10 Points List GDPR - thoughtless implementationEverything could be so simple... If someone says we should delete their data, then we'll just delete all of their data... But unfortunately it's not that simple. Because when it comes to data, a distinction must be made as to whether it might be needed again under certain conditions or not. Certain data may still be needed, for example, to fulfill legal obligations or to assert, exercise or defend legal claims. In these cases, deletion of the data is not necessary and the objection to processing or deletion request is therefore invalid.
8. Believing that you are finished with the GDPR implementation
10-point GDPR checklistThere are some things that never end. The bangladesh number dataset implementation of data protection guidelines is one of them. Small legal changes can always occur or the state of the art technology is no longer the most up-to-date and needs to be updated. In addition, everyone has to keep a register of their processing activities and unfortunately this does not maintain itself. So there are always changes here, such as new processors being added.
9. “Forgetting” reports to the supervisory authority
10-point GDPR checklist - "forgetting" reports to the supervisory authorityFirst of all: "Sorry, I forgot" is not a good answer here. To avoid escalations, it is best to draw up an emergency plan for data spying beforehand. If incidents that require reporting occur, the company's data protection officer should always be informed first. Then it should be checked whether a "violation is unlikely to lead to risks to the rights and freedoms of individuals". In this case, the data protection authority would not need to be informed.
10. Ignore the EU GDPR as much as possible, because data protection advocates have the “big guys in their sights”
10 Points GDPR Checklist - Ignore EU GDPR as Much as PossibleIn principle, this statement is not entirely wrong. Data protection advocates are primarily concerned with targeting companies such as Facebook, Google & Co. and getting them to rethink their approach. Up to now, these companies have not placed much importance on where data ends up. But that is not a free pass. Regulatory authorities must investigate every complaint, regardless of whether it is a large corporation or a 10-person company. Incidentally, anyone who has already come to the attention of the authorities in the past should be particularly cautious, as such companies will certainly be examined first.