The deadline for GDPR is approaching: 25.05.2018. But what is GDPR? This legislation is Regulation (EU) 2016/679 of the European Parliament and of the Council, which covers all organisations that process data of European individuals. The Regulation was created to set out the conditions for data processing, enhance data protection and help data subjects to exercise their rights, thereby strengthening consumer confidence.
We are prepared to meet our legal obligations, both as Data Controller and Data Processor.
As data controller, we are responsible for the protection of the data of our own Subscribers (including individuals, data subjects) and for the lawfulness of data processing.
We take full account of the principles of data management (lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, limited storage, integrity and confidentiality, accountability) and process our Subscribers' data for the purposes of the contract, on the basis of legal obligations and consent. All this is made available through our Online Customer Service and our Customer Portal, which also allows for data portability.
If our company's Subscribers upload personal data in the hosting or billing service they use, due to the technical operation of storing the data on the devices, our company will be the Data Processor in the Subscriber's data management process as Data Controller.
The GDPR has instructions to the data processor too. Part of this requirement is a written contract between the Data Controller (Subscriber) and the Data Processor (MediaCenter), which is set out in our company's General Terms and Conditions.
General Terms and Conditions from 25.05.2018
For more information about our organisational, administrative and technical measures taken to protect your data in our data processing and hosting activities, please see the following page: Data Processor Information
What should you consider when you store personal data with us?
- the contractual obligation between the Data Controller and the Data Processor is fulfilled by the GTC, so it is no longer an administrative burden,
- at the same time, it is important to review its own data management practices, data management principles, new legal bases for data management,
- only store data that is compliant with the GDPR,
- list our company as a data processor in your policy (similar to other data processors such as couriers, credit card accepting financial institutions, etc...)
- review your mailing practices to make sure you have the right subscriptions,
- pay even more attention to regularly updating programs and plug-ins uploaded to your hosting to prevent a data breach.