Listen to the Data dives podcast about GDPR, featuring Jan Wouter Jansen
We get asked about 20 times a day if we agree with cookies, this is too much and this is why we don’t read it anymore and just click AGREE to get rid of the irritating box in the middle of the screen.
I have found myself agreeing with push notifications from lots of news sites that cleverly abused the fact that people are fed up with the irritating cookie consent pop-ups. Don’t get me wrong I completely agree with the ability to withdraw your consent with commercial cookies, but maybe we need a different way to do this.
The Spanish authority personal data had fined a debt collector for using an e-mail address that every co-worker could read, this address was not handed over by the client.
AP therefore fined GESTIÓN DE COBROS, YO COBRO SL for an article 5 breach, costs: 60,000.00 Euro’s
A lot of companies claim to be compliant with GDPR, but when requested for example an art. 15 request: “The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information”
There is not always a correct response. Then what can you do, ofcourse there always is the AP (authority personal data), but they are slow and not always interested in your problem.
You can also contact us, so we can correspond with the company that does not comply and get them to comply for you.
contact us for help on firstname.lastname@example.org
How to get compliant with GDPR
Getting compliant can be really complex and a pain if you do this for the first time or will do this for just one company. We can help you analyse where personal data is comming into your company, what is being saved and what is shared with other entities.
When this is done we put this in a data register and from there we will apply GDPR we also explain how to manage this internally so the value for money for hiring us will be maximized.
Please contact us if you need help, so far we helped a lot of companies in and outside the EU.
Wasn’t there a privacy law before GDPR? Yes there was, and there is a long history of data protection acts starting with convention 108 1981.
People act as if GDPR is new and they never heard of a privacy law before. I think this is because before you had to specify your damages in civil court against the company that infringed your privacy, much later there were small fines and in 2016 AP got the right to fine a maximum amount of € 820.000. The new EU law has a different trick up its sleeve called article 83, this really got our attention.
Article 83.5 of GDPR: “5. Infringements of the following provisions shall, in accordance with paragraph 2, be subject to administrative fines up to 20,000,000 EUR, or in the case of an undertaking, up to 4 % of the total worldwide annual turnover of the preceding financial year, whichever is higher: “
Please call if you want us to help you get compliant!