What is GDPR?
The General Data Protection Regulation (GDPR) is a new European law which replaces the 1995 EU Data Protection Directive.
GDPR is designed to harmonise the data protection laws across Europe and provide greater security and control to individuals. In its 99 articles, GDRP explains the rights of individuals and sets out the obligations of organisations that handle personal information.
The regulation was adopted by the European Parliament and the European Council in April 2016 and is coming into force on 25 May 2018.
Who is affected by GDPR?
GDPR affects all European companies that collect, process and transmit personal information. It’s also applicable to non-European businesses that sell to the European market or process within the European Economic Area (EEA).
For you, as an individual and client of myPOS, GDPR means that:
- You have rights to request to delete your information or change it.
myPOS and GDPR
Security is among our highest priorities at myPOS. We are continuously working to implement mechanisms and procedures, which guarantee that our clients’ information is safe with us.
As a licensed e-money institution, myPOS uses the most advanced technologies and takes the necessary measures to ensure that we handle customer data in compliance with GDPR. We also have information security policies and procedures in place to protect personal data from unauthorised access, alteration, disclosure or destruction.
What personal data do we collect?
- Information required to provide the myPOS services
This category includes information about business activity, source of income, tax status, payment transactions, etc. and personal details that we collect via our website and during the video identification chat.
- Information that we collect with the client’s consent
Our clients may choose to provide Address Book contact information and other details required to participate in surveys or promotions.
- Information that we collect as the client uses the myPOS services
We use personal data only to provide and improve the myPOS services and to guarantee the highest security and protection to our clients.
How to get your business ready for the GDPR?
If you still don't know where to start with preparing for GDPR, check out these simple tips.
- Determine whether your company is a Data Processor or Data Controller (or both).
There are different requirements and obligations depending on which category you are in. Learn more on European Commission website.
- Perform a data mapping exercise to uncover how personal data is stored and processed.
Firstly, you should examine how you collect, process and store customer data. Secondly, you need to make sure that the processes and procedures in place are GDPR compliant. Apply changes if needed.
- Ask for consent for collecting personal information
You must obtain explicit consent from your customers and be clear about how the data will be used when you ask for that consent.
Set up a close collaboration with your legal team and update all documents, so that they reflect your approach in terms of GDPR and handling personal data.
Want to learn more about GDPR? You can find the full legal text of the General Data Protection Regulation here.