What you need to know
The General Data Protection Regulation (GDPR) comes into force on May 2018 and aims to protect all EU citizens from privacy and data breaches. Regardless of Brexit, if a company in the UK deals with any customers or vendors in the EU they will need to make sure that they are in accordance with the new law on how they manage and store personal data.
There will be 8 rights for individuals that will need to be considered:
This is the right to ask a company for their GDPR policy and contact details.
This is the right of an individual to access all data held on them by a third-party company.
The GDPR gives individuals the right to have personal data rectified - personal data can be rectified if it is inaccurate or incomplete.
The right to erasure is also known as ‘the right to be forgotten’ - the broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
Individuals have a right to ‘block’ or suppress processing of personal data. When processing is restricted, you are permitted to store the personal data, but not further process it. You can retain just enough information about the individual to ensure that the restriction is respected in future.
Allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
Individuals have the right to object to: - processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); - direct marketing (including profiling); and - processing for purposes of scientific/historical research and statistics.
The GDPR has provisions on: automated individual decision-making (making a decision solely by automated means without any human involvement);and profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process.
For more detailed information please click here.
How we can help
We have developed a programme called Astral GDPR that includes ways to incorporate the individuals’ rights on your Dynamics NAV system, and the best part is that it can run on all versions of Dynamics NAV! It is built to help your business be compliant with the new GDPR law, we know it can be a little confusing and daunting to understand, which is why we have made it as straight forward and user friendly as possible.
By opting for this add on you will be able to find it in the main ‘Role Center’ of the control panel where you will be able to see the eight individuals’ rights represented by tiles along the top – by clicking on any one of these they will launch an action.