Starting on 25 May, 2018, new rules on the protection of personal data apply in all the Member States of the European Union. They are settled in the so-called General Data Protection Regulation - GDPR. The new legal framework preserves a number of fundamental principles and concepts from the current regulatory framework, but at the same time introduces higher data protection standards, extended rights for individuals and new obligations for data controllers.
What are personal data according to GDPR?
- ordinary personal data - name and surname; address; e-mail; bank account data; IP address, and cookies – traces of Internet activity; geolocation
- Personal Identification Number (PIN)
- (sensitive) personal data - data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or membership of trade unions, genetic data, biometric data, health data, or data on sexual life or sexual orientation.
In Bulgaria the Personal Data Protection Commission is responsible for the regulation. It shall be part of a common permanent body for control at European level. There are several ways a company can be found to be non-compliant with the GDPR:
- After an inspection by a Bulgarian body and mostly - by a foreign control body
- Upon customer complaint
- Following a signal from a competitor
- In case of security breach and data leakage
One of the main mechanisms to ensure compliance with the high standards of the Regulation by all administrators who are required to apply Regulation 2016/679 is that data protection supervisors may impose significant administrative penalties of up to € 20 million or up to 4% of the total annual world turnover, whichever is the higher.
The Data Protection Commission has issued guidelines to help citizens, businesses, especially small and medium-sized enterprises (SMEs) and other organizations, respect and benefit from the new data protection rules.
Changes in Moneta Business System?
All our subscription customers will have a new version of Moneta Business System uploaded. It has new features in relation to the new privacy rules. A file will be sent via email with detailed instructions on the changes made and how they work.
GDPR - https://www.cpdp.bg/index.php?p=element&aid=1099
PRACTICAL ISSUES ON PERSONAL DATA PROTECTION AFTER 25 MAY, 2018 -
TEN PRACTICAL STEPS ON GENERAL DATA PROTECTION REGULATION APPLICATION -
BE INFORMED - https://www.cpdp.bg/?p=rubric&aid=4
INFORMATION VIDEOS - https://www.cpdp.bg/?p=element&aid=1105