The Ventureon team has always been careful to protect the personal data of its customers, partners and investors. Therefore, the appearance in the EU of a new regulation on the protection of personal data (known as GPRD) rather than has embarrassed us, but was accepted by us with approval.
The right to the non-disclosure of personal data in the era of the Internet, social networking is, in fact, a part of the right to liberty and security of person, as well as the right to respect for private property and private life.
In the process of working on our project, we considered implementation of the requirements of this document in it.
In essence briefly:
The regulation established that business processes that process personal data must be built on the principle of "Privacy by Design and by Default". This means that personal data must be stored using pseudonyms or full anonymization. At the same time, by default, the highest level of privacy is used in such a way that these data are not available to third parties without the explicit consent of the owner and could not be used to identify a person without additional, separately stored information about him.
The regulation provides that the operator of personal data must accurately state what data is collected and how, why they are processed, how long they are stored, and whether these data are distributed to third parties.
What is meant by personal data in GPRD: any information about an individual, regardless of whether it concerns his personal, professional or public life. It can be anything: name, home address, picture, e-mail address, bank details, messages on social networking sites, medical information, computer IP address, etc.
Processing of personal data will be legal only if it is carried out with the permission of the owner of these data.
Let us dwell on the right to be forgotten. This is a human right that allows an individual to demand, under certain conditions, the removal of his personal data from the general access of the Internet search engines (hereinafter referred to as the Internet), that is, links to those data that, in his opinion, can cause personal moral and professional harm. This applies to obsolete, inappropriate, incomplete, inaccurate or redundant data or personal information, the legal grounds for the storage of which disappeared over time.
This is certainly the most important element of personal data protection, which will be widely used by users of our system.
Is it possible to ignore GPRD?
Theoretically, it is possible if you do not operate in the EU markets and do not come to the attention of a special commission charged with monitoring compliance with the GPRD rules. And those who are caught will get a fine, the size of which can reach up to 20 million euros!
Therefore, we developed our own concept of work to comply with the rules of the Regulations.
How will this work?
Firstly, the collecting of the personal data of the projects users only with their consent.
Secondly, leaving your personal information, the user will know exactly what it is gathered for and how it will be used.
Thirdly, all personal data are stored in the blockchain, but is encrypted with an additional private key. This is besides basic encryption. When you receive an application for oblivion, the additional key is destroyed. Personal data turns into a meaningless set of symbols. It will not be possible to recover the deleted data.
As you can see, the Blockchain Ventureon keeps pace with the changes in the legal field and again declares its desire for the absolute legality of its activities.