Information about GDPR regulation

The EU General Data Protection Regulation (GDPR) takes effect on the 25th of May 2018. All member companies of the WebEye Telematics Group, including your WebEye Service Provider, pay particular attention that our services meet the increasingly stringent data protection requirements.

We also strive to help you integrate our services into your own work procedures and systems in compliance with the data protection requirements.

Throughout the preparation for the GDPR, in the coming months we will:

  • provide you with all required information to ensure a smooth transition to the new data protection regulation,
  • prepare to support you with information and practical advice as to how our services that you use and the related GDPR duties can be interpreted in terms of your internal processes to ensure that you can successfully fulfil your own obligations in the GDPR introduction in your processes where you qualify as Data controller or processor.
  • define the guidelines we set for ourselves as requirements and execute these consistently in our operation.

Feed

Documents for download

FAQ

What is GDPR?

Regulation (EU) 2016/6791, the European Union’s (‘EU’) new General Data Protection Regulation (‘GDPR’), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU.

What constitutes data processing?

Processing covers a wide range of operations performed on personal data, including by manual or automated means. It includes the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.

What is a data controller or a data processor?

The data controller determines the purposes for which and the means by which personal data is processed. So, if your company/organisation decides ‘why’ and ‘how’ the personal data should be processed it is the data controller. Employees processing personal data within your organisation do so to fulfil your tasks as data controller.

Relating to the WebEye Service who is data controller or data processor?

The loval WebEye Service Provider is the data processor, while the Subscriber of WebEye Service is the data controller regarding the personal data (e.g. driver’s name) provided by the Subscriber and stored in the WebEye system relating to the WebEye Service.

When does the local national Service Provider count as a data controller during the contracual relationship with the Subscriber?

The local WebEye Service Provider is the data Controller of the contact persons’ and representatives’ data provided by Customers during the contractual relationship.

Does your local national Service Provider include other data processors during the provision of WebEye Service?

Yes, during the provision of the WebEye Service your local national Service Povider includes WebEye International Kft., as data controller and as the company entitled to sell WebEye Service on an international level and to provide the services necessary for the WebEye Service. Furthermore, the WebEye International Kft. involves LAMBDA-COM Kft., as data controller and as the owner of the rights of WebEye Service and provider of the technical conditions for it.

What is the legal ground of the local national Service Provider's processing activity?

The national local service provider carries out its processing activities either upon the General Business Terms and Conditions or upon the data processing agreement with regard to the type of the subscription contract concluded between the parties.

Is it possible to export all the peronal data processed in WebEye system?

Yes, if the data subject can be identified upon the data stored and available in the WebEye system. E.g. an non-personalized route data of a vecihle – meaning that the Data Controller (the Subscriber) did not sumbit driver’s name connecting to tha vehicle – can only be exported as personal data, if it is personalized by the Data Controller. All the reports and data involved in the reports can be export and used by the data controller according to its own internal policy.

Is it marked in the WebEye system that the data was modified?

In the WebEye system the modification of the data is not automatically marked, but it is logged (e.g. the fact that the driver’s name was modified). However, as e.g. in case of driver’s data, the WebEye system provides the possibility to add any kind of character in the given column, therefore when the data controller (the Subscriber) modifies/corrects the data, a unique sign E.g.* can be added next to the driver’s name. And in its own internal policy can be regulated that the * sign means the modification of the data.
The WebEye system’s other typical data, the route data of the vehicles cannot be modified due to the technological charecteristics of the system.

Can the data subject directly contact the local WebEye Service Provider regarding his/her personal data processed in WebEye system?

Considering that the WebEye Service Provider does not have contractual relationship with data subject, but with his/her employer, the Customer, the data subject can directly contact his/her employer relating to data processing.

For more information please visit the sites below:
Data protection self assessment https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/
Key definitions https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/
Data protection – European Comission https://ec.europa.eu/info/law/law-topic/data-protection_hu

If you have further questions, please send us by the form below.