For a legitimate democracy, Europe has a new “Data Protection” and “Privacy Law”. The new framework for data protection in Europe is called “General Data Protection Regulation – GDPR”. The change in EU Data Protection Directive (1995) was approved on 27 April 2016. In 25 May 2018, the EU Data Protection Directive (1995) will be replaced by the General Data Protection Regulation – GDPR. It is directly applicable without any legislation from national government.
The EU New Data Protection Rules will not only protect the individual data but also expand the business opportunities and innovation.
The “General Data Protection Regulation – GDPR” will be applicable on all the companies in Europe union over the personal data for individuals. The basic purpose for this is to protect the personal data and privacy. In 1995, the Data Protection Directive was applicable only on the large organizations. Now New Data Protection Rules are applicable on all types of organizations, Who have personal data of European’s citizen and also working as online business. The Consent of individual of their personal data is very important for the companies to keep the records under the New Data Protection Rules.
Article 8(1) of the Charter of Fundamental Rights of the European Union (the ‘Charter’)
Article 16(1) of the Treaty on the Functioning of the European Union (TFEU) provides the protection and privacy on personal data.
Privacy means to keep the personal data and matters secret. The business processes are developed according to the requirement of Data Protection. Sometime the business processes that use the personal data of individual have an impact on their privacy. The Individual have right and they can appeal to keep their record in special context.
Data protection refers to the process of protection of information. Information includes the Person’s name, date of birth, place of birth, permanent residence, photographs, cell phone numbers. The deceased persons also have the same rights of protection on their personal data. The particular categories of personal data includes the protection of health related purposes to meet the objective of public interest, quality control, system of social care and monitoring of continuity of health.
The processor and controller perform the activities as a data protection officer (Article 37). The data protection officer performs his tasks and protects the data by providing the necessary resources, advice, through monitoring the operations and performance. They also work as a coordinators and cooperate with other supervising authorities.
Under the Article of 83, the administrative fines depends on the situation and the individual case, nature and intentional violation of regulations.
Under the Article of 84, penalties are relevant to the violation of the regulations that are specific and not related to the administrative fines to Article 83. Everyone must certify and takes into consideration all the compulsory measures without any delay.