In 2017 alone, almost $2.4 billion was lost due to cybercrimes. We expect that number to rise by 2030, costing businesses millions in lost revenue. This is why it is important to stay vigilant and aware of what’s going on around us.
If you want to keep your personal information safe, it’s essential that you learn some of the things that every user should know about data protection article 8.
What is data protection article 8?
Data protection article 8 is the 8th chapter of the GDPR.
This is the section of the GDPR that focuses on what we, as individuals, should know about our data. Article 8 tells us that we have the right to:
1. Be informed
2. Access
3. Erasure and rectification
4. Restrict the processing
5. Data portability
6. Objection to processing
7. Not be subject to automated decision making, including profiling
Being informed means…
If our data is being collected we should be informed. We should know how our data is being processed and stored, what information is being collected, who has access to our data and for how long it is going to be used.
We have the right to have a copy of any personal information that businesses or individuals hold about us. This can be at any time.
When we find out that our data has been hacked or leaked, we have the right to know about it. The company or individual holding our data should tell us as soon as possible.
Access means
Whenever we ask for it, we should be able to access our data. This is so we can see what information collected about us. Also, how long they’ll keep it, who is accessing it and how will they use it.
We should also be able to download a copy of our personal information if the company or individual holding it for us is unable to provide this information in an accessible format.
Erasure and rectification means
Whenever we request it, they must erase our personal data. This is so that the company or individual holding our information cannot access it. It’s important to note that this will not be done if the data is still needed in order to comply with the law or for other legal reasons.
If we find that there are mistakes in our personal information, we have the right to have those mistakes rectified so that any future use of our data is correct.
Restrict processing means
Sometimes, we may want to restrict the way in which they process and use our data. If this is the case, we have the right to have any automated decisions involving our data reviewed by a human being.
If you don’t want your data in this way anymore, you have the right to have your personal data deleted.
However, please note that there are some instances where this won’t happen. If this is the case, you will be notified of why and given detailed information about your right to object instead of your personal data being deleted.
Any further processing of your data will only be done with your explicit consent again. If you choose not to give consent again, your personal data will not be processed at all by anyone else than yourself or a third party you’ve authorized yourself.
Data portability
This means that we have the right to take our data with us when we leave a company or an organization. However, if you have agreed to the terms and conditions of use of a specific website, such as Facebook, you may not be able to take your data with you.
Objection to the processing means we can object to the way in which our data is being processed. For example, if we feel that the way in which our personal information is being used is illegal or against our rights and freedoms.
Not being subject to automated decision making, including profiling means we have the right not to be subject to decisions that are based on automated processing or profiling. This means that any decisions which are made about us should be based on actual facts and information rather than just assumptions.
Conclusion
Data protection article 8 is a very important part of the GDPR. It gives us, as individuals, the right to know what’s happening to our data. We have the right to see how it’s being used, how it’s being stored, who has access to it and how long we’re going to be profiled.
Data protection article 8 also allows us to take our data with us when we leave a company or organization and even object to automated decisions that are made about us.
Article 8 of the GDPR is all about giving us, as individuals, more control over our personal information.