43. 2. Data Access
❖ As a marketer, it will be your responsibility to make sure that your users can
easily access their data and remove consent for its use.
❖ Practically speaking, this can be as straightforward as including an unsubscribe
link within your email marketing template and linking to a user profile that
allows users to manage their email preferences (as shown in the next slide).
45. 3. Data Focus
❖ As marketers, we can all be guilty of collecting a little more data from a person than
we actually need.
❖ Ask yourself, do I really need to know someone’s favorite movie before they can
subscribe to our newsletter?
❖ GDPR requires you to legally justify the processing of the personal data you
collect.
46. Who is affected most by GDPR in
marketing
❖ Email marketing managers
❖ Marketing automation specialists
❖ Public relations executive
47. 9 Practical Tips on GDPR FOR
Marketing
❖ Start auditing your mailing list now
❖ Review the way you’re currently collecting personal data
❖ Educate your sales team about social selling techniques
48. 9 Practical Tips on GDPR FOR
Marketing
❖ Start centralizing your personal data collection into a CRM system
❖ Understand the data you’re collecting in more detail.
❖ Try using push notifications
49. 9 Practical Tips on GDPR FOR
Marketing
❖ Update your privacy statement
❖ Invite visitors to add themselves to your mailing list by launching a pop up on
your website
❖ Invest in a content marketing strategy by creating white papers, guides and
eBooks that visitors can access and download in exchange for them sharing their
contact information.
50. eMail- GDPR
❖ Forms on websites should have checkboxes for opt-in consent
❖ Explain how and why you would use this data
❖ You should double check if any integrations do not automatically add data to
your database (e.g. Facebook leads)
❖ Allow access to users to their personal profile stored at your end, so they can
update their data
51. GDPR and emailing
❖ Create a consent email campaign and send to all users to ask specific
consent
❖ Create an ‘Update Profile’ campaign and let users update their profiles
❖ Create a ‘segment’ of compliant users in your database/
52. Privacy Policy and GDPR
Please include the following details in your Privacy Policy:
▪ Who is collecting the data?
▪ What data is being collected?
▪ What is the legal basis for processing the data?
▪ Will the data be shared with any third parties?
▪ How will the information be used?
▪ How long will the data be stored for?
▪ What rights does the data subject have?
▪ How can the data subject raise a complaint?
53. Cookies & GDPR
❖ While cookie in a browser is just an ID, however when combined with other
data (IP address, device, Unique IDs, login IDs etc.) it may be used in
identifying a person, hence cookie data is termed as personal data.
54. Cookies & GDPR
Consent should be given by a clear affirmative act establishing a freely given, specific, informed
and unambiguous indication of the data subject's agreement to the processing of personal data
relating to him or her, such as by a written statement, including by electronic means, or an oral
statement. This could include ticking a box when visiting an internet website, choosing technical
settings for information society services or another statement or conduct which clearly indicates in
this context the data subject's acceptance of the proposed processing of his or her personal data.
55. Cookies & GDPR
❖ Just Agree and Not agree options are not enough
❖ Companies, ideally should, give users an idea about what type of cookies are
being used and allow them to choose the cookies they allow.
❖ Cookies and other files that may be stored in users’ browsers should also be
revealed in Privacy statements or consent forms descriptions
56. Types of Cookies & GDPR
❖ Essential Cookies- which are important for a website’s functioning (session
log in, add to favorites/cart etc.)
❖ Analytics Cookies- Not essential for functioning of website, but are important
for monitoring purposes. You may want to elaborate and give a choice to
users to accept or not accept these cookies
❖ Third Party Ads/Affiliates- Non essential.
57. Cookies & GDPR
1. Users should know how will
their data be used.
2. Can also allow users to choose
which cookies they want to accept
58. Please note
❖ This presentation is educative in purpose and not a legal advice. Please
consult your legal advisor on GDPR before proceeding further