As a data controller and data processor, Rianu understands its responsibilities. Data security is at the core of Rianu.
- We have outlined a number of actions you should consider, however you must implement your own due diligence and comply with regulations on how you collect and use personal data.
- Obtain and process information fairly.
- The data must be kept for a specified, lawful purpose.
- The data should be used and disclosed only for the specified purpose.
- The data must be kept safe and secure.
- The data must be up to date, accurate and complete.
- The data must be relevant, adequate but not excessive.
- The date must be retained for no longer than is necessary.
- A copy of the data must be made available to the data subject, on request.
- Review all personal data, existing privacy policies and put the necessary processes in place.
- Appoint a dedicated team and communicate the importance of GDPR with everyone involved in the organization.
- Put in place a procedure to respond to data subject requests for access, rectification, objection, restriction, portability, and deletion (right to be forgotten).
- Implement appropriate security measures and processes to respond to any security breaches.
- Ensure a record is stored for all necessary data, consent forms, privacy policies and procedures, training materials, and data transfer agreements.
- GDPR's main goal is to protect the rights of EU citizens to data privacy and to ensure transparency, security and accountability by data controllers and processors.