The Era of GDPRAs of May 25, the European Union has begun enforcing The General Data Protection Regulation (GDPR), perhaps most stringent regulation to date on how EU citizens’ personal data is collected, processed and stored. The extensive data protection regulation does not only affect European businesses but all organizations handling the personal data of EU citizens. And how does the implementation of GDPR look in practice at RIALTO.AI and what does it mean for our platform and website users? Before answering this question, we shall lead you through some main points.
What is GDPR?GDPR is a legal framework that obliges companies and businesses to protect the personal data and privacy of their clients and users that reside in European Union. It covers all companies that collect, store, and process the data of EU citizens, especially banks, insurance companies, and other financial companies for transactions that occur within EU member state.
What is the background of GDPR?In April 2016, the European Parliament adopted the GDPR, replacing the outdated Data Protection Directive enacted in 1995. It is important to note that the GDPR is a regulation, in contrast to the previous legislation, which is a directive. A regulation is a binding legislative act and it must be entirely applied across the EU, while a directive is a legislative act that sets out a goal that all EU countries must achieve, and it is up to the individual countries to decide how. EU member countries had two years to adopt the Regulation which entered into force last Friday, on May 25. The issue with the 1995 Directive is that it became obsolete and therefore no longer relevant to today’s digital age. In other words, its provisions fail to address how data is stored, collected, and transferred today, meaning that it hasn’t been able to keep up with the pace of the levels of modern technological advancement.
What is personal data?Article 4(1) of GDPR defines Personal Data as follows:
Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.It’s important to understand that under the GDPR you have the right to the protection of your personal data, and you have the access to data which has been collected about you, furthermore, you have the right to have this data corrected.
Two protective rights under the GDPRFirst, the right of erasure, or the right to be forgotten. If you don’t want your data out there, then you have the right to request for its removal or erasure. Second, the right of portability empowers you to claim your data provided to us which you can then transmit to another service provider without hindrance from the controller to which the personal data have been provided.
RIALTO.AI and GDPRThe steps that we have taken towards the compliance with the GDPR are:
We appointed a Data Protection Officer (DPO) whose role will be:
- Informing and advising our team members who carry out the tasks related to the collection, storage, and processing of the data.
- Monitoring compliance with the GDPR.
- Cooperation with the supervisory authority.
Also, we updated our
Privacy Policy (
https://platform.rialto.ai/#/privacyPolicy) where we in a transparent and structured way explain what we use your data for, the reasons why we use it, and how long we store it. Furthermore, we explain the new rights you will be able to exercise and how to exercise those rights. For example, now you can:
- request the access to your personal data;
- request the correction of the Personal Information that we hold about you, request erasure of your Personal Information, object to the processing of your Personal Information;
- request the restriction of processing of your Personal Information;
- request the transfer of your personal data to you or to a third party, and withdraw consent at any time where we are relying on consent to process your personal data.
And what do you have to do now?PlatformIn order to enter the platform, you have to re-login and confirm that you have been informed about our new Privacy Policy and that you also consent to it. Before logging in, we advise you to clear the platform related cookies. The next thing you have to do is adjusting your Platform Email Notifications to your preferences in your User Account menu.
NewsletterWe would like to keep you informed of all the updates, activities, announcements, as we also want to share with you our performance reports. For that reason, we have created new newsletter subscription that allows you to select what content would you like to receive from our end. Follow our mission and subscribe (
https://my.sendinblue.com/users/subscribe/js_id/380uk/id/1)!