The EU General Data Protection Regulation took effect on May 25th this year, giving companies new compliance requirements. At the same time, the country passed its new internal Data Protection Law that complements to a certain degree the conditions set forth in the GDPR.
Our team of lawyers in Austria is ready to assist you with the proper implementation of these requirements so that your company is in full compliance when collecting, storing and transmitting personal and/or sensitive data.
Below are some of the top questions that help clarify the GDPR regime in Austria and how it influences businesses.
What is the GDPR and to what companies does it apply?
The General Data Protection Regulation or GDPR is the newest EU regulation on data protection and privacy, enforced throughout the Union. It allows for greater control over the shared personal information. Any type of company in Austria that is a data collector and processor will observe the new rules. Moreover, the GDPR extends to companies that are not based in the EU but collect data from EU clients.
A residence permit in Austria can be on the list of those who want to relocate to this country. Our recommendation is to ask for specialized legal help and talk to our lawyers to find out everything about the formalities. We mention that such a document is valid for up to 3 years, and the permanent one can be obtained after 5 years of living in Austria a temporary one.
What are the data processor and controller?
The data processor is an individual or legal entity that processes the personal data on behalf of the data controller. The data controller is the individual or legal entity controlling and keeping the information and the one that decides the purpose for which the information is processed.
What are the risks of non-compliance?
Companies in Austria that fail to comply with the new GDPR can face a fine of up to 4% of their worldwide revenue or 20 million EUR, whichever amount is greater. Our team of attorneys in Austria can help you avoid these large fines by implementing the adequate control and monitoring practices and by making sure that the clients and other individuals offer their consent accordingly when their personal data is being collected and processed by your Austrian company.
What are the main issues to remember about obtaining consent from individuals?
With the enforcement of the GDPR, companies in Austria can no longer use the opt-out based consent – the act of giving consent by not declining the consent. An individual must present his/her consent in an explicit manner and freely, or opt-in.
Our team of lawyers in Austria can give you more details about the implementation of the new regulations as well as the option of appointing a Data Protection Officer, or an individual who will ensure that the GDPR processes are followed accordingly.
You can contact our law firm in Austria for a more comprehensive GDPR overview and more information about the legal services we provide.