gdpr europe

GDPR: Main Content of the European Regulation

March 6, 2019
March 6, 2019
06 March 2019

This article is an introduction to the General Data Protection Regulation (GDPR) in the framework of your Big Data projects.

Be careful though! This isn’t going to be about giving legal advice, but rather,  a refresher course on the changes that GDPR will make.

The terms of the GDPR to define

Personal data

All information relating to a human being (or a data subject) that can be used to identify that person directly or indirectly. With the arrival of the GDPR, this definition was broadened to include online data. I.e., name, photos, email addresses, bank details, social networking publications, websites, medical information, IP addresses, location data, etc.

Sensitive data

It is personal data that directly or indirectly reveal political opinions, philosophical or religious or trade union memberships of persons, or that which is related to their health or their sexual orientation. They may only be processed with the explicit consent of individuals.

Data processing

This broad term refers to any operations carried out on personal data, via automated or non-automated means.  Some examples of processing include collection, recording, organization, storage, use and destruction of personal data.

Data controller

A data controller is a person who determines– alone or jointly with others – the purposes and the means of data processing (the collecting and processing methods).

The principles emerging from the GDPR

Whom does it concern?

  • All companies located in the European Union and processing personal data, regardless of its size.
  • All companies not located in the E.U. concerning the process of personal data relating to persons located in the European Union.

The obligation to appoint a DPO

The GDPR created a position of Data Protection Officer (DPO). Their responsibilities include:

  • Monitor the company’s compliance with regulations
  • Be the point of contact with the Supervisory Authorities as well as those who have questions on personal data processing
  • Advise and inform the company, its employees, and any possible processors.

The responsibility

Companies must ensure that they comply with GDPR’s obligations and be able to demonstrate compliance with its principles.

Valid consent

The controller must be able to demonstrate that the data subject has given his or her consent.

Notification of violations

In the case of a violation, the company is obligated to inform its Supervisory Authority within 72 hours after its discovery.

Privacy protection from the design stage

The controller must implement any data protection measures (pseudonymization, minimization, etc.) from the design stage; i.e., identify the means of processing.

The opposition to profiling

Any person may object to the automatic processing of their personal data in order to evaluate certain personal aspects relating to a physical person (analysis, prediction, etc).

Data portability

Any person concerned by the processing of their data can obtain from the controller a copy of their processed personal data and, where applicable,  the transfer of these data to a third party.


Violation of basic principles including the conditions of consent or the rights of the persons concerned will be subject to a sanction of up to 20 million or 4% of annual worldwide turnover.

zeenea logo

At Zeenea, we work hard to create a data fluent world by providing our customers with the tools and services that allow enterprises to be data driven.

zeenea logo

Chez Zeenea, notre objectif est de créer un monde “data fluent” en proposant à nos clients une plateforme et des services permettant aux entreprises de devenir data-driven.

zeenea logo

Das Ziel von Zeenea ist es, unsere Kunden "data-fluent" zu machen, indem wir ihnen eine Plattform und Dienstleistungen bieten, die ihnen datengetriebenes Arbeiten ermöglichen.

Related posts

Articles similaires

Ähnliche Artikel

Be(come) data fluent

Read the latest trends on big data, data cataloging, data governance and more on Zeenea’s data blog.

Join our community by signing up to our newsletter!

Devenez Data Fluent

Découvrez les dernières tendances en matière de big data, data management, de gouvernance des données et plus encore sur le blog de Zeenea.

Rejoignez notre communauté en vous inscrivant à notre newsletter !

Werden Sie Data Fluent

Entdecken Sie die neuesten Trends rund um die Themen Big Data, Datenmanagement, Data Governance und vieles mehr im Zeenea-Blog.

Melden Sie sich zu unserem Newsletter an und werden Sie Teil unserer Community!

Let's get started
Make data meaningful & discoverable for your teams
Learn more >

Los geht’s!

Geben Sie Ihren Daten einen Sinn

Mehr erfahren >

Soc 2 Type 2
Iso 27001
© 2023 Zeenea - All Rights Reserved
Démarrez maintenant
Donnez du sens à votre patrimoine de données
En savoir plus >
Soc 2 Type 2
Iso 27001
© 2023 Zeenea - Tous droits réservés.