Skip to main content

FAQ & Help

Here you will find frequently asked questions and the relevant answers on topics relating to Seewara. If your question is not listed, our customer service team will be happy to provide you with further assistance – Monday to Sunday from 6am to 10pm.

Online

How to reach us

Do you have questions or need help? Talk to us: Monday to Sunday from 6 a.m. to 10 p.m.

What is the GDPR?

The GDPR (General Data Protection Regulation) is a regulation of the European Union (EU) that aims to strengthen and harmonise the protection of personal data and the privacy of EU citizens. It was adopted on 27 April 2016 and came into force on 25 May 2018. The GDPR applies to all companies and organisations that process the personal data of EU citizens, regardless of whether these organisations are based within or outside the EU.

Aim of the GDPR

The main objective of the GDPR is to strengthen data protection, increase transparency in data processing and ensure the free flow of personal data within the EU. It aims to protect citizens from the misuse of their personal data while providing businesses with clear rules for handling personal data.

Key principles of the GDPR

The GDPR is based on a number of fundamental principles that govern the handling of personal data:

  1. Lawfulness, fairness, transparency:
  • Personal data must be processed lawfully and transparently, so that the data subject is always informed.
  1. Purpose limitation:
  • Data may only be collected for specified, explicit and legitimate purposes. Subsequent use of the data for other purposes is only allowed under certain conditions.
  1. Data minimisation:
  • Only the minimum amount of personal data necessary for each purpose may be collected and processed.
  1. Accuracy:
  • Data must be correct and, if necessary, kept up to date. Incorrect data must be deleted or corrected without delay.
  1. Storage limitation:
  • Data must only be kept for as long as necessary to fulfil the purpose for which it was collected. Once the purpose has been achieved, the data must be deleted or anonymised.
  1. Integrity and confidentiality:
  • Appropriate security measures must be taken to protect the data from unauthorised access, loss or destruction.
  1. Accountability:
  • Companies must be able to demonstrate that they are implementing the principles of the GDPR in practice.

Important rights for data subjects

The GDPR strengthens the rights of data subjects, i.e. the individuals whose data is being processed. The most important rights include:

  1. Right of access (Art. 15):
  • Every data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and further information.
  1. Right to rectification (Art. 16):
  • Data subjects have the right to have inaccurate or incomplete data rectified.
  1. Right to erasure (right to be forgotten) (Art. 17):
  • Data subjects can request the erasure of their data if it is no longer needed for the purposes for which it was collected or if the processing was unlawful.
  1. Right to restriction of processing (Art. 18):
  • Under certain conditions, data subjects can request that their data only be processed to a limited extent.
  1. Right to data portability (Art. 20):
  • Data subjects have the right to receive their data in a structured, commonly used and machine-readable format and to transmit it to another provider.
  1. Right to object (Art. 21):
  • Data subjects can object to the processing of their data if it is carried out on the basis of legitimate interests or used for direct marketing.
  1. Right not to be subject to automated decisions (Art. 22):
  • Data subjects have the right not to be subject to a decision based solely on automated processing that produces legal effects concerning them or similarly significantly affects them.

Responsibilities of companies and organisations

Companies that process personal data have a number of obligations to ensure that they comply with the GDPR, including:

  1. Data protection by design and by default:
  • When developing systems and processes, companies must ensure that data protection aspects are taken into account. This means that data protection must be designed from the outset (Privacy by Design) and the standard settings must be as data protection-friendly as possible (Privacy by Default).
  1. Record of processing activities:
  • Companies must maintain a record of all processing activities, in particular the type of data, the purpose of the processing and the categories of recipients.
  1. Data protection impact assessment (DPIA):
  • If a processing operation is likely to result in a high risk to the rights and freedoms of data subjects, a data protection impact assessment must be carried out.
  1. Data breach notification:
  • In the event of a data breach (e.g. a hacker attack), companies must report it to the relevant supervisory authority within 72 hours. Affected individuals must be informed if the breach is likely to affect their rights and freedoms.
  1. Contracts for order processing:
  • When companies commission third parties (processors) to process personal data, clear contractual arrangements must be made to ensure that the processor complies with the GDPR requirements.

Sanctions and fines

The GDPR imposes significant penalties for non-compliance. Fines are based on the severity of the violation, but can be as high as 4% of a company’s global annual revenue or €20 million (whichever is higher). Less serious violations can also result in fines of up to €10 million or 2% of annual revenue.

Conclusion

The GDPR ensures that personal data protection is harmonised at the European level. It gives citizens more control over their data and requires companies to maintain high standards when handling personal data. The regulation has global implications as it also applies to companies that process data from EU residents, and has brought data protection into the global spotlight.

Simple. Secure. Monthly subscription.

Easy payment by direct debit. Can be customised monthly.

Company

Support

Do you have any questions or suggestions?

We are here for you every day from 6 a.m. to 10 p.m. – via WhatsApp or write an e-mail, or feel free to call us.

For better readability, we use the generic masculine.
The personal designations used throughout our range of products and services refer to all genders unless otherwise indicated.
For better readability, we use the generic masculine. The personal designations used throughout our range of products and services refer to all genders unless otherwise indicated.