Last year, it was everywhere: GDPR. At least in Europe. If you are one of the very few who has never heard of it: It stands for General Data Protection Regulation and it is a European law that regulates what can be done with personal data.
If you are one of those who had to deal with it, like I did, at work, changes are you are not over the moon with it. For most people, it just stands for a lot of unnecessary extra paperwork, just making harder what used to be easy. Which is definitely partly true. But with all that negative attention, it seems like no one has noticed that this law is in fact a good thing for all European citizens: We have been given the gift of rights! So, for Christmas, I am summarizing your new rights, given to you by the EU and the GDPR. (And honestly? They are not even new!)
The Right of access
Don’t you think you should know if someone is actually tracing you? Your every movement? Your every act? Even how long you watched a specific piece of clothing on the H&M advertisement? It has been a crude awakening to me to learn about all the personal data they are collecting every moment you are on your phone or your computer. Bluntly put, we have given up our privacy to companies, like Google and Facebook, who are selling all this info for big bucks. (Yes, I have been living under a rock for quite some time when it comes to social media and even longer when it comes to computers in general.)
Well, at least, now you have a right to know if they are collecting your data. And if they do so, you can ask them what they know, where they got it from and what they are doing with this information. And they need to be clear about it. And you can even ask for a copy. Or complain.
The Right to object
Did you change your mind about consenting? Well, because of this right, you can redraw your consent. Especially when it comes to direct marketing. Just tell them you do not longer want to receive all those advertisements – of course, if you can find the culprits.
The Right to rectification
If your personal data is incorrect, you can have it corrected. Seems kind of self-evident, right? Well, the person I met who could not file for a loan because of his identical name with a bad credit person will tell you it isn’t so.
The Right to be forgotten
If you want to redraw your consent, if the purpose for which you gave your information has been obtained, if your data have been unlawfully processed, you have a right to ask the person or company who has your data to erase the data. In practise, this right might be tricky. How – for one – can you ever know for sure they erased your data, but at least you have the law on your side!
The Right to restriction of processing
Say for example, you gave your consent to data collection. Well, this right allows you to take back part of your consent (and data). And the company or person who has your data needs to inform you about it.
The Right to data portability
Which, simply put, means that you can take your data with you. You have the right to get your personal data in a structured, machine readable format or even have it transferred immediately to your new provider. (This is in fact the only real new right due to the GDPR.)
Of course, as in every good American advertisement, I need to add: Restrictions may apply and results may vary. But that is not what you should remember. This is: GDPR means more personal rights for everyone in Europe. Isn’t that in the end the best gift of all?
Here’s the link to the Wikipedia page, where you have another very concise and clear overview of your rights. Just formulated better than mine.
P.s. I am happy with all specifications or corrections of these rights. We might all benefit from it!