EPISODE 6: Respecting the new GDPR rights of data subjects

03 May 2018

Data is in the Bisnode DNA and so is respect

A ‘data subject’ is the GDPR term for a natural person whose personal data are collected, processed and kept. Because data is the DNA and lifeblood of Bisnode we have always been very careful to respect the rights of the true owners of personal data: the citizens we all are, strongly caring about our privacy. From its very start Bisnode has consistently treated the requests from consumers and taken the necessary actions to answer them and implement the request. 

The 8 GDPR rights for EU citizens 

1. The right to be informed

Individuals have the right to be informed about the collection and use of their personal data. GDPR requires transparent, easy to understand reporting on e.g. purposes for processing, retention periods and which parties the data will be shared with...

2. The right of access

Individuals have the right to access their personal data and get information on how it is used, by whom, how long it is kept, where it was obtained...

3. The right to rectification

Individuals can have inaccurate personal data corrected or completed.

4. The right to restrict processing

Individuals have the right to request the temporary limitation of the processing of their personal data, e.g. in the event of a dispute.

5. The right to data portability

Individuals have the right to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability. 

6. The right to object

Individuals can object against the use of their data for direct marketing objectives or for marketing profiling.

7. The right related to automated decision-making

Individuals  have the right not to be subject to decisions that were purely made by automated processes without human involvement.having legal effects or significantly impacting the individual.

8. The right to be forgotten

Individuals have the right to have personal data erased. Legal reasons are: illegal processing  processing not in line with the stated purpose, withdrawn consent, objection against the use for direct marketing purposes. 

The new GDPR rights are embedded in all Bisnode processes 

Bisnode has appointed a Data Protection Officer to ensure that the rights of data subjects are respected. We have carried out a Data Protection Impact Assessment. We have analyzed all the possible risks of harm the data subjects. We have taken all measures to avoid or limit these risks to a maximum. The recommended measures have been implemented in our IT system and in our procedures. Not only for the Bisnode data but also for our Source Partner data and for the marketing databases that we host for customers.

In our communication to citizens, including all privacy clauses, we always refer to the Bisnode GDPR information website for consumers. This site informs individuals about their rights and how to use them via the reply tool.

How to make data exchange GDPR compliant?

That’s the subject of episode 7: How Bisnode secures the GDPR compliant transfer of personal data

Looks complicated? Glad to help you!

Looks complicated? Glad to help you!

Don’t worry: whenever in doubt about a GDPR data issue, do not hesitate to contact your Bisnode consultant. Getting GDPR ready? Been there! Done that! We’re ready to help and get you on your way.

Subscribe to our newsletter