Post by account_disabled on Feb 27, 2024 1:09:37 GMT -6
We have already talked to you about GDPR and there is still a lot of talk about it, but there is still a lot of confusion on the topic and, above all, little practical information for drawing up a privacy policy . If you are also among those users who have studied the new European privacy regulation, but still have some doubts about how to draft the data processing information, this is the article for you! In fact, we will see what the "new" European privacy regulation provides and how to create a privacy policy in full GDPR compliance and we will also give you some preview news on the upcoming innovations regarding cookies. GDPR: if you know it, DON'T avoid it! gdpr compliance The regulation, valid for all European countries , which came into force on 25 May 2018 , aims to protect the personal data of natural persons resident in the European community .
Foreign companies that process, for example, the data Panama mobile number list of an Italian citizen are therefore also subject to GDPR. But what is meant by personal data? And, above all, how should it be treated? The European regulation indicates as personal data any information, referring or referable to a natural person (which the GDPR indicates with the term "interested party"), and which concerns his/her personal data (name, surname, location), his/her possible identifier online or information about your physical, economic, cultural or social identity. The GDPR is obviously applicable whether the data has been collected with the help of IT media or whether it is present in paper archives . Particular attention, then, is given to profiling , which is described as an activity aimed at analyzing and predicting a user's behavior , through the use of automation, in order to then implement a specific marketing activity.
Let's take an example to understand better: Case 1: the profiling process is an end in itself and is used, for example, to divide the users of a newsletter into groups based on interests with the sole purpose of understanding how many users are interested in one topic rather than another. This division into groups is therefore used only to choose which contents to publish next on the basis of the most read and clicked contents: in this case, we are not in the presence of profiling but of simple clustering and therefore no consent is necessary from the user. Case 2: if, however, as happens most of the time, the profiling has the ultimate aim of sending ad hoc commercial information based on the user's interests, then it will be necessary for the company to obtain consent of the user to profiling. Personal data and GDPR compliance: all the useful information to know personal data and how to process them In addition to defining and regulating the personal data of a natural person, the GDPR has introduced new rules for the processing of this data.
Foreign companies that process, for example, the data Panama mobile number list of an Italian citizen are therefore also subject to GDPR. But what is meant by personal data? And, above all, how should it be treated? The European regulation indicates as personal data any information, referring or referable to a natural person (which the GDPR indicates with the term "interested party"), and which concerns his/her personal data (name, surname, location), his/her possible identifier online or information about your physical, economic, cultural or social identity. The GDPR is obviously applicable whether the data has been collected with the help of IT media or whether it is present in paper archives . Particular attention, then, is given to profiling , which is described as an activity aimed at analyzing and predicting a user's behavior , through the use of automation, in order to then implement a specific marketing activity.
Let's take an example to understand better: Case 1: the profiling process is an end in itself and is used, for example, to divide the users of a newsletter into groups based on interests with the sole purpose of understanding how many users are interested in one topic rather than another. This division into groups is therefore used only to choose which contents to publish next on the basis of the most read and clicked contents: in this case, we are not in the presence of profiling but of simple clustering and therefore no consent is necessary from the user. Case 2: if, however, as happens most of the time, the profiling has the ultimate aim of sending ad hoc commercial information based on the user's interests, then it will be necessary for the company to obtain consent of the user to profiling. Personal data and GDPR compliance: all the useful information to know personal data and how to process them In addition to defining and regulating the personal data of a natural person, the GDPR has introduced new rules for the processing of this data.