GDPR (General Data Protection Regulation)

Partager cette page

Anne-Laure GALLINE CASTEL

She has a Master 2 in business Law (Université Paris II - Panthéon-Assas), a Master 2 in Private Law (Université Paris Ouest), a lawyer certificate (CAPA) and a Diploma In English Law (University of Westminster - London).

In 2007, she is the head of the legal department at SAGEM WIRELESS.

Lawyer in the Paris Chamber, she is specialised in industrials and commercials agreements in France and worldwide.

Today, she writes contrats and assists companies in their protection strategy and intellectual property.

She teaches Business Law at CY Université.

At first, personal data were not protected. It started by the UN in 1948 as everyone has a right of privacy like home protection, medical and profesional secrecy and privacy.

The GDPR was created in 2018 following the CNIL creation in 1978.

The objective is to standardise data protection laws in the EU while processing personal data.

This reform aims to consolidate the rights of individuals and to introduce the accountability of responsabilities.

Every organisations are concerned by GDPR.

It includes personal data and sensitive data.

Personal data are about a natural person that can be identified directly or indirectly (identity, personal life, career, diploma, GPS, taxes).

Sensitive data are the disclosure of sensitive information (health, sexual orientation).

Processing sensitve data is prohibited except if you have given your consent or if it is vital.

Therefore, information only become data if it is recorded.

Now data collectors must prove that they are compliant with GDPR and respect privacy.