We invite all micro, small and medium–sized enterprises to apply for free online workshops:
Compliance with the General Data Protection Regulation is an obligation for all companies operating on the territory of the European Union that are processing personal data of European citizens. However, this does not have to be an administrative burden, but an opportunity for more efficient business operations. The participants of today’s free online interactive workshop organized by the Croatian Personal Data Protection Agency (AZOP) in cooperation with the Croatian Chamber of Economy, intended for micro, small and medium-sized enterprises, were able to find out how to harmonize their business with the GDPR.
The participants were welcomed on behalf of the HGK by the HGK president’s advisor and head of the Education and information Security Department Mr. Petar Misevic who spoke about the importance of educational activities. “Given the trends and the need for digitalization and digital transformation of the Croatian economy, such workshops strengthen the awareness, capacity and skills of all those who will process data in digital form.”
“Despite the pandemic restrictions, we want to successfully implement ARC project and do our job the best way we can to help SMEs to comply with the GDPR. The investments in information security and GDPR are investments that will pay off for sure”, it was emphasized by Mr. Zdravko Vukić, director of the Croatian Personal Data Protection Agency.
The workshop presents basic concepts related to GDPR (controller, processor, personal data, data subject), along with practical examples so that participants can see in which way the purpose of collecting personal data is determined given the specifics of one’s business. It also describes what the processing activity record looks like and under what conditions it has to be kept and how to take into account deadlines for the deletion of different categories of data, as well as agency supervision and what are the basic documents to be provided for the AZOP’s inspection.
It is often a problem for small, medium and micro entrepreneurs to identify who is the controller and who is the processor, which is explained in the example of a bookkeeping service. In some cases, there may also be joint controllers, such as the example of a travel agency, a hotel chain and an airline that jointly set up a website to sell packages.
What is important for entrepreneurs to know and what exactly personal data can be considered. These are all data relating to an individual whose identity has been established or can be determined, while the processing is any process or set of procedures carried out on personal data or on sets of personal data and can be carried out by automated or non-automated means.
The principles to be followed when processing personal data are also clarified. This cannot process data outside the purpose for which it was collected. They must be appropriate, limited in view of the purpose, to what is necessary and kept only for as long as necessary for the purpose for which they are processed.
The participants received some of the templates for the implementation of the GDPR, which can then be adapted to their business operations, as well as a certificate of completed education issued by AZOP as the national supervisory body responsible for monitoring the application of the GDPR in Croatia.
The workshop is one of the activities in the framework of the EU project ARC (awareness raising campaign for SMEs) with the aim of supporting micro, small and medium-sized enterprises in harmonizing business processes with the provisions of the General Regulation on Data Protection. Due to the great interest of entrepreneurs, two more free online workshops will be held in November, 12 November and 13 November 2020.