Post by account_disabled on Jan 22, 2024 20:18:38 GMT -7
The rules of the personal data protection regulation apply to Ukrainian companies in 3 cases. We talk about them below. The company processes and stores personal information of EU citizens It is important where the user is geographically located, the data about which the company collects with the help of an IT solution. For example, a crypto platform will have to comply with GDPR requirements if payments are made by EU citizens. A privacy policy will need to be developed for games and mobile applications as this is a requirement for publishing. This rule applies to online stores and marketplaces if they sell goods to buyers from the EU.
What about a person's personal data? The listing of personal information C Level Executive List in the privacy policies and agreements for different products will vary and depend on the type of business of the company. Let's give an example. The Insurance Hunter platform contacted Stalirov&Co IT lawyers. With the help of the site, EU users choose insurance. They fill out a questionnaire, and software algorithms select a financial solution. Lawyers have fixed the following list of personal data in the Privacy Policy for the product: name, surname, address, e-mail, phone number; browser type, referrer URL, IP address, MAC address, device type, screen resolution and OS version. But such a list is not suitable for a crypto platform. It needs to be significantly expanded and added: passport data; tax residency; bank details, including account numbers and payment details; sources and amounts of income; information about the account status.
The company works with organizations that have already implemented GDPR Imagine that you have been approached by a German bank for the development of Internet banking. Along with other documentation, they will definitely send a GDPR questionnaire to check compliance with the requirements for personal data protection. All because the product development procedure involves access to information about the bank's customers. The Ukrainian IT company will not receive the project until it substantiates a high level of data protection. For this, lawyers are developing documents for GDPR compliance: Data Processing Agreement Security Policy Data Breach Response Policy of storage and handling of personal data Access Level Policy Instructions for employees on the organization of work with personal data Policy of international transfer of personal data The company opened a representative office in the EU Opening offices in European countries is a common experience of conducting Ukrainian IT business.
What about a person's personal data? The listing of personal information C Level Executive List in the privacy policies and agreements for different products will vary and depend on the type of business of the company. Let's give an example. The Insurance Hunter platform contacted Stalirov&Co IT lawyers. With the help of the site, EU users choose insurance. They fill out a questionnaire, and software algorithms select a financial solution. Lawyers have fixed the following list of personal data in the Privacy Policy for the product: name, surname, address, e-mail, phone number; browser type, referrer URL, IP address, MAC address, device type, screen resolution and OS version. But such a list is not suitable for a crypto platform. It needs to be significantly expanded and added: passport data; tax residency; bank details, including account numbers and payment details; sources and amounts of income; information about the account status.
The company works with organizations that have already implemented GDPR Imagine that you have been approached by a German bank for the development of Internet banking. Along with other documentation, they will definitely send a GDPR questionnaire to check compliance with the requirements for personal data protection. All because the product development procedure involves access to information about the bank's customers. The Ukrainian IT company will not receive the project until it substantiates a high level of data protection. For this, lawyers are developing documents for GDPR compliance: Data Processing Agreement Security Policy Data Breach Response Policy of storage and handling of personal data Access Level Policy Instructions for employees on the organization of work with personal data Policy of international transfer of personal data The company opened a representative office in the EU Opening offices in European countries is a common experience of conducting Ukrainian IT business.