Everything you need to know about GDPR regulation

[jrineakter]

All companies that store information about European individuals are required to comply with the GDPR, a European regulation that comes into force on May 25. In this article we detail what the new law consists of, how it affects companies and what rights the user has. In addition, we explain how to make use of your rights within Holded.

What is GDPR?
This acronym that we have been reading and hearing so many times over the last few days refers to the General Data Protection Regulation, the new European regulation that governs the personal data that companies keep.

In Spain, the GDPR replaces the Organic Law on the Protection of Personal Data (LOPD) and, as in the rest of the countries of the European Union, will come into force on Friday, May 25, 2018.

READ MORE: Why your inbox has been filled with emails about privacy policies

Although Holded is not a company focused on studying laws and new regulations, we are working to inform ourselves and conveniently comply with the legal requirements that regulate the handling of our users' data. Theoretically, with the GDPR, each user who provides their data must explicitly authorize the transfer of this data for a specific purpose.

Without this authorization, the company will not be able to process personal data in any case – for example, the data of mailing subscribers. In fact, the new regulation affects all greece number data processes in which the company processes personal data, regardless of whether they are clients, employees or suppliers. Some examples where personal data is managed are loyalty cards; when an email address is given to be informed of promotions; when someone registers on a website to be able to operate within it; when the employee is on the company's social networks; etc.

Who is affected by GDPR?
The regulation affects any company from anywhere in the world that has data of individuals of European nationality, that is, from any country in the European Union.

What rights does the user have under the GDPR?
Until May 25, each company is fully responsible for carrying out all necessary actions to comply with the GDPR regulations. In this case, Holded complies with the four rights associated with the law, which we will now describe:

Right to portability
The right to portability is the right of any person to request the data collected by the company about them in an acceptable format such as EXCEL, in order to be able to access it and take it to another environment or platform.

Holded complies with this right: from the Settings icon, in the upper right corner, you can access your Account and export all your information. The data will be downloaded in Excel, a format accepted by the GDPR.

Right to be forgotten
The right to be forgotten is one of the most important rights in this new regulation. The GDPR establishes that any person has the right to request that a company permanently delete their data. In any case, the right to be forgotten has some exceptions, and companies may store data for legal protection purposes, that is, to be able to demonstrate compliance with certain regulations, or in the case of data that may be requested by judicial authorities, they may also be stored even if the user requests their deletion. The storage period for this data will always be that determined by the legislation associated with that data.

Likewise, in the Settings icon and then in the Account section, the user can delete their Holded account and all the data associated with it.