EU General Data Protection Regulation 2016/679 (GDPR) will enter into force on 25 May 2018. The purpose of the regulation is to increase the individual’s rights in the management and processing of his / her own personal data.
Lymed Oy complies with the regulation and our aim is to develop our operations as openly as possible. In practice, all organizations as registrars and / or personal data handlers are preparing for change. The manufacturing and delivery of Lymed Oy’s products require processing of personal data, based on the nature of the service.
In practice, the preparation at Lymed means to review and analyse systems, to create new data gathering, reporting and removal processes, examine bases for data processing, analysing our security inventory and creating written documents.
What is GDPR?
GDPR is an acronym for General Data Protection Regulation. The Regulation applies in particular to companies and organizations that process personal data in their operations. The Regulation therefore applies to all persons who process personal data in a personal register.
Typically, a person’s registry may be created in situations where employee information is processed, a customer register is collected, which collects information about clients and addresses, maintains a member register, or performs access control. If you are processing personal information on your own systems, you should check out the latest instructions provided by the Privacy Commissioner’s website.
How can a person check their own data?
The person whose data is processed is entitled to have his / her own data registered by the registrant. Lymed is responsible for providing a reply to the controller when the request for verification concerns the manufacturing of the product and therefore information that is needed for it.
When the information is handled on behalf of a client, such as a separate Lymed distributor or care personnel responsible for the orders, the client is responsible for answering the assignment. In these situations, we will work in co-operation with our clients with the appropriate solution and response. According to the regulation, an answer will be sent to a person within one month.
Possible security breaches and reporting