Directive (EU) 2016/679 of the European Parliament and of the Council of 25 April 2016


Rapid technological developments abd globalisation have brought new challenges for the protection of personal data. The scale of colletion and sharing of personal data has increased significantly. Those developments require a strong and more coherent data protection framework in Union for creating trust and develop digital economy across the internal market.

(p.(6-7), Directive 2016/679)

What is it about

The objective is to ensure the protection of personal data of natural persons, also with regard to online activity. The entities that collect and process the personal data must provide a clear free-of-charge consent and legal basis, ensure protection, high availability, security, assessment and continious testing of their systems. They must also provide an information upon data subject request (natural person) and a right to be forgotten.

Sorinfa GDPR Presentation

Available on request

What do we have to do?

If you are collecting/proccessing personal data of EU citizens, you must be compliant to the regulation. The purpose of collection and data processing with a legal basis should be clearly given to the natural person. The concept of pseudonymisation must be hold. You are responsible for ensuring of quality of your IT systems and reporting to the supervisor authority in case of data breach. You should design a Data Protection Officer to take responisbility of GDPR compliance. You should also provide an information about data processed to data subject and erase data if required.

What can natural person do?

Request to the entity about personal data being processed and has a right to be forgotten. He or she can also lodge complaint to the supervisor authority

Interested in more details?

Get in touch with us and request a meeting to get more insight in GDPR content