It is not uncommon for people to provide personal information when hiring a service or when making an online purchase, without any guarantee of what will be done with this data, for how long it will be saved or to whom it will be conveyed. Personal data often ends up circulating on the internet, the result of countless cases of data leakage or misuse, which usually ends up being inconvenient and causing a lot of headaches for the data owner.
The General Data Protection Regulation (GDPR) was created with the objective of increasing companies’ responsibility for how they handle personal information, preventing abuse and the unauthorized use of data.
That is why every company that collects, processes, stores or transmits personal and sensitive data must adopt careful and reinforced governance measures in order to avoid running afoul of the law.