What exactly is GDPR? The EU’s Data Protection Regulation comes into force on 25 May.

The GDPR, the EU’s General Data Protection Regulation, comes into force on Friday 25 May. Finland’s national data protection law, which complements the regulation, comes into force at the same time. The regulation encourages companies and other data controllers, such as PAM, to evaluate their current state of data protection and processing of personal data and to see whether their practices are in line with the new requirements.

Collecting and processing personal data requires a legal basis. Data must be treated confidentially and securely. The regulation also stipulates that unnecessary data may not be kept in registers. Breaches of the Data Protection Regulation may lead to fines or a prohibition on processing personal data.

The Data Protection Regulation affects e.g. how PAM can collect and use members’ personal data, and thus enhances protection of privacy. With the entry into force of the regulation, PAM’s former privacy policy is being replaced with a privacy policy statement (in Finnish) that shows in detail the purpose for which personal data are used and the legal basis for the use of personal data.

“PAM already complies with the current personal data legislation. The new Data Protection Regulation guarantees better protection in personal data processing”, says PAM’s IT Manager Tarja Rönkkö.

The new Data Protection Regulation does not require PAM members to take any action, but it is recommended that you check and update your own membership details in the union’s e-services.