GDPR Services Malta
The General Data Protection Regulation (EU) 2016/679 (GDPR) came into effect across the European Union on the 25th of May 2018. Essentially, this Regulation repealed the then Data Protection Directive 95/46/EC.
In 2016, the EU decided that the Directive should be replaced for legal certainty and harmonisation purposes. Locally, the Data Protection Act (Chapter 440 of the Laws of Malta) was replaced by Chapter 586 of the Laws of Malta to reflect the new Regulation.
The above-mentioned mainly covers data protection and privacy for all data subjects within the EU and the EEA as well as strives to regulate how personal data is processed by Data Controllers and Data Processors.
DWP has been preparing for the coming into force of this Regulation since 2016, and GDPR Services form part of the services being offered by DWP Dr. Werner and Partner, which include but are not limited to the following:
- Legal advisory services
- Training for employees dealing with personal data
- Drafting of privacy policies, procedures, agreements, addendums and other notices
- Checking which cookies are being used that have to be provided to be GDPR Compliant.
DWP has a GDPR Compliance Team who is responsible for matters relating to privacy and data protection. The Team may be reached on firstname.lastname@example.org or by calling on +356 21377700.
WHEN WAS THE REGULATION ADOPTED?
The Regulation (GDPR) was approved in 2016 and came into force 2 years later on the 25th of May 2018.
IS THERE A DIFFERENCE BETWEEN REGULATION AND DIRECTIVE ?
A Directive is a non-binding legislative act. A Regulation is a legislative act which is binding in nature.
Hence, whilst Member States were not obliged to adopt the 1995 Data Protection Directive, but could do so at their own discretion, with the introduction of the GDPR, Member States now have an inherent obligation to transpose this new Regulation within their domestic legislation.
DOES THE GDPR AFFECT ME?
If you are an organisation operating within the EU, it affects you… but not only. GDPR also applies to organisations outside the EU given that they offer their services to data subjects within the EU. If data is being processed and held within the EU, then GDPR applies.
WHAT HAPPENS IF I AM NON-COMPLIANT?
Organisations may be fined up to 4 percent of their annual global turnover if there is a GDPR Breach or a fine of €20,000,000. These are the maximum fines imposed however it depends on the breach. GDPR rules applies to each processor and controller so do not take GDPR for granted.
IS MY NAME AND SURNAME PERSONAL DATA?
Short answer is yes. Personal data refers to any information which can, directly or indirectly identify a person. By processing the name and surname of an Individual you will automatically fall under the regulation as you would be processing personal data. Personal data is not just your name and surname but includes numerous personal identifiers.
DATA PROCESSOR VS DATA CONTROLLER?
A data controller is the entity that determines the purposes, conditions and means of the processing of personal data. On the other hand, a data processor is an entity which processes personal data on behalf of the data controller.
IS CONSENT NECESSARY ?
Lengthy terms and conditions no longer do the trick. Under GDPR, consent needs to be obtained in a transparent manner and needs to be explicit. In some cases, consent is necessary however not every thing revolves around consent.
WHEN IS EXPLICIT CONSENT STRICTLY NECESSARY ?
Explicit consent is a must when processing sensitive personal data – (no pre-ticked boxes). For other personal data clear-cut consent will suffice.
IS MY MARKETING STRATEGY AFFECTED BY GDPR
In this digital age, marketing strategies are crucial for the operation of a business, however people working in marketing have to make sure that they are following GDPR and e‑Privacy rules.
WHAT ABOUT MINORS AS DATA SUBJECTS?
When a minor under 16 years of age is a data subject, parental consent is required for the processing of personal data.
SHOULD I PANIC IF I MISSED THE DEADLINE?
Due to the fact that non-compliance with the GDPR may impose higher fines on yur organisation, this requires your immediate action.
That is why we are here to help.
Contact us NOW to guide you on how to get your organisation up and running in accordance with the new GDPR obligations.