Many company executives were relieved to hear that GDPR is about protection of personal data, saying that they are not affected since they do not process any personal data. They would have felt differently if they knew how personal data is defined in the Regulation.




GDPR, Personal data, data subject, data protection

Now, let’s see:

“’personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”

… and this is not all, we should highlight Preamble (26) ruling that “The principles of data protection should apply to any information concerning an identified or identifiable natural person.”


In the light of these, those who thought not to process personal data (neither of customers, nor of buyers, nor of partners), but employs workers, was wrong to do so. Since the Regulation applies not only to personal data processed in the course of the activity profile, but also to own employees whose data must be processed with the same safety and transparency, and all the rights required by the legislation must be granted to them too.


We at Process Solutions pay special attention to processing the data of our customers and employees.



Powered by FORTIX Consulting