Title
subtitle
If you don't collect users' data then data protection laws do not apply to your business.
However, if you still manage confidential data (project files, 3D models, etc), Chino.io can provide you with a secure and reliable storage/backend service. Check here for more info.
Sometimes it's very difficult to ensure data anonymity. For example check these two cases:
EU Commission advisory body (Article 29 Working Party) suggests to protect also anonymous data and consider them as personal data. Ensuring non-linkability and avoid re-identification is challenging and needs to be re-ensured over time since technology and datasets availability are evolving rapidly.
For more info check the Article 29 Working Party Opinion 02/2013 on apps on smart devices.
In case you are managing sensitive data check how
Storing data on devices or local memories simplifies your privacy related requirements. For example
usually there is no need to inform Data Protection Authority about processing. For more info
check this
However, according to the above Opinion this practice is not generally considered a good security practice
since it is difficult to erase date from the devices in case of its
thefts or losses. In addition, you must ensure that data on device are encrypted.
Instead, saving data on a server-side will increase your privacy related requirements, but will increase also data security in case of devices malfunctioning, accidents, losses or thefts.
For more info on how to transfer and store data securely on server-side
You are managing personal data and according to EU privacy laws you must ensure specific requirements to inform users and protect data.
From administrative point of view they include:
While from technical point of view you must:
For more info check these sources:
If you think you need more security protection check how
You are collecting and managing a special category of personal data called "sensitive data".
According to current EU and Member States' privacy laws, managing sensitive data impose special security requirements from administrative and technical points of view.
to securely store and manage your data
When storing sensitive data without storing also personally identifiable information, then such data can be considered pseudo-anonymised.
Although pseudonymous data do not reveal directly the identity of data subjects, it can be combined with other external information to reveal people identity. For example check these two cases that lead to big privacy scandals:
Therefore, even though pseudonymization is considered as a good security practice, it is very challenging to implement it properly, and data is still considered personal and need to be protected according to EU laws.
to securely store and manage your data
According to the current EU Data Protection Directives , if you collect data that could disclose users' health status then this data is considered privacy sensitive and you must apply additional security safeguards.
To start verifying if data you are collecting is sensitive or not, please check our blog post on this topic.
to securely store and manage your data
subtitle