What is GDPR?
The EU General Data Protection Regulation GDPR comes into effect on May 2018. From that date, the protection of personal data will be regulated in the same way in all EU countries and each Member State will be subject to the same rules.
Personal Data can be anything that allows a person to be identified either directly or indirectly, such as a name, an address or even an IP address. It includes automated personal data, but also data created using a pseudonym. Personal data can be subdivided into Ordinary, Special and Criminal Personal Data.
What exactly will change?
The GDPR provides, among other things:
- Stronger and more far-reaching privacy rights;
- Increased responsibilities for organisations;
- The same strong powers for all European privacy regulators.
What does this mean to you?
Under the GDPR, any citizen whose personal data is collected will receive more and improved privacy rights. This also applies to customers of TheSteroids.org. You will, for example, have more opportunities to defend yourself if your personal data is accessed.
Once the GDPR comes into force, you will receive the following privacy rights as a data subject:
- The right to data portability - This is a new right to transfer personal data. It means that you have the right to receive certain personal data that we hold as an organisation.
- The right to be forgotten - This is a new right which means that we, as an organisation, need to clear personal data or your account in a number of cases if you request it.
- The right of access - This is the right to view the personal data that we may have collected from you. You have the right to ask us what information we hold on you. You may also request to view this information.
- The right of rectification and supplementation - This is the right to have certain personal details changed by you or to add any additional personal details. We as an organisation are responsible for ensuring that the personal data we process is correct, and we are obliged to update this data if necessary or when you request it.
- The right to restrict data processing - This gives you the right to restrict the use of your data in certain situations; in this case by or on behalf of TheSteroids.org.
- The right related to automated decision-making and profiling - In other words, the right to a human look at decisions. Some organisations make decisions based on automatically processed data. Profiling can also be a part of an automated decision-making process. The GDPR entitles you to a human look at decisions made about you.
- The right to object to data processing - You always have the right to object to the processing of your data. In such a case, TheSteroids.org would have to stop or limit the processing of your personal data.
- The right to information about what we do with your personal data - this means that as an organisation we are obliged to clearly inform new and existing customers about how we use your personal data. This will be reflected in the privacy statement on the website.
TheSteroids.org does comply with all expectations in privacy-related areas from 25 May 2018. The key principles are transparency, accountability, accuracy, goal limitation, data limitation, storage restriction, integrity and confidentiality.