What IS GDPR?
GDPR regulations require companies to protect the privacy and personal data of EU citizens for transactions that take place within all EU member states.
The GDPR was implemented by the European Parliament in April 2016. In addition, the GDPR also regulates personal data exportation outside the EU. The GDPR protects various types of privacy data including:
- Identity information (e.g. name, ID numbers, and address)
- Web data (e.g. IP address, location, and cookie data)
- Racial and ethnic data
- Sexual orientation
- Health, genetic, and biometric data
- Political opinions
GDPR now requires companies to provide the same level of protection for individuals’ cookies and IP addresses as for other data like customer names, home address, and Social Security numbers. It also requires companies to supply their customers with a “reasonable” amount of personal data protection.
Why Does GDPR Exist?
In short, the main goal is to deal with public concerns about privacy. Historically Europe has generally had strict rules about how companies use their visitors’ personal data. The GDPR substitutes the European Union’s Data Protection Directive (1995). This was a long time before the Internet became a business hub that generates over $1 trillion in yearly revenue. As a result the 1995 directive is very outdated and does not deal with several ways that data is collected, stored, and transferred in modern times.
Privacy issues have become a big concern in the EU. An RSA survey revealed that the top concern of 80% of consumers in the UK, France, Germany, and US is lost banking/financial data. Meanwhile, three-quarters of respondents stated that lost security information like passwords and identity data was a concern.
COMPLIANCE WITHIN COMPANIES
The GDPR lists many roles that must ensure compliance. They include data processor, data controller, and data protection officer (DPO). Data controllers define the way personal information is processed and the goals of processing it. They also ensure compliance is supplied by outside contractors.
Data processors could be internal groups that manage and process personal data records as well as outsourcing companies that conduct part or all of the activities. GDPR makes processors liable for non-compliance and breeches. Both your company, and cloud provider or other processor partner will be liable for penalties. This is even true if the processor partner is 100% at fault.
HOW GDPR AFFECTS CUSTOMER CONTRACTS
The GDPR puts an equal amount of liability on data controllers and data processors. A third-party processor who is non-compliant means the organisation itself also is non-compliant. In addition, the new regulation has very strict rules about reporting breeches and everyone in the chain is required to comply with them. The GDPR also requires organisations to inform clients about their rights under the EU directive.
In other words, all current contracts with processors and customers must list out responsibilities. In addition, revised contracts must also spell out consistent processes about how data is protected and managed, as well as the way breeches will be reported.
Client contracts must also show regulatory changes. Several forms can be used as client contracts. They include formal agreements and online click-throughs. It is important for various third-parties to understand the way data is processed and stored, and also agree on a reporting process.
The deadline for companies to show compliance to GDPR was May 25, 2018.
Changes to OnlineGamblingSA.com’s Terms & Conditions
Due to continuous development of the website from time to time it might become necessary to alter the Terms and Conditions and OnlineGamblingSA.com reserves the legal right to take that action by uploading changes online. Users are responsible for reviewing the Terms & Conditions regularly. Your continuing use of our website following any amendments posted is considered your accepting of such changes to the Terms and Conditions.
This explains what types of personal data our site collects and the reasons we collect it.
When visitors to our site leave comments the data appears in the comments form. Other information shown is the IP address of the visitor and the user agent string of the browser to improve spam detection.
If you contact OnlineGamblingSA.com through the site’s contact form the data is stored as long as we judge necessary. However, no submitted data is used for any type of marketing purpose.
Articles found on this website might include embedded content like articles, images, and videos. Other websites’ embedded content functions in the same way as if the visitor had visited the other website.
How Long We Retain Data
In the case you leave a comment then the comment and metadata are indefinitely retained. We take this step in order to automatically recognise or approve follow-up comments rather than using a moderation queue to store them.
We also store personal information in user profiles provided by users who register on OnlineGamblingSA.com. Users are able to view, edit, and delete personal information anytime, but they cannot alter the username. Web administrators are also able to view and edit the information.
User Rights about Data
If you own an account at this website or have made comments you have the option to ask to receive an exported file that contains personal data we store about you. That includes any information you have supplied to us. In addition, you can request that our site erase all personal data related to you. This excludes any data we are required to store for administrative, security, or legal reasons.
Where We Send Your Data
Visitors' comments might be checked using a spam detection service.
You are able to contact us through our Internet contact form if you have any other questions regarding these issues.
Have You Found What You're Looking for?
Your feedback is paramount!