top of page

Data protection & privacy - GDPR & IT law

The EU's new Data Protection Regulation General Data Protection Regulation, GDPR, which entered into force on 25 May 2018, entails stricter requirements for the handling of personal data. Today, higher demands are placed on routines and processes for secure handling of registers, as well as requirements for a responsible management level. Personal information is all kinds of information that can be linked to a living person. These can be names, addresses, social security numbers and photos (eg on social media). Even audio recordings stored digitally can be personal data. The organization number of a sole proprietorship can in some cases be a personal data as well as the registration number of a privately owned car. According to the GDPR, a legal basis is required for your company to be allowed to handle personal data.

The new data protection regulation applies to all organizations and industries that store or in some way handle personal and sensitive information about their employees or customers.

According to the data protection principles, personal data must

  • processed in a legal, correct and transparent manner in relation to the data subject.

  • treated confidentially and securely

  • collected and processed for a specific, explicit and lawful purpose

  • collected only to the extent necessary for the purpose of processing personal data

  • always updated when needed - inaccurate and incorrect personal data must be deleted or corrected without delay

  • stored in a form that allows the identification of the data subject only for as long as is necessary for the purposes for which the personal data are processed.

The data protection principles must be observed in all phases of the processing of personal data. The data controller must be able to show that the data protection principles are observed.

IT law deals with legal issues that information technology has given rise to. As a legal subject, IT law extends over several traditional areas of law, such as  contract law, copyright, personal integrity, freedom of information and expression, criminal law, administrative law and telecommunications law. In contexts where IT law is brought up to date, these are often different types of digital services provided to customers, such as cloud services or outsourcing. With digitalisation, it is in principle necessary for all businesses to stay up to date on IT law in order to fulfill their obligations and rights towards the environment.  

  • Facebook
  • Twitter
  • LinkedIn

© 2021 by wipr. Created with Wix.com

bottom of page