RGPD - Users regain control
March 26, 2018
THE RGPD seeks to clarify and harmonize personal data processing methods while placing the individual at the heart of the legal framework. How many times have you received an e-mail from an unknown company offering an unknown product that you have absolutely no use for? How many times have you asked a single company to remove you from their database, as you no longer wish to receive their newsletters or promotional offers? How many times have you seen your data used "against" you? In your private and/or professional life? How many times? Thanks to the new European regulations, you won't have to deal with these kinds of problems any more. At least, companies will be severely penalized in the event of non-compliance.
Full control over your personal data
In 2015, more than 75% of Internet users were concerned about their privacy in the digital age, and 70% felt they had only partial control over their personal data, despite the laws already in place.Every European citizen will now have the opportunity to impose the application of the RGPD and assert the rights and guarantees that accompany it on any company (European or otherwise) that collects their personal data, thus limiting intrusions into the individual's private and or professional life.
The right to be forgotten
You were already familiar with the right to modify and withdraw your data, which involves, as the name suggests, modifying your personal data or removing it from a company's database.The RGPD adds the right to be forgotten: "the data subject has the right to obtain from the controller the erasure, as soon as possible, of data relating to him or her, and the controller has an obligation to erase such data as soon as possible" (Article 17). It can be requested on 6 grounds:
data no longer required
the person concerned withdraws his/her consent
objects to the processing of his/her data for canvassing purposes
the data has been processed unlawfully
data must be deleted to comply with a legal obligation
the data has been collected as part of a service offering aimed at minors
This means that you can ask companies to delete your personal data, stop disseminating it and prevent third parties from accessing and using it.
Profiling
According to Consider 71 of the RGPD "any form of automated processing of personal data intended to evaluate personal aspects relating to a natural person, in particular to analyze or predict aspects concerning the data subject's work performance, economic situation, health, personal preferences or interests, reliability or conduct, or location and movements, where it produces legal effects concerning the person in question or similarly affects him or her significantly. "The RGPD will also intervene on this point. This is all the more important as most of the personal data concerning us and available on the web does not come from a conscious deposit of data on our part, but from a complete traceability of our entire web browsing. FromMay25,2018, you will beable to request that your data be forgotten for commercial purposes, thus preventing Big Brother from watching you and regaining control of your consumption and your private life.
Consent
If a company or organization is not in a contractual relationship or under a legal obligation, is not pursuing the general interest or vital interests of an individual, or does not have a legitimate reason for holding personal data on them, they are not entitled to process it unless the user has given their explicit consent beforehand. The company will now have to obtain the explicit consent of the persons concerned to the processing of their personal data for commercial purposes (or marketing, statistical analysis, resale to third parties, etc.) and create a register to prove this to the CNIL and the persons concerned.The right to be forgotten is fundamental to the respect of privacy, especially in the digital age where everything remains hidden somewhere on the net and can have harmful repercussions for the user. In the past, you had to justify your request for the deletion of your personal data by one means or another. Today, the emphasis is on the data controller, who will have to justify the refusal of the request. As a private individual, if you notice a breach of the regulations, you can complain to the relevant legal institutions (CNIL).The General Data Protection Regulation today aims to protect consumers and individuals from any abuse by companies and institutions, to give them back control over their personal data while simplifying the regulatory environment for companies. Good news in the digital age!