The GDPR is the strongest global privacy law in effect today.

Created by the European Union (EU) to regulate how organizations collect, handle, and protect personal data of EU residents. 

The GDPR took effect on May 25, 2018, and is a binding regulation written directly into Member States’ laws. It is designed to strengthen privacy rights by giving data subjects control of how their personal data is obtained, used, and shared.   

The GDPR outlines certain obligations organizations must follow which limit how personal data can be used. It also defines eight data subject rights that guarantee specific entitlements for individual’s personal data. Ultimately giving individuals more autonomy over their personal information and how it is used.   

The GDPR outlines eight fundamental data subject rights, plus the right to withdraw consent:   

1. Right to be informed (GDPR Articles 12 to 14). Data subjects have the right to be informed about the collection and use of their personal data. 

2. Right to access (GDPR Article 15). Data subjects have the right to view and request copies of their personal data. 

3. Right to rectification (GDPR Article 16). Data subjects have the right to request inaccurate or outdated personal information be updated or corrected. 

4. Right to be forgotten / Right to erasure (GDPR Article 17). Data subjects have the right to request their personal data be deleted. 

5. Right for data portability (GDPR Article 20). Data subjects have the right to ask for their data to be transferred to another controller. 

6. Right to restrict Processing (Article 18). Data subjects have the right to request the restriction or suppression of their personal data. 

7. Right to withdraw consent (GDPR Article 7). Data subjects have the right to withdraw previously given consent to process their personal data. 

8. Right to object (GDPR Article 21). Data subjects have the right to object to the processing of their personal data. 

9. Right to object to automated processing (GDPR Article 22). Data subjects have the right to object to decisions being made with their data solely based on automated decision making or profiling.   

All personal data collection and processing processes carried out or may be carried out by Defenda Network comply with GDPR standards.