gdpr通⽤数据保护条例_关于通⽤数据保护法规(GDPR),
您需要了解的15件事
gdpr通⽤数据保护条例
The General Data Protection Regulation (GDPR) comes into force on 25th May 2018. Designed to strengthen data
protection and privacy for individuals within the European Union, it will have an impact on all organisations that collect data. To make sure you are fully informed about GDPR, here is a list of 15 things every organisation needs to know.
通⽤数据保护条例(GDPR)于2018年5⽉25 ⽇⽣效。旨在加强欧盟内部个⼈的数据保护和隐私,它将对所有收集数据的组织产⽣影响。 为了确保您完全了解GDPR,以下列出了每个组织需要了解的15件事。
GDPR给欧盟公民新的权利 (GDPR gives EU citizens new rights)
Under the GDPR, all EU citizens will have the following rights:
根据GDPR,所有欧盟公民均享有以下权利:
1. The right of access
1.访问权
GDPR gives EU citizens the right to know the details of any personal data you hold about them and how that data is processed and used. As an organisation, you are obliged to provide this information on request.
GDPR使欧盟公民有权了解您所拥有的任何个⼈数据的详细信息以及如何处理和使⽤这些数据。 作为⼀个组织,您有义务根据要求提供此信息。
2. The right to be forgotten
2.被遗忘的权利
People also have the right to be forgotten. This means that if a person requests it, you will be required to cease the processing of any data you hold about them and delete it.
⼈们也有被遗忘的权利。 这意味着,如果有⼈提出要求,您将被要求停⽌处理您持有的有关他们的任何数据并将其删除。
3. The right to data portability
3.数据携带权
If you hold data about anyone, they can now ask for that data to be passed to another organisation. This can make things like passing on ‘no claims’ histories from one insurer to another, much easier. However, it also means that customers
can use the records you hold about them to get better deals from your competitors.
如果您拥有有关任何⼈的数据,他们现在可以要求将该数据传递给另⼀个组织。 这可以使将“⽆索偿”历史从⼀家保险公司转移到另⼀家保险公司的事情变得容易得多。 但是,这也意味着客户可以使⽤您持有的有关他们的记录来从竞争对⼿那⾥获得更好的交易。
4. The right to be informed about data breaches
4.被告知有关数据泄露的权利
Some organisations have kept serious data breaches secret for months in order to protect them from bad publicity and other unwanted consequences. Now, customers have to be legally informed within 72 hours. You must also inform any supervising bodies.
⼀些组织已将严重的数据泄露保密了⼏个⽉,以保护它们免受不良宣传和其他不良后果的侵害。 现在,必须在72⼩时内将法律告知客户。您还必须通知任何监督机构。
5. The right to data correction
5.数据更正权
Under GDPR, any data you hold about an individual must be accurate. If it isn’t, they have the right to demand it is corrected.
根据GDPR,您持有的有关个⼈的任何数据都必须准确。 如果不是,他们有权要求将其更正。
要保护的数据范围 (Range of data to be protected)
windows media player 播放器Here is the range of data which you will be required to protect under GPDR.
这是在GPDR下需要保护的数据范围。
6. Identifying data
6.识别数据
Any information that can be used to identify an individual comes under the protection of GDPR, this includes information such as their name, address or National Insurance number as well as things like CCTV footage, car registration numbers and RFID chip data.
任何可⽤于识别个⼈⾝份的信息都受到GDPR的保护,包括其姓名,地址或国民保险号以及闭路电视录像,汽车登记号和RFID芯⽚数据之类的信息。
给领导拜年的祝福语7. Web data
7.⽹络数据
GDPR also requires the safeguarding of web data. This includes details of an individual’s location, their IP addresses and any cookie data.
GDPR还要求保护Web数据。 这包括个⼈位置,其IP地址和任何cookie数据的详细信息。
8. Demographic information
8.⼈⼝统计信息
If you collect any information that classifies individuals, this too comes under the protection of the new regulation. This includes data about gender, race, ethnicity, disability and sexual orientation.排骨做法
如果您收集任何对个⼈进⾏分类的信息,这也将受到新法规的保护。 这包括有关性别,种族,种族,残疾和性取向的数据。
9. Health, genetic and biometric data
9.健康,遗传和⽣物统计数据
Health, genetic and biometric data has become problematic over the last few years. Insurance companies, for example, can use this information as a basis for setting the costs of health insurance. And as biometric data is increasingly used for authentication, keeping it secure is absolutely crucial. For this reason, it too, is included in the data protected by GDPR.
在过去的⼏年中,健康,遗传和⽣物统计数据已成为问题。 例如,保险公司可以使⽤此信息作为设置健康保险费⽤的基础。 随着⽣物识别数据越来越多地⽤于⾝份验证,确保其安全绝对⾄关重要。 因此,它也包含在受GDPR保护的数据中。
10. Political affiliations
10.政治联系
While many people aren’t too secretive about who they vote for or which political party they support, plenty of others are. If you hold data about political affiliations, whether that is their membership of a particular party or just a political opinion gathered on a survey, it needs protection under the GDPR.
尽管许多⼈对投票对象或⽀持哪个政党不太保密,但其他许多⼈却对此保密。 如果您持有有关政治从属关系的数据,⽆论是特定政党的成员⾝份,还是调查中收集到的政治观点,都需要受到GDPR的保护。
对业务的安全性要求更⾼ (Greater security demands on business )
GDPR also brings in tougher data protection regulations for all organisations that collect and process personal data.
GDPR还为所有收集和处理个⼈数据的组织制定了更严格的数据保护法规。
11. Data protection by design
11.通过设计保护数据
中考查分From May, organisations will be required to implement reasonable data protection measures to protect EU citizens’personal data and privacy by design. ‘By design’ means that end to end measures need to be planned and put in place so that everything from the collection of data all the way to its safe deletion is taken into account. Part of this includes the requirement for organisations to undertake a data protection impact assessment in order to identify risks to data and outline measures to ensure those risks are addressed.
从5⽉开始,将要求组织实施合理的数据保护措施,以通过设计保护欧盟公民的个⼈数据和隐私。 “按设计”意味着需要计划并实施端到端措施,以便考虑从数据收集到安全删除的所有过程。 其中的⼀部分包括要求组织进⾏数据保护影响评估,以识别数据风险并概述确保解决这些风险的措施。
12. Creating a Data Protection Officer role
12.创建数据保护官⾓⾊
Any organisation that processes or stores sensitive data, significant amounts of personal data, or regularly monitors data subjects must create a Data Protection Officer (DPO) role within their organisation. This individual will have responsibility
for overseeing data protection, privacy and GDPR compliance. All public authorities (police forces, local councils, government organisations, etc.) must also have a DPO.
任何处理或存储敏感数据,⼤量个⼈数据或定期监视数据主体的组织都必须在其组织内创建数据保护官(DPO)⾓⾊。 此⼈将负责监督数据保护,隐私和GDPR合规性。 所有公共机构(警察,地⽅议会,政府组织等)也必须拥有DPO。
13. GDPR extends beyond the EU
13. GDPR超越了欧盟
GDPR is designed to protect the data and privacy of EU citizens. This means any organisation that holds data on EU citizens is required to comply with the regulation, whether based in the EU or not. This will have an impact on companies like Google, eBay and Amazon that collect web data from users in the EU. It will also affect many smaller international companies that trade in the EU, for example, app-based companies, game providers and online retailers.
GDPR旨在保护欧盟公民的数据和隐私。 这意味着任何拥有欧盟公民数据的组织都必须遵守该法规,⽆论该法规是否基于欧盟。 这将对像Google,eBay和Amazon这样从欧盟⽤户中收集⽹络数据的公司
产⽣影响。 它还将影响在欧盟进⾏贸易的许多较⼩的国际公司,例如,基于应⽤程序的公司,游戏提供商和在线零售商。
14. GDPR will continue after Brexit
14.英国退欧后GDPR将继续
The UK has always played a leading role in protecting data. The UK’s Data Protection Act was passed in 1984, 11 years before the EU got around to issuing its Data Protection Directive in 1995. The UK government is committed to ensuring
that the rights and responsibilities enshrined in GDPR are maintained after we leave the EU.
英国在保护数据⽅⾯⼀直发挥着领导作⽤。 英国的《数据保护法》于1984年通过,⽐欧盟在1995年发布其数据保护指令要早11年。英国政府致⼒于确保我们离开欧盟后保持GDPR中规定的权利和责任。
15. Big fines for non-compliance
15.对违规者处以巨额
The size of the fines which can be given to organisations that do not comply with GDPR is an indication of how determined the EU is to tackle issues with data protection and data privacy. From May, the maximum fine will be €20 million or 4% of an organisation’s annual global turnover, whichever is higher. This can be levied for failing to adhere to core principles of data processing, infringement of personal rights, or for transferring personal data to other countries or organisations that do
not ensure an adequate level of data protection.
可以向不符合GDPR的组织处以的数额表明了欧盟如何确定解决数据保护和数据隐私问题的决⼼。 从5⽉开始,最⾼将为2,000万欧元或组织全球年度营业额的4%,以较⾼者为准。 可能由于未遵守数据处理的核⼼原则,侵犯个⼈权利或将个⼈数据传输到其他国家或组织⽽⽆法确保⾜够的数据保护⽔平⽽被征收。
The issue of transferring data to countries or organisations with less adequate data protection should be a major concern for any company that has a website. If your web host has data centres outside of the EU, it is possible that the information you collect could be stored on less secure servers without your knowledge – and this could mean you are unwittingly breaching GDPR compliance. The same applies if your web host does not provide adequate security even if it is within the EU.
对于任何拥有⽹站的公司,将数据传输到数据保护不⾜的国家或组织的问题应该是⼀个主要问题。 如果您的⽹络托管服务商在欧盟以外设有数据中⼼,则可能会在您不知情的情况下将您收集的信息存储在安全性较低的服务器上–这可能意味着您⽆意中违反了GDPR法规。 如果您的虚拟主机不在欧盟范围内,也⽆法提供⾜够的安全性,则同样适⽤。
eUKhost如何照顾您的数据 (How eUKhost looks after your data)
致自己结婚纪念日短句Firstly, all eUKhost datacenters are based in the UK. None of the information you collect and process is stored or backed up abroad.
⾸先,所有eUKhost数据中⼼都位于英国。 您收集和处理的任何信息都不会存储或备份到国外。
In addition, eUKhost has been preparing for GDPR since it was announced in 2015. That has given us plenty of time to put in place everything needed to protect the data we hold about you and help you protect the data you hold about others.
此外,eUKhost⾃2015年宣布以来就⼀直在为GDPR做准备。这给了我们充⾜的时间来部署保护我们所拥有的有关您的数据并帮助您保护所拥有的有关其他数据的⼀切所需的⼀切。
We use verified email addresses and unique security pins to authenticate your identity; we require di中餐厅第四季国内录制
rect consent before making changes to your account; we use SSL encryption to secure personal identification; and, of course, we never share your information with third parties unless we’re legally obliged.
我们使⽤经过验证的电⼦邮件地址和唯⼀的安全性密码来验证您的⾝份; 在更改您的帐户之前,我们需要直接同意; 我们使⽤SSL加密来保护个⼈⾝份; 并且,当然,除⾮有法律义务,否则我们绝不会与第三⽅共享您的信息。
At eUKhost, all our database engineers are fully trained to maintain and secure data in compliance with the most stringent industry regulations. Private data is secured using mod security rules and fool-proof physical, electronic and managerial procedures, and we backup shared servers to avoid data loss in case of disasters.
在eUKhost,我们所有的数据库⼯程师都经过全⾯培训,可以按照最严格的⾏业法规维护和保护数据。 私有数据使⽤mod安全规则以及防呆的物理,电⼦和管理程序来保护,我们备份共享服务器,以免发⽣灾难时丢失数据。
If you are looking for highly secure hosting from a GDPR complaint web host, to see the wide range of hosting solutions we provide.
如果您正在寻来⾃GDPR投诉⽹络主机的⾼度安全的主机, 以查看我们提供的各种主机解决⽅案。
gdpr通⽤数据保护条例
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论