If you have any questions, please contact us!
We are happy to help:
 | Dan Gurghian Data protection expert Project Manager & DPO |
|---|
How do you know you need such an impact assessment?
Art. 1 of the Decision no. 174 of October 18, 2018 of ANSPDCP imposes on art c) and d) carrying out an impact assessment in particular in the following cases:
c) the processing of personal data for the purpose of systematic large-scale monitoring of an area accessible to the public, such as video surveillance in shopping malls, stadiums, markets, parks or other such spaces
So if you have such a space, it is clear that you need an impact assessment.
d) large-scale processing of personal data of vulnerable persons, particularly minors and employees, through automatic means of monitoring and systematic recording of behavior, including advertising, marketing, and publicity activities ”.
What if you don’t?
First, according to Art. 83 para. 4 of the GDPR, failure to carry out the assessment amounts to non-compliance, so you risk a fine of up to EUR 10 000 000 or, in the case of a company, up to 2% of the overall turnover.
If you think that ‘ control doesn’t come to us anyway, nobody fines us anyway ‘, we ask you something :
However, if a person – only one of the hundreds, or thousands, who pass through the space you own every day – decides to use their rights, they ask you for information about video cameras … and if you can’t give them, Are you complaining to the Authority?
If you still take a fine, no matter how small, and it is found by the general public? What impact would it have on the image of the institution or company you run or where you work as a DPO? What about you personally?
And even if you weren’t fined, do you want to live with such thoughts all the time? What if someone complains to me? What if a control comes and we wake up uncovered? Don’t you have other things on your mind?
What do you need to gain from an impact assessment (DPIA)?
- Identifying the possible risks generated by the processing of personal data by using the CCTV system, respectively GPS.
- Establish measures to address these risks to comply with the GDPR (identification of risks, their level, and legality of processing) and finally avoid a possible fine.
- Due to the nature of its implications for the protection of personal data, the impact assessment is required to be carried out by a team of GDPR experts (with expertise in both the legal and IT fields).
- Therefore, do not confuse the DPIA with the assessment imposed by LAW 333/2003 on the protection of objectives, assets, values and protection of persons. The latter is a risk assessment of protection Physical security , not personal data protection.
- Last but not least , peace of mind is given by the confidence that you have everything in order in the event of a check in this regard.
How long does it take, and how much does the impact assessment cost?
The monitoring systems’ complexity mainly influences your company’s duration and price and the volume of data processed. To receive a personalized offer, please contact us.
Our team consists of specialists with 20 years of experience in the IT, legal and legal field, having in their portfolio. The implementations are carried out by multinational companies, public institutions, and SMEs.
Who we are and why choose us?
We are a team of specialists with over 10 years of experience in management, law, and IT. We are a reliable partner with long-term partnerships with over 800 multinational companies, SMEs, and public institutions, who want to comply with the data protection law, privacy, and personal data of employees, customers, collaborators, and who wish to avoid GDPR fines and sanctions.
Conf Univ Dr Nicolae Ploeșteanu
GDPR Expert – Legal
Hilda Șumălan
GDPR Expert – Legal
Dan Gurghian
GDPR – IT consultant
Anca Suciu
GDPR Marketing
Ionel Orza
Project Manager-DPO
Ionela Avram
DPO Specialist
Darius Farcas
DPO instructor
Maria Enea
Lawyer
Laurențiu Rîcu
Physical Security Risk Assessment Specialist
Ruxandra Săplăcan
GDPR Specialist
