22/11/2019 State Data Protection Inspectorate published a summary of inspections of rental companies and evaluated the implementation of the data minimization principle and the obligation to inform the data subjects
The EU General Data Protection Regulation (GDPR) came into effect as of 25th of May with the aim of strengthening cybersecurity, increasing privacy for EU citizens and unifying data legislation from across the European Union. GDPR aims to enshrine EU citizens’ right to privacy by giving them back control of who holds their personal data, how it is used and how well protected.
GDPR applies to all organizations holding and processing EU resident’s personal data, regardless of geographic location. Many organizations and companies outside the EU are unaware that the EU GDPR regulation applies to them as well. If an organisation offers goods or services to, or monitors the behavior of EU residents, it must meet GDPR compliance requirements. It means that it does not matter where the company is established, the most important fact is the fact of processing the personal data of EU residents.
ECOVIS ProventusLaw helps for companies by:
– Reviewing and adapting business processes to comply with GDPR requirements;
– Performing an impact assessment on data protection;
– Arrangement of internal documents related to personal data;
– Preparation for the implementation of the rights of data subjects;
– Appointment a Personal Data Officer, if necessary.
– Ensuring the security of personal data (adaptation, review of appropriate technical and organizational measures).
– Preparation for the recording of data processing activities.
More about Data protection you can find under https://ecovis.lt/data-protection/
The experience by ECOVIS ProventusLaw include:
ECOVIS ProventusLaw advises on all regulatory issues of data protection. We represent clients in their registration as data controllers, develop privacy policies and advise on issues related to them. Our lawyers also advise on issues of processing of personal data, personal data of employees and data transfer to third parties, represent clients in the State Data Protection Inspectorate, in courts and in the investigation of data protection infringements.
The Court of Justice of the European Union (CJEU) ruled on that the consent is not validly constituted if, in the form of cookies, the storage of information or access