Are everyone obliged to adapt their corporate practices and procedures to the privacy regulation 679/2016?

Is it enough to create the classic information to be compliance and accountability?

Today the adaptation to privacy legislation is no longer standardized, but follows the principle of privacy by design.

The EU regulation 679/2016 has been operational since 25 May 2018 and requires companies to adapt their operating practices to a very simple concept: the protection of sensitive information concerning all the subjects with which the company comes into contact. To do this, there is no single way, and the first step to achieve the goal is to analyze business flows (it must be a link to the Analysis of processes and cost centers section).  

To date, there is no strong attention from the supervisory body on companies since it has focused on large players in specific sectors such as telecommunications (see eg. garante privacythis does not mean, however, that even the small clothing store, which collects the data of its customers, is exempted from carrying out all the activities necessary to manage this aspect.

If you want to understand what you should do for your business, Spazio Impresa in collaboration with its partner lawyers, trade associations and professional DPOs, is at your disposal.