Skip to main content

GDPR

What is GDPR?

GDPR stands for General Data Protection Regulation and is very succinctly the updated privacy legislation on the protection of personal data, applicable to European citizens. In Dutch, it is also known as the AVG or General Data Protection Regulation.

The data protection in question requires:

  • appropriate, technical and organizational measures to be taken in the form of information security (firewall, antivirus, antiphishing, etc.)
  • appropriate procedures such as obtaining active consent from data subjects to process their data.

This legislation comes into effect on May 25, 2018, which is why we want to inform you in advance of how we are already doing this today. Because simply storing personal data is already being processed. So when we receive a mailing list from you as a customer (with names, addresses or other personal data), there are certain rules associated with it. We must make these rules clear internally and everyone in the organization must follow them.

What steps do we take?

The first step is to create a data register or register of processing activities. This register (required by Article 30) contains the basis and content of personal data processing and includes suppliers, customers and staff and all their personal data we process from or for them.

When we process personal data for you as a customer, we will place additional emphasis on this and include the processing of this data in this register. These processing details include data owner, purpose, location, accesses, etc. One reason for this is that we need to understand for ourselves the various places where and for whom we keep what personal data.

An EU citizen has a number of rights they can invoke, such as the right of access, the right to modify or delete their personal data, as well as the right to transfer to third parties (Article 20).

For this reason, we always need to know where this data is located.

How do you find out more?

In addition, and this is not mandatory for Graphius, we appoint a certified data protection officer, in the jargon a DPO (Data Protection Officer). He will be responsible for regularly monitoring the application of this legislation, providing the necessary procedures and answering internal and external questions about the AVG.

You can reach our DPO at dpo@graphius.com

Contact us

Your printing partner for magazines, catalogues, brochures, and books.