The General Data Protection Regulation (GDPR) will apply from 25 May 2018 and is a policy that protects the rights of personal data of individuals within the EU.
While many of the principles build on current EU data protection rules, the GDPR has a wider scope, more prescriptive standards and substantial fines. For example, it requires a higher standard of consent for using some types of data, and broadens individuals’ rights with respect to accessing their data. It also establishes significant enforcement powers, allowing a company’s supervisory authority to seek fines of up to 4% of global annual revenue for certain violations.
In particular Bookex is committed to the following:
Control: Clients and their Customers are able at any stage to request access to data that is held within our system, and if desired, deletion of this data can be requested.
Consent: Consent must be freely given, specific, informed and unambiguous for usage of Personal Data.
Accountability: All efforts are made to ensure the security of Personal Data, however in the event of a breach of data the appropriate supervisory authorities shall be informed within 72 hours of the breach.