30 November 2017

Our regular readers know that the clock is ticking, the General Data Protection Regulation will the part of our daily lives within 6 months. Despite this fact, the Hungarian SME sector seems quite unprepared for the changes. That is why we have decided to organize a small “conference” for our clients to raise their awareness on the GDPR and the necessary steps to be prepared.

At the beginning our managing partner Richard summarized to most important key terms of the GDPR: what is personal data, who is the data controller and what are the rights of the data subjects. Richard paid special attention to the usage of cloud services and why this may be problematic from GDPR point-of-view. At the second part of his presentation Richard showed what are the basic steps of a GDPR-readiness project and stressed out the importance of the education of employees which is often forgotten.

After that Anita talked about the question related to data processing at work, recalling the basic problem that it is often

hard to find the balance between the legitimate interest of the employers and the rights of privacy of the employees. She started with the recruitment process and answered the frequent question whether it is legal to check the Facebook-profile of the candidate. The main part of the presentation was about the monitoring of ICT usage particularly monitoring the company e-mail address, company notebook, company phone. Finally, Anita mentioned how to use systems which enable employers to monitor the company vehicles used by employees.

The final presentation has been held by Viktória about the camera surveillance and sound recording during phone calls. Viktória mentioned that not all usage of camera is regarded as surveillance, for example using a fake camera cannot be problematic from data point of view. She stressed out that cameras at workplace cannot be used for the permanent control of the employees, there must be another reason (eg. protection of property). Viktória mentioned that when recording of phone calls often justify with quality assurance reasons which may be problematic under the GDPR.

After the presentations, our guests had the opportunity to ask questions which we answered during the pleasant breakfast. We would like to thank our guests for coming and we hope that they found this program useful.