The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies. GDPR will come into effect across the EU on May 25, 2018.
NCL has always taken the utmost care in relation to the protection of user data due to which the impact of GDPR will be minimum. This is a reminder to all users and partners on the data protection requirements that must be adhered to when dealing with NCL users. Below is a check list of requirements that must be adhered to at all times.
Awareness
Information Held
Communicating Privacy Information & Lawful Basis for Processing Data
Individual Rights
• the right to be informed;
• the right of access;
• the right to rectification;
• the right to erasure;
• the right to restrict processing;
• the right to data portability;
• the right to object; and
• the right not to be subject to automated decision-making including profiling.
On the whole, the rights individuals will enjoy under the GDPR are the same as those under the data protection act but with some significant enhancements.
Consumer requests to access data
Age Restriction
Data Breaches
Data Protection Officer