GDPR Compliance
Appreus in its work strictly adheres to the provisions set out in the General Data Protection Regulation (GDPR), accepted in the EU.
It is known, the GDPR primarily gives citizens control over their own personal data, and also simplifies the maintenance of the regulatory framework for various types of international economic relations by unifying regulation within the EU.
Key applied GDPR principles:
- Legality, fairness and transparency — there must be legal grounds under the GDPR for the collection and use of data, non‐violation of any laws, openness, honesty from beginning to end about the use of personal data;
- Purpose limitation – processing should be limited to what has been declared to the data subject. All specific tasks must be enshrined in a privacy policy and must be strictly observed;
- Data minimization – the use of the minimum necessary amount of data to achieve the goals;
- Accuracy — personal data must be accurate and not misleading; erroneous data is subject to correction;
- Restriction of data storage – do not store data longer than necessary, periodically audit data and delete unused data;
- Integrity and Confidentiality/Security – store data in a safe place and pay sufficient attention to the safety of data;
- Accountability — responsibility for the processing of personal data and compliance with all other principles of the GDPR, including records of confidentiality, protection, use, data verification by a data protection officer: DPO (data protection officer).
The important thing is that the GDPR applies to both the one who processes the data (processor) and the one who collects the data (controller). The controller determines the purpose and meaning of the processing of personal data, while the processor is responsible for the direct processing of the data, but both are responsible for compliance with the GDPR.
Designed by Appreus Studio
© 2005–2022. Appreus LLC. All rights reserved