GDPR stands for known as the data protection definition General Data Protection Regulation. It covers any business collecting personal information of EU citizens regardless of where they reside. Businesses based in the US and even companies with no or no connection with Europe. Web-based websites don't have borders, so all data gathering, regardless of whether personal or business could be protected. That means any company selling jewelry on their site might be affected by GDPR.
Data controller
An organization can have two functions with regard to the personal information under the GDPR. It determines whether the organization is a controller, or a processor. If it is a controller then it is accountable for the collection of data and means to process it. Also, it has a shared obligation to ensure security and data protection. In some cases, a joint controller relationship could be established in the event of some agreement among two entities. In this scenario, both the controller as well as the individual who is the data subject need to be fully aware of their respective roles.
The next step is that a GDPR-compliant data controller must implement the necessary technical measures to ensure data protection. This can be certified mechanisms code of conduct, approved codes as well as pseudonymization strategies. They must also ensure that only the personal data required to process are processed. This checklist will help data controllers meet their obligations under GDPR.
As a
