Integrated management of personal data processing / GDPR
The new General Data Protection Regulation (Personal), GDPR 2016/679, in force since 24 May 2016, has become applicable since 25 May 2018: more than 48 months to adapt.
With regard to sanctions, the GDPR Regulation provides that it is the Member States of the European Union that determine the extent, with particular reference to those of a criminal nature, with the common objective that they are effective, proportionate and dissuasive.
In indicating the maximum limit of administrative penalties, the Regulation states that these can reach up to the sum of 20,000,000 Euros or for companies up to 4% of the total annual turnover of the previous year.
In Italy, criminal sanctions have been established by D.Legislative decree. 101/2018 (Decree harmonizing the Italian Privacy Code – D.Legislative decree. 196/03 – with the European Regulation),
At the end of the inspection activity by the supervisory bodies, noted that the violation can be of this nature, the related documents will be transferred to the Public Prosecutor’s Office of the Italian Republic which will proceed with the related criminal order.
In addition to the sanctioning system, it will also be necessary to consider a possible claim for compensation that the data subject can make to the Data Controller in civil proceedings, if he has seen the violation of his rights with regard to the processing of personal data.
STESIA has activated a new service that will allow its customers and anyone who requests it, to be in compliance with the European Regulations and with the obligations provided for by national legislation.
STESIA does not intend to sell any software, but to offer a service by fielding only its own professionals and using, for the part related to it activity, proprietary servers that are permanently installed within its headquarters.