GDPR (General Data Protection Regulation)

Introduction

The General Data Protection Regulation (GDPR) sets out in detail the requirements for the collection, storage and management of personal data by businesses and organisations. The requirements apply to European organizations that process personal data of individuals in the EU, but also to non-EU organizations that target individuals living in the EU.

 

Which Businesses it concerns

GDPR regards all companies, regardless of their activity sector and size, that collect and process personal data and are based in the EU. (regardless of where this data is processed. It also concerns companies that may be based outside the EU but process data that concern products and services within the EU

 

What is Personal Data   

Personal data is all information relating to an identified or identifiable person, who is called a data subject. Personal data contains information such as name, address, email, identity card/passport number, A.F.I. income, cultural profile, internet protocol code  (IP), data held by hospitals or doctors etc.

 

Data protection

The regulation requires the implementation of appropriate technical and organizational measures to ensure that, by default, only the data necessary for the purpose of the processing are processed. The data controller and the processor of SEM-S apply appropriate technical and organizational measures in order to ensure the appropriate level of security, as also in general in the context of our company's Information Security (Information Security Policy). In the event of a breach of Personal Data , we are obliged at the moment the violation is noticed, to inform the competent supervisory authorities and the natural person.