In short, GDPR is the regulation adopted by the European Union on the protection of personal data and the free flow of such data, also known as the General Data Protection Regulation. The topic is of great public interest because up to now only the European Union directive has addressed the handling of personal data, and the member states have implemented it themselves - often in different ways. From now on, this will change, as the GDPR has direct effect and is mandatory in all member states. For this reason, this regulation will be the most important regulatory document in all member states regarding the management and protection of personal data, it can only be deviated from if the GDPR itself allows it.
NAIH, i.e. the National Data Protection and Freedom of Information Authority, is the authority responsible for ensuring the protection of personal data. Its task is to monitor and promote the enforcement of the right to the protection of personal data. That is, in Hungary, the NAIH will be responsible for compliance with the GDPR, it can carry out inspections and sanction violators of the data protection rules. In addition, it also has the task of providing guidelines and assisting in the interpretation of legislation.
Data management includes almost all actions performed on personal data, such as their recording, collection, storage, use for various purposes, transmission, modification, to mention only a few data management operations. The person performing this is the Data Controller. The person who works with personal data on behalf of and on behalf of the data controller is the Data Processor. The important difference is that while the data controller also determines the purpose of the data management, i.e. decides on the fate of the data, the data processor only performs – typically technical – operations on the data based on the instructions of the data controller (e.g. web hosting provider).
Being an EU regulation, the GDPR establishes provisions for data management related to the EU for some reason. This is how the GDPR must be applied if you or your business/company operates in the territory of the Union, and data management is carried out in connection with this activity. At the same time, the GDPR goes further than this: it also applies to data management and data processing operations carried out by a data controller or data processor that does not have a place of business in the EU, but is related to the provision of goods or services to data subjects residing in the EU, or to monitoring the behavior of data subjects within the territory of the EU are connected.
In all cases, Három Ász Média Kft. strives for the maximum protection and confidential treatment of managed data, and accordingly has a number of internal regulations, action plans and records. During the development of our Internet interfaces, we keep and kept in mind the minimization of the amount of processed data as a primary consideration, which in itself significantly reduces the risks of abuse and possible attacks. In line with our efforts so far, we are constantly preparing for maximum compliance with the requirements of the EU GDPR regulation.