DSGVO (EN)

Definition

The General Data Protection Regulation (GDPR) is a regulation of the European Union that has been applicable in all EU member states since May 2018 and regulates the protection of personal data. It stipulates how companies and organizations must collect, process, store and protect personal data, and defines the rights of data subjects regarding their data. The GDPR obliges data controllers to implement technical and organizational measures for data protection and to appoint a data protection officer for certain processing activities. Violations of the GDPR can lead to substantial fines of up to 20 million euros or 4% of the global annual turnover.

Processing of personal data

flowchart TD     A[Data source] --> B{Lawfulness}     B -->|Lawful| C[Data processing]     B -->|Not lawful| D[Prohibited]     C --> E[Data storage]     E --> F[Data deletion]          subgraph GDPR Principles         direction LR         G[Lawfulness] --> H[Transparency]         H --> I[Purpose limitation]         I --> J[Data minimization]         J --> K[Accuracy]         K --> L[Storage limitation]         L --> M[Integrity and confidentiality]     end          C --> G 

In context

• Typically used together with: GDPR, Data Protection Officer, Consent, DS-GVO
• Related to