bento icon close

What are my new main obligations?

Here are the main obligations you must respect:  

  • Implement technical and organizational measures to ensure you and be able to demonstrate that your treatments are carried out in compliance with the GDPR(document a maximum);
  • Ensure that your processing is lawful, fair and transparent;
  • inform people of their rights and respect them;
  • collect the strict necessary data determine and respect a necessary retention period;
  • Maintain a treatment record;
  • Appoint a Data Protection Officer (mandatory in certain cases);
  • Obligation to secure data and process data violations (communication to individuals, notification to the National Commission for Data Protection);
  • Conduct impact analyses for high-risk treatments;
  • Ensure that your subcontractors comply with the GDPR, formalize a new contract and instructions to subcontractors.