How it works

• Much has been written and transmitted about the amendment to the General Data Protection Regulation on May 25th of 2018. We therefore leave several warnings about it:
   
  In the case of an Organization

​

• Consents given by workers before the above date are void at this time;

• Curriculum's - The entity shall proceed to the safe destruction of the same in its possession;

• As for those who receive it, it must first define a shelf life, and after expiry it must also destroy them (for that purpose, it is suggested to use a computer application that automatically deletes the documents);

• Existing physical files (using doors and locks or safes) containing personal data must be closed;

• Only the person responsible for personal data can have access to them. Even when the process is not in the active, access should be prohibited to unauthorized third parties;

• Documents called drafts can't be used in any way when they contain personal information;

• In the event of an undue attack on the documentation, the National Data Protection Commission (CNPD) should be involved within 72 hours after the situation is known;

• It is always convenient to participate in the CNPD, since fines will be imposed for the lack of communication in due time.;

• Please note that access to everything visible in your office is within the reach of cleaning staff and those responsible for security;

• In case of attachment of wages to workers, the salary receipt must not be sent to the Executive Agent;

• The request for personal data in a contractual relationship (contract of employment) or pre-contractual there is no violation of the GDPR. You may not use the same data for other purposes;

• Current employment contracts will have to have an addition to contemplate the changes imposed as of May 25th, 2018;

• The employment contracts to be concluded, will have to have new clauses.