The GDPR is based on 8 Golden Rules:

• Licitness of processing

  • By consent of the user
  • Necessary for the performance of a contract
  • Necessary for compliance with a legal obligation
  • Necessary for the protection of vital interests
  • Necessary for the performance of a task carried out in the public interest or subject to the exercise of public authority task carried out in the public interest or in the exercise of official authority
  • Necessary for the purposes of legitimate interests

• Purpose of processing

  • Purpose of data collection

• Minimization of data

  • Is the data... necessary?
  • Am I entitled to collect?
  • Am I clear about compulsory and optional data?

• Special protection for sensitive data called sensitive personal data

  • Origins
  • Political views
  • Religious or philosophical beliefs
  • Trade union
  • Health
  • Life/sexual orientation
  • Genetic data
  • Biometric data

• Limited data retention

• Security obligation - Confidentiality

  • Securing data access: premises, logics/passwords, securing workstations, tracing access
  • Cyber security: firewall, antivirus and updates
  • Fighting against loss: Encryption, backups
  • Access policy, internal/IT charter
  • Crisis management: theft and loss procedures, referents

• Obligation de sécurité - Intégrité

  • Cf. Security obligation - Confidentiality

• Security obligation - Availability

  • Cf. Security obligation - Confidentiality

• Contact our company:

  • Website: https://www.etpdatasystems.com
  • E-mail: contact@etpdatasystems.com

• Data controller:

  • Identity: Alban SOUBIGOU. Geoffrey JOGUET is his assistant and assists him, among other things, on the technical side.
  • E-mail : contact@etpdatasystems.com