04.2 Personal Data Protection Policy Integrated
I need help to understand the following.
This is the first document I opened to start working on the GDPR. What do I have to fill in here
2. Reference Documents
· EU GDPR 2016/679 (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC)
[relevant national law or regulation for GDPR implementation [GDPR1]
[other local laws and regulations [GDPR3]
How do I know what law or regulation for GDPR I have to implement. This is something I hope to receive from you.
Please advise?
Assign topic to the user
The Toolkit requires you to insert your national privacy law if any. Most countries, even EU Member States adopted internal laws and regulations to implement GDPR requirements in certain fields. Video surveillance, controls of workers, social security, criminal conviction, or health data are some examples of topics nationally implemented.
You should consult the website of your local Data Protection Authority (or Surveillance Authority) to discover what are the applicable laws and regulations adopted in your country. Therefore, you should check if your organization is subjected to other extraterritorial privacy laws like the California Consumer Protection Act (CCPA) or the Brazilian Data Protection Act (LGPD). In such a case, you should also insert those references in your data protection policy.
Here you can find the list of relevant Data Protection Authorities and the list of laws and regulations on information security:
- Useful resources for complying with EU GDPR https://advisera.com/eugdpracademy/knowledgebase/useful-links/
- Laws and regulations on information security and business continuity https://advisera.com/27001academy/knowledgebase/laws-regulations-information-security-business-continuity/
Comment as guest or Sign in
Jan 12, 2021