In times of increasing digitalization and with the rise of the data economy, the protection of personal data is one of the key issues. It is therefore all the more crucial for everyone to know what the term data privacy actually stands for.
Definition
Data privacy, also known as information privacy, is an aspect of data security that deals with the proper handling of personal data. It refers primarily to the protection of individuals’ personal data against misuse.
Data privacy can thus be interpreted as the right to decide for yourself,
who
at what time and
to what extent
has access to your personal data.
The purpose of data privacy is therefore to ensure the privacy of individuals.
Did you know that the protection of personal data has been a fundamental right in Europe for years? In recent years, however, data protection has become even more important in practical terms. Technical developments and global networking facilitate the collection, processing, storage, dissemination and analysis of data.
Example
In the USA, there are already some very successful companies that specialize in collecting personal data. The records include, for example, name, gender, political affiliation, income and much more. Banks, insurance companies or other businesses buy this data to get background information, make credit decisions or optimize marketing activities.
You may be familiar with the scandal surrounding Camebridge Analytics, which is said to have used such data to significantly influence the elections of US President Trump?
Examples such as these clearly show that data privacy is important so that people stay in control of their personal information. Therefore, the main objective of the General Data Protection Regulation(GDPR) is the protection of personal data.
Since 25 May 2018, the GDPR has been in force.
As a European regulation, it is directly – i.e. mandatory – applicable in every European member state. National laws are therefore only of a supplementary nature. However, the GDPR also contains certain opening clauses (e.g. age limits can be shifted by national laws).
What is GDPR exactly? It is a legally binding regulation on the protection of individuals regarding the processing of personal data. The protection of company data only plays a role if it is personally identifiable (e.g. the data of employees, customers, suppliers).
GDPR aims to strengthen the rights of individuals, harmonise data protection law in the EU and improve the enforceability of data protection by uniform enforcement and high fines.
In order to give individuals more control over their personal data, the GDPR applies not only to all processing of personal data carried out by organisation within the EU, but also to organisations outside the EU offering goods and services to citizens of the EU. So if you are wondering whether the EU’s strict data protection guidelines also apply to, for example, US-based search engine operators offering their services to European citizens or social networks such as Facebook, the answer is yes.
It is important that you are familiar with some important terms introduced in GDPR. Let’s take a closer look at them now:
Definition
A data controller is the person (or business) who decides on the purposes and ways of processing personal data, whereas a data processor processes personal data on behalf of the controller (excluding the data controller’s own employees).
There can be differences in certain regulations, depending on whether a data processor or a data controller is involved (e.g. if data subjects want to exercise their rights).
The GDPR also stipulates that there must be at least one independent data protection supervisory authority in each member state responsible for monitoring the application of data protection law.
Important
In the case of cross-border data processing, the one-stop-shop mechanism applies.
This means that EU citizens can always complain to the data protection authority of their Member State, regardless of the Member State in which the data was misused.
Do you believe that your privacy rights have been violated? Then you can file a complaint with your national data processing authority, which is empowered to impose a number of sanction.
Important
It is important to note that the GDPR has significantly increased the fines for those who break the rules. In extreme cases, these fines can now amount to up to 20 million euros or, in the case of companies, up to 4% of the worldwide turnover of the previous financial year.
With these figures, you can imagine how much more important data protection compliance has become for businesses.
In times of increasing digitalization and with the rise of the data economy, the protection of personal data is one of the key issues. It is therefore all the more crucial for everyone to know what the term data privacy actually stands for.
Definition
Data privacy, also known as information privacy, is an aspect of data security that deals with the proper handling of personal data. It refers primarily to the protection of individuals’ personal data against misuse.
Data privacy can thus be interpreted as the right to decide for yourself,
has access to your personal data.
The purpose of data privacy is therefore to ensure the privacy of individuals.
Did you know that the protection of personal data has been a fundamental right in Europe for years? In recent years, however, data protection has become even more important in practical terms. Technical developments and global networking facilitate the collection, processing, storage, dissemination and analysis of data.
Example
In the USA, there are already some very successful companies that specialize in collecting personal data. The records include, for example, name, gender, political affiliation, income and much more. Banks, insurance companies or other businesses buy this data to get background information, make credit decisions or optimize marketing activities.
You may be familiar with the scandal surrounding Camebridge Analytics, which is said to have used such data to significantly influence the elections of US President Trump?
Examples such as these clearly show that data privacy is important so that people stay in control of their personal information. Therefore, the main objective of the General Data Protection Regulation (GDPR) is the protection of personal data.
Since 25 May 2018, the GDPR has been in force.
As a European regulation, it is directly – i.e. mandatory – applicable in every European member state. National laws are therefore only of a supplementary nature. However, the GDPR also contains certain opening clauses (e.g. age limits can be shifted by national laws).
What is GDPR exactly? It is a legally binding regulation on the protection of individuals regarding the processing of personal data. The protection of company data only plays a role if it is personally identifiable (e.g. the data of employees, customers, suppliers).
GDPR aims to strengthen the rights of individuals, harmonise data protection law in the EU and improve the enforceability of data protection by uniform enforcement and high fines.
In order to give individuals more control over their personal data, the GDPR applies not only to all processing of personal data carried out by organisation within the EU, but also to organisations outside the EU offering goods and services to citizens of the EU. So if you are wondering whether the EU’s strict data protection guidelines also apply to, for example, US-based search engine operators offering their services to European citizens or social networks such as Facebook, the answer is yes.
It is important that you are familiar with some important terms introduced in GDPR. Let’s take a closer look at them now:
Definition
A data controller is the person (or business) who decides on the purposes and ways of processing personal data, whereas a data processor processes personal data on behalf of the controller (excluding the data controller’s own employees).
There can be differences in certain regulations, depending on whether a data processor or a data controller is involved (e.g. if data subjects want to exercise their rights).
The GDPR also stipulates that there must be at least one independent data protection supervisory authority in each member state responsible for monitoring the application of data protection law.
Important
In the case of cross-border data processing, the one-stop-shop mechanism applies.
This means that EU citizens can always complain to the data protection authority of their Member State, regardless of the Member State in which the data was misused.
Do you believe that your privacy rights have been violated? Then you can file a complaint with your national data processing authority, which is empowered to impose a number of sanction.
Important
It is important to note that the GDPR has significantly increased the fines for those who break the rules. In extreme cases, these fines can now amount to up to 20 million euros or, in the case of companies, up to 4% of the worldwide turnover of the previous financial year.
With these figures, you can imagine how much more important data protection compliance has become for businesses.