General Data Protection Regulation (GDPR) and Lucubrate
The General Data Protection Regulation (GDPR) is a comprehensive regulation that unifies data protection laws across all European Union member states. Lucubrate follows the regulation on collecting, storing, processing and managing personal data. Read about GDPR and Lucubrate.
What is the General Data Protection Regulation (GDPR)?
The General Data Protection Regulation (GDPR) is a comprehensive regulation that unifies data protection laws across all European Union member states. It defines an extended set of rights for European Union citizens and residents regarding their personal data. Consequently, it describes strict requirements for companies and organizations on collecting, storing, processing and managing personal data.
What is personal data?
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data that has been de-identified, encrypted or pseudonymized but can be used to re-identify a person remains personal data and falls within the scope of the law.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymized, the anonymization must be irreversible.
The law protects personal data regardless of the technology used for processing that data – it’s technology neutral and applies to both automated and manual processing, provided the data is organized in accordance with pre-defined criteria (for example alphabetical order). It also doesn’t matter how the data is stored – in an IT system, through video surveillance, or on paper; in all cases, personal data is subject to the protection requirements set out in the GDPR.
What does the General Data Protection Regulation (GDPR) govern?
Regulation (EU) 2016/679, the European Union’s (‘EU’) new General Data Protection Regulation (‘GDPR’), regulates the processing by an individual, a company or an organization of personal data relating to individuals in the EU.