The GDPR made simple( r) for SMEs
Contributor(s)
Jasmontaitė-Zaniewicz, Lina (editor)
Calvi, Alessandra (editor)
Nagy, Renáta (editor)
Barnard-Wills, David (editor)
Language
EnglishAbstract
"This user-friendly Handbook offers guidance and practical suggestions for small and medium-sized enterprises (SMEs) that could facilitate compliance with the General Data Protection Regulation (GDPR).
Being primarily addressed to enterprises for which personal data processing is an auxiliary activity, the Handbook explains how to navigate the barrage of resources available on GDPR. In doing so it provides an overview of the main actors in the European data protection landscape. It also clarifies the scope of data protection law and the scope of its application to SMEs. The Handbook introduces concepts and principles that form the crux of personal data protection legal framework and then it unpacks the theory and practice of the risk-based approach to personal data protection.
The Handbook seeks to go beyond a mere description of GDPR provisions and obligations stemming from them. It includes a set of proactive measures that were put forward by European DPAs and bodies. In addition, it provides references to other publicly available (open access) resources that also provide practical suggestions.
The handbook was prepared in the context of STARII project (2018-2020), co-funded by the European Union under the Rights, Equality and Citizenship Programme 2014-2020 and ran in the partnership of the National Authority for Data Protection and Freedom of Information (NAIH) (coordinator), the interdisciplinary Research Group on Law, Science, Technology & Society (LSTS) of the Vrije Universiteit Brussel (VUB), and Trilateral Research Ltd (TRI IE) "
Keywords
GDPR, SMEs, Small medium enterprises, General Data Protection RegulationDOI
10.46944/9789461171092ISBN
9789461171092, 9789461171108Publisher website
https://www.aspeditions.be/en-gb/home.htmPublication date and place
Brussel, 2021Classification
Business and Management
Commercial law
Data protection law