21.2.2018

Isavia working on implementation of EU data protection regulation

Isavia has since spring 2017 been working on the implementation of the EU GDPR (EU General Data Protection Regulation) which will enter into force in May 2018. A project management group is currently working on the implementation and a Data Protection Officer (DPO) has been appointed.
 
GDPR introduces several changes from the previous Data Protection legislation. Rules on data processing (collection, storage, use, destruction and more) are stricter than before and every institution, company and others that process personal data, for other than personal purposes, must comply with them. Personal data is for example information about clients, users of software, students and staff. The new legislation aims to increase protection of individuals (data subjects) and increase their right to decide over information about themselves. In many cases the individual´s consent is necessary for the legality of the data processing and individuals will have an increased right to receive the personal data concerning them and in some cases to have that data erased. 
 
The DPO´s role is to facilitate and monitor compliance with the GDPR. The DPO shall also be the first point of contact for supervisory authorities and for individuals whose personal data is processed (customers, employess etc.). Every enquiry to the DPO will be treated with full confidentiality. The DPO can be contacted at the following e-mail address: personuvernd@isavia.is