News
Data Protection Regulation: when, who and for what?
On 26.5.2018, the new Data Protection Act comes into force, obliging almost all website operators to provide a legally compliant privacy policy and largely secure data transfer. Operators must also optimize log files, registration options, the use of cookies, and the use of analytics or tracking services. An exception to the rules can only be websites that are used exclusively for personal or family purposes.
Why we have such acute need of action now?
Violations of the new data protection law threaten not only with high fines. Lawyers assume that there will be warnings from competitors, consumer protection and competition associations. Therefore, it is very important to adapt your website in good time to the new data protection regulations.
The measures protect the personal data of the users.
In the future, websites must minimize the amount of data and provide encryption of data transmission from contact forms. As soon as data is requested in a website, an SSL certificate must be used. This allows encrypted data to be exchanged without third parties having access to it. SSL certificates are essential for security and are now required by the law.
In the data collection and processing according to the General Data Protection Regulation, Art. 5 lit. f GDPR the principle of integrity and confidentiality:
"Personal data must be processed in such way that ensures adequate security of personal data, including protection against unauthorized or unlawful loss, accidental destruction or accidental damage through appropriate technical and organizational measures."
According to this principle, all forms must now be encrypted on the website or in an online shop so that data sent can not be tapped.