„GDPR“ – or why your mail is drowning in an avalanche stream of updated Privacy Policy

We looked in their mail recently? We noticed among the breasts of spam and newsletters to the breaks of the letters who came to you with the heading “We changed our confidentiality policy. „? If not, we congratulate you, you are a happy person who does not vegetate in the world web. If the answer is yes, we again congratulate, but already with the entry into the new „era“ of the digital society, where it became a little safer to vegetate.

On May 25, 2018, a regulation called GDPR (General Data Protection Regulation – General data protection regulations). Accepted this two-hundred-page Talmud in 2016, at a meeting of the Parliament of the European Union. This document in confusing and dry legal language borely explains that from May 25, 2018 new, more stringent and transparent rules for processing user data will come into force.

And what is it, you ask? To whom your personal data surrendered? Well, if they did not give up to you, be sure – they gave up very much. Information about you is collected and is constantly distributed. Your search queries. Your story is a browser. Characteristics of your device. The number of hours spent on sites. All this is not only your personal data that you unconsciously transmit to third -party sites, but also one of the most important articles of income for many sites. In fact, our personal data is a product that is sold and bought. Do not believe? Read yourself. For example, in the agreement AliExpress.

We can disclose or transmit (It doesn’t matter inside or outside the legal entity of Alibaba, which exercises control) Your personal data to our partners and service suppliers, we are hired by persons To assist in the provision of services to you or which otherwise process personal data for the purposes given in this confidentiality policy or reported to you in the process of collecting your personal data. Such partners or service providers can be, for example:

*Our business partners (for example, in order to provide them with discounts or proposals that may interest you);
* Marketing platforms such as Google, Twitter, Facebook,* Instagram* and Vkontakte and suppliers of user behavior analysis services, with the aim of selecting content that you see when visiting our sites.

For the purposes of the above, we can transfer your personal data to affiliated companies and/or the latest service providers within the Alibaba group of companies, which consists of companies managing leading online and mobile trading venues in consumer and inter -corporate trade, as well as engaging cloud programs and providing other services.

You can read this only because now GDPR obliges the company to indicate what it is going to do with your information and to whom she is going to transmit. Previously, such a list was not even in the confidentiality policy.

In order for the user to have the right to abandon, in general, unpunished use of his personal data, as well as introduce a new attitude to existing companies to the user information security policy, and GDPR was adopted.

It would seem that the European Union, although close, but its laws apply only to members of this very union. Therefore, the question arises – why is our uncouth and native land this should concern? Everything is simple-this regulation obliges each company that collects any personal data In people in the EU, Follow the new regulations.

So, if you decide to go fishing in the Gulf of Finland, the dumb breathe was breathing in the fresh moron air and unexpectedly chopped down exactly in the Finnish coastal village, some kind of cordon Kuzmich is kneaded, then the points of this regulation will immediately spread to you.

Accordingly, the “side of the collecting user data” (something like this in the regulations is angry with those who are transmitting your information), it is necessary to update their user agreements so that even some lost Russian fisherman in Finland is one hundred percent confident in the preservation of his personal data.

To understand what exactly changed after the entry www.theslotsisland.co.uk into force of this law, the main provisions of the regulation can be structureed:

„The right to oblivion“

All citizens who are in the EU have the right to demand Complete and absolute Removing your personal data transferred or collected by someone. In practice, this means that any person can demand not only the contact information left by him during registration, but also all the related data: IP addresses, the history of actions and requests, preferences, technical data on devices, etc.p. And service/site/company will be obliged to submit and completely delete the data stored about a person.

Being, in fact, the most important point in the regulations, the “right to oblivion” is also the most insignificant for people living outside the European Union. Most services and sites simply added a small section to their agreements, related only to people located in the EU. Such lucky ones are given the opportunity to contact the given contact addresses to a specialist and ask to delete all the information about yourself. The rest of the users are deprived of such an opportunity.

„The right to transparency“

But then more interesting provisions are already going on, since they, as a rule, bring confidentiality to direct policies and affect not only the EU, but also other users. One of these provisions is the “right to transparency” or the right to receive the most accessible information.

Now sites should be as accessible and openly as possible, without hiding behind the wall of the legal bubnge, to describe to the ordinary user, where, how and what will happen to his personal information.

Fresh confidentiality policy from Google. All important information is chewed to the state of the simplest examples, laid out on shelves and tabs, even before the heap is equipped with a video. A year ago, at this place there was just a wall of text with the repeating terms “the third party undertakes to perform a hurumba-gun with a flavor-yumbo provided by the first side”

„The right to knowledge“

In addition to accessibility, sites are required to disclose what kind of information they receive from the user directly and in automatic mode. What they have the right to do with this information. Where exactly they can transmit this information. How much this information can be stored. One of the main conditions of the regulation is the ban on the storage of personal data not used to work a service or site.

All this should be described in the points of confidential policy.

„The right to defense data“

Another position that will affect all users are new requirements for protecting confidential information. Now the security policy should be prioritized when working any sites or services. So, for example, in the regulations a separate emphasis is placed on “pseudonation”-a process in which the personal data of users are encrypted, and instead of them, pseudonyms are also used for “de-identification”-the general name of all methods to prevent data identification.

A separate item here is the so -called “Data Protection Officer” – call it as “Commissioner for Protection of Personal Data”. This is a new position that will appear in all large companies (from 250 people, as well as in particular cases), the based task is to monitor the confidentiality of users‘ personal data, compliance with new regulations and concomitant nonsense.

„The right to notification“

It is difficult to say whether this item will apply to residents of non-European Union, but still-companies are required to notify users in the case of any leaks of their personal data.

Of course, these are not all the provisions given in the regulations. There are many more nuances of registering children and adolescents, the right to the requirement of all collected information and the like things that are unlikely to apply to users of non-European union.

And sho further then?

Well, for the inhabitants of the European Union now the Internet looks like this:

Left – original news website today. Two banners with targeting advertising, push-up notification and advertising video. On the right – a version for the EU countries corresponding to the regulations.

In fact, this is a temporary emptiness. Very soon, an empty place will be filled with brand new advertising and banners that meet the new legislation. But this will no longer be targeting advertising using personal information.

But for us the rest, there is an excellent opportunity – to unsubscribe from hundreds of unnecessary subscriptions that have access to your mail, and now having a chance to get huge fines if they continue to send mailings to those mails that did not agree with updated policies of confidentiality.

Read user agreements, see what you sign and do not put where you have to check.

* The activities of the parent organization META are recognized as extremist and prohibited in the Russian Federation

The best comments

Mobile Gamdevs from Serbia even washed down the presentation about how different developers are trying to introduce a new user agreement.

On the one hand, it seems that all this is good, on the other – we need a new bill about tags and keywords.

I drew attention to the mass change of user agreements when he launched Sudoku on the phone. It was at that moment that I realized that I do not understand what was happening. Thanks for the clarification)

Thanks for this incredibly useful “post”, the other day I tried to understand GDPR … But this is honestly fiasco – pages with yur. tinsel more than 50 that forced to roll out eyes, more pages of 5-10 terms. In short, in their right mind being a simple layman, I won’t read this.

*Strizes from his „Rating“ with a green clip 1 mm long in the author of the blog*