Tiny Notes on GDPR

GDPR applies to all persons within the member states whether long term or short term

You are either a data controller (DC) or data processor (DP)

DCs collect the data

DPs do something with the data

The data processor and data controller should have strong lines of communication between themselves and any other vendors

DP and DC should strive towards only using the data they need

Users should be informed via the privacy notice on how you intend to use their data

Both the DP and DC should be aware of:

-All breaches must be reported within 72 hours

-Which systems house the data

-How the data is transmitted between themselves and others

-The kind of personal data you keep

-Have proof that the user ACTIVELY consented to data collection