The development and introduction of new technology has been one of the key drivers for the GDPR and data protection regulations.

New software & technology means large quantities of personal data can be processed, transferred and shared quickly and easily. Artificial Intelligence (AI) and automated profiling allows much greater characterisation and segmentation of individuals and enables better targeting and more informed decision making.

The GDPR helps ensure tech and software organisations respect and protect individual data. To achieve compliance, special consideration must be given to defining the purpose the data is used for, understanding and mapping all data flows from the outset, managing data transfer with third parties and across borders and clearly and transparently defining how individuals’ data is used by them.

This page explains what data protection legislation means for software & technology organisations and the key areas they need to consider when managing personal data.

Alternatively click one of the options below to speak to us

 

Email Call

WHAT DOES THE LEGISLATION MEAN FOR SOFTWARE & TECHNOLOGY ORGANISATIONS?

Like all other organisations, software & technology organisations must:

tick
Be transparent in the way they process personal data and accountable for doing so
tick
Be able to detect, manage, report and respond to data breaches including, if necessary, liaising with the Dutch Data Protection Authority (AP)
tick
Understand the data they have, where it is stored and who has access to it
tick
Implement robust processes and procedures to protect personal data
tick
Allow users, data subjects and staff to:

  • Access the data stored on them
  • Ensure it is correct and modify it as necessary
  • Have it deleted (unless needed for legitimate reasons)

tick
Appoint a designated data protection officer if they:

  • Are a public body
  • Process data on a large scale
  • Use the data for profiling or automated decision making

colours

IMPORTANT DATA PROTECTION CONSIDERATIONS FOR SOFTWARE & TECHNOLOGY ORGANISATIONS

Software & Technology organisations must protect personal data in a wide range of their operations. Some major considerations include:

Mapping data flows

  • Clearly defining the purpose that the data is used for
  • Limiting the use solely to the purpose
  • Managing consent
  • Transparently explaining how the data is used to all users
  • Adopting privacy by design principles

Sharing data with others

  • Transfers with 3rd parties
  • Data transfers outside the EU
  • Data processing and data sharing agreements

Handling large quantities of data

  • Appointing a designated DPO
  • Profiling and automated decision making

Data security

  • Maintaining network and server security
  • Data encryption

Administration

  • Email systems
  • Staff payroll, pension and HR records
  • Visitors’ book, access and CCTV

Identifying Personal Identifiable Information

  • IP addresses
  • GPS Data
  • Cookies and tracking pixels

Policies and agreements

  • Privacy, retention and data protection policies
  • Staff handbooks
  • Data sharing agreements
  • Data processing agreements

Enquire Today

Fill in your details below and we’ll get back to you as soon as possible

Alternatively click one of the options below to speak to us

 

Email Call