EU ARC- GDPR COMPLIANCE for SMEs’ Post

🔴U okviru ARC2 projekta Vlatka Vuković danas je održala doista izvrsnu, praktičnu i korisnu radionicu na temu kako provesti procjenu učinka na zaštitu podataka. Vlatka je na primjeru iz prakse (Obrada osobnih podataka praćenjem lokacije i kretanja (GPS)) , koristeći praktični modul odnosno obrazac za provedbu DPIA iz Olivie https://lnkd.in/dR5XASqE, pokazala step-by-step kako se provodi procjena učinka na zaštitu podataka. 🔴NE ZABORAVITE! •DPIA je obavezna u slučaju: •sustavne i opsežne procjene osobnih aspekata u vezi s pojedincima koja se temelji na automatiziranoj obradi, uključujući i izradu profila, i na temelju koje se donose odluke koje proizvode pravne učinke ili znatno utječu na pojedinca •opsežne obrade posebnih kategorija osobnih podataka (osjetljivi podaci) •sustavno praćenje javno dostupnog područja u velikoj mjeri ⚠️⚠️Uvjeti obrade koji upućuju na visok rizik •Procjena, bodovanje ili profiliranje •Automatizirano donošenje odluka s pravnim učinkom •Sustavno praćenje •Osjetljivi podaci i biometrija •Opsežna obrada •Osjetljive kategorije ispitanika •Podudarajući ili kombinirani skupovi podataka •Inovativna upotreba ili primjena novih tehnoloških rješenja •Obrada sprečava ispitanike u ostvarivanju prava ili korištenju usluge * WP 29 Smjernice za provođenje DPIA, kumulativno dva uvjeta 🔀Nadzorno tijelo – Agencija za zaštitu osobnih podataka (AZOP) objavljuje popis obrada podataka za koje je potrebno provoditi DPIA Preporučljivo je provoditi DPIA i za druge obrade (koje nisu na popisu) npr. prilikom svakog novog projekta koji obuhvaća i obrade osobnih podataka 🔀Izuzetak – članak 35. stavak 10. Uredbe 🔀ODLUKA o uspostavi i javnoj objavi popisa vrsta postupaka obrade koje podliježu zahtjevu za procjenu učinka na zaštitu podataka dostupna je na: https://lnkd.in/dEwFpHF 📚Testirajte svoje znanje na: https://lnkd.in/dW8-BPDq. Hvala Vlatka Vuković na nesebičnom dijeljenju znanja i iskustva, veselimo se budućoj suradnji! #SMEs #EUprojects Croatian Data Protection Authority-Agencija za zaštitu osobnih podataka

🔴Yesterday at the #PrivacySymposium #PSC24, Zdravko Vukic and Luigi Montuori proudly presented Olivia, an innovative web tool developed collaboratively by the Croatian Data Protection Authority-Agencija za zaštitu osobnih podataka and The Italian Data Protection Authority within EU ARC- GDPR COMPLIANCE for SMEs. This innovative tool, created in partnership with the Faculty of Organization and Informatics at Vrije Universiteit Brussel and Università degli Studi di Firenze, aims to assist #SMEs in achieving compliance with the GDPR. 🔴In order to support SMEs, the #EuropeanCommission continuously implements various initiatives aimed at strengthening the capacities of small businesses and promoting their growth and competitive position 💡The goal of the EU co-funded ARC2 project is to facilitate SMEs in complying with the General Data Protection Regulation, reduce administrative burden and financial costs, and help them realize that aligning with data protection regulations will enhance their business operations and enable them to build a relationship of trust with their customers/clients Despite more than six years since its enforcement, many SMEs continue to struggle with GDPR compliance, and there is a pressing need for the development of practical guidance and digital tools that can be easily replicated in other Member States, tailored to meet the specific needs of SMEs and streamline their implementation of GDPR obligations 💡SOLUTION: OLIVIA 🚀Olivia offers 15 data protection courses that encompass all key responsibilities for data controllers/processors outlined in the GDPR. Each course includes both theoretical and practical modules 🔀In theoretical part SMEs can go through lessons to learn about the specific obligation from the GDPR, they can watch educational video and afterwards they can take a test to test their knowledge. After the successful completion of the questionnaire (at least 80% correct answers), the user will receive a certificate as a proof of completion of certain theoretical module 🔀In the practical part, SMEs have the ability to create essential "GDPR documents" that can assist them in demonstrating their compliance or evaluating the level of compliance within their organization. 💡Another amazing tool was presented by JEROME COMMODI www.daaz-gdpr.lu. Louis Dutheillet de Lamothe showcased CNIL's innovative initiatives, aimed at helping data controllers understand and fulfill their obligations under the GDPR. 💪🤝📚Initiatives like this demonstrate how data protection authorities work together with stakeholders to create innovative tools and approaches that assist organizations in compliance, thereby safeguarding the fundamental rights and freedoms of European citizens.

14.6.2024. I šećer na kraju. Prijavite se za sudjelovanje na most exciting ARC2 radionici godine: https://lnkd.in/dU8X7tAD https://lnkd.in/d2AFQWJg Vlatka Vuković