Since 2006, the Committee of Ministers of the Council of Europe has established the January 28 as European Day of Personal Data Protection. The celebration of this day aims to raise awareness and inform citizens on matters concerning the protection of their personal data.
On this date, governments, parliaments, national data protection authorities and other bodies carry out activities to raise awareness of personal data protection and privacy rights. These may include campaigns aimed at the general public, educational programs for teachers and students, as well as free access to data protection bodies and conferences.
Personal data & sensitive personal data
The personal data concern any information related to a natural person, regardless of whether the information refers to the private, professional or public life of the individual. Personal data may be a name, a photograph, an email address, the details of a bank account, information posted on social networking sites; (social media), information about medical history or the IP address a computer.
Sensitive personal data is the data that has to do with the racial or national origin, the political opinions, the religious or philosophical beliefs, the membership in a trade union, the health, the social welfare and the love life as well as with the relevant information about criminal charges or convictions.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) adopted on 27 April 2016 and implemented on 25 May 2018, it protects the personal data of citizens across the European Union (EU). The decree also affects data exports from the EU. The GDPR aims to give citizens control over their personal data, it simplifies regulations on economic relations with other countries, standardizing EU processes. People and companies that do not comply with the GDPR may be subject to a heavy fine.
For this reason, now on all reliable websites we find sections that request our approval for the storage of cookie files on our devices, while giving us information about the ways in which they manage our personal data.
How we disclose our personal information in our daily lives
We "expose" personal information every time we post something about us or something that appears to be posted by us. For example, sometimes to upload a photo to be liked by our "friends" can put us in danger. Through photography can someone find out where we live, where we are at that moment, where we frequent, who we hang out with and other personal information that we would certainly not trust to a stranger. So it is imperative that we be very careful with what information we “share” online and think twice before sharing anything. In fact, when other people are depicted in the photo we intend to share, it is our obligation to ask for their consent before taking any action.
Completing information on social media also it is a very fast and simple way to publish our personal data. Many users, without paying particular attention to the security of their personal information in social media, allow themselves to be intercepted and possibly used without their consent. For this reason there is regulation of personal privacy, which you might want to revisit because of the day! From there you can easily control who will be able to see this personal information, thus keeping away from those unknown and often malicious "eyes".
How to protect your personal data
In general it is good to try to keep them under control as much as possible by think carefully about who will be able to access them after you disclose them. If someone is asking for your personal data, for example a website, see if it is reliable, if you trust it and get to find out how he will use them, whether it will send them to third parties, etc., as well as whether it installs cookies and if it forwards information about you to advertising companies. The use of your data for advertising purposes should be permitted only with your consent so always make sure to read the "fine print".
If you receive emails, SMS or messages on Facebook and other social networks, asking you for information and personal data, don't answer if you're not sure who they're from. Remember to log out of websites you have entered/logged in to using passwords. Keep your computer safe by using firewall and antivirus programs and keeping them up to date.
Your rights vis-à-vis companies, organizations or websites to which you have provided your personal data
- Access to your personal data
You can request access to your personal data held by a business or body, and you have the right to receive a copy of your data, free of charge, in an easy-to-use format. They should reply within one month and they have to provide you a copy of your personal data as well as any relevant information about how this data was or is being used.
- Correction of your personal data
If a company or organization has stored inaccurate or incomplete data about you you can ask to correct or update them.
- Porting your personal data (right to data portability)
In some cases, you can ask a business or body return your data to you or transfer it directly to another business, if this is technically possible. This is known as 'data portability'. For example, you can use this right if you decide to replace a service with another similar one - e.g. move from one social networking site to another - and want your personal data transferred quickly and easily to the new service.
- Deletion of your personal data ("right to be forgotten")
If your personal data is no longer necessary or is being used illegally, you can request its deletion. This is known as the "right to be forgotten".
The rules also apply to search engines, such as Google, as these machines are considered data processors. You may request the removal from search engine results of links to websites that mention your name if the information is inaccurate, inappropriate, irrelevant or excessive.
If a business has your personal data online and you ask them to delete it, the business must inform and any other website to whom it has communicated them.
To protect other rights, such as freedom of expression, some data may not be automatically deleted. For example, controversial statements by public figures cannot be deleted if the public interest is better served by keeping them online.
- Accessing your data without authorization (data breach)
In case of theft, loss or illegal access (personal data breach), the data controller (the person or entity managing your personal data) must make a relevant report to the national data protection authority. The data controller must also inform you immediately in the event that your personal data or privacy is seriously compromised due to the breach.
Following basic privacy rules can help keep this valuable information safe. If you discover that someone is violating your personal data, collecting it or disclosing it without your consent, you can contact Data Protection Authority.