European regulation 679/2016 (General Data Protection Regulation – GDPR) which came into force on May 25, 2016 and will be of. obligatory as of May 25, 2018.The company is obliged to obtain explicit consent for the processing of personal data of its customers.
The new regulation represents a turning point for companies that process personal data within their business areas, by moving from a reactive model to a model based on the principle of proactive responsibility which requires a conscientious, diligent and proactive attitude in the organizations’ compliance with the Regulations.
This proactive responsibility translates into the controller implementing appropriate technical and organizational measures to ensure and be able to demonstrate that the processing is compliant with the new Regulation.