We live in a global world and are being protected by legal systems that are defined by borders where data is omnipresent. Since 25 May 2018, uniform and binding rules for handling personal data have been in force in all member states of the European Union for the first time. This includes all data that can be used to identify a person. Starting with the name, up to, for example, the characteristics of a cultural nature. In the so-called DSGVO (basic data protection regulation), the legal situation is summarised. 

It is no news that many companies generate their profit from the personal data of the consumer. An example that is probably familiar to everyone is the company Facebook. Although the headquarters of Mark Zuckerberg’s giants are located outside Europe, all companies offering their services on the European market must comply with the rules of the DSGVO. 

The main function of this Regulation is as follows: To strengthen the position of consumers in relation to businesses. But what exactly is changing for the Consumers and how can they make use of their new rights? 

For a company to be able to collect personal data storage and processing at all, they must have the express consent of the consumer available. Information must also be provided, how this data is used. Thus, according to Articles 13 and 14 of the DSGVO, transparency must be created with regard to the recipient, the purpose of use, the duration and the rights to delete, block or correct the data. Even after giving his consent, the consumer has the right to be informed free of charge at any time about the use of his data. 

The Regulation also focuses on data security. If a third-party attempt to obtain data, for example through a hacker attack, companies are obliged to notify the consumer within 72 hours. If incorrect personal data is stored by a company, the consumer also has the right to have it corrected. If there is a wish to have the personal data deleted completely, this is now possible without a court order. 

In short, the consumer benefits only from the DSGVO. Its main purpose is to protect private individuals against companies. But appearances must not be deceptive! In order to make use of your rights, you as a private individual must actively demand your rights towards companies. So in order to create a more transparent and secure data culture in the future, every individual must exercise his or her right. There is a lot of room to enable individuals to have control over their own data. It is cultural normal to have a desire that your private preferences are not abused by the data giants.