GDPR

GDPR

The General Data Protection Regulation (GDPR) is a privacy and security law in the world. It was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target and collect data related to people in the EU.

Basic GDPR terms:

Personal data:

It refers to any information that relates to an individual who can be identified directly or indirectly. Names, email address, location, ethnicity, gender, biometric data, religion, political opinions, web cookies falls under the personal data.

Data processing:

Manual or automated action performed on data which includes collecting, recording, organizing, structuring, storing, erasing.

Data subject:

Your clients or site visitors.

Data controller:

The person who has an authority to decide why and how the data needs to be processed. If you are the owner or the decision maker for an organization, you become the Data controller.

Data processor:

The person who has an authority to decide why and how the data needs to be processed. If you are the owner or the decision maker for an organization, you become the Data controller.

Right of the Data Subjects:

Kasplo permits its Data controller (Customer/Client) to comply with their user’s/site visitors (Data subject) requests to adapt and exercise the rights of the Data subject under Article 12-23 of GDPR.

Right of access by the Data subject:

The data subject has the right to obtain from the controller confirmation whether they want their personal data can be used.

Right to rectification:

The data subject has the right to update/correct any inaccurate data concerning their information maintained by the controller. If the controller has disclosed the misinformed details to the processor, the controller needs to inform the data subjects of the rectification whenever its possible.

What is the role of Kasplo in it?

Controllers are provided with a facility to delete user profile data as necessary.

Right to delete (erasure):

The data subject has the right to get the personal data deleted from the controller.

What is the role of Kasplo in it?

Controllers are provided with the facility to delete the data as necessary.

Right to restriction of processing:

The data subject has the right to restrict the processing of data due to the inaccuracy of personal data, the processing is unlawful or the controller no longer needs the personal data to be processed.

A data subject who has obtained the restriction of data processing shall be intimated by the controller before the restriction is lifted.

What is the role of Kasplo in it?

Controllers are provided with the facility to restrict the processing of the data.

Right of data portability:

The data subject has the right to receive a copy of their personal data collected by the controller. The copy should be well structured, should be machine readable. The data subject has the right to transmit the data to another controller without any restriction from the original controller.

What is the role of Kasplo in it?

Controllers are provided with the facility to export data as necessary.

Right to object:

The three basic rights that needs to be followed in regards with objection of processing of personal data under GDPR:

  1. For direct marketing
  2. Scientific, historical research or statistical purpose.
  3. Processing based on specific purposes or which is justified on a particular basis.
What is the role of Kasplo in it?

Controllers are provided with a facility to restrict the data whenever objection has been raised.

For any further queries, kindly drop an email to [email protected]