What is GDPR?

GDPR (General Data Protection Regulation) replaces Law No. 122/2013 Z. Z. On the protection of personal data and its implementing orders. The application will start from 25. May 2018 throughout the European Union. In the Slovak Republic, a new law on personal data will be paid in addition to the GDPR, which will regulate certain rights and obligations. Companies that work with their clients ' personal data must be prepared to tighten up the conditions relating to the granting of the consent of the person concerned. Consent must be an active statement of will and may not be hidden in terms of trade or contingent upon the provision of the service or delivery of the goods. Various location data and online identifiers, such as the IP address, cookies or the actual location of the data subject, will be considered as personal data. Genetic data, health data and biometric data will be subject to a more stringent protection regime, as they are considered as sensitive data. The withdrawal of consent to the processing of personal data will have to be as simple as its granting. This is accompanied by the right to be forgotten – the right to delete personal data at the request of the person concerned.

Who is GDPR concerned?

The new EU regulation protects the personal data of all natural persons. On the other hand, it tightens the conditions for the use of such data by operators and intermediaries established in the European Union who acquire, collect and process personal data, regardless of whether processing is carried out on the territory of the European Union Or not. Personal data may only be processed if the controller or processor has an appropriate legal basis – either by the consent of the person concerned, for a particular case, subject to specific legislation or for the purpose of fulfilling the contract. The person concerned must be informed of the extent and modalities of the processing of its data. The data obtained may be used only for the purposes for which it was obtained.
On the contrary, GDPR does not provide protection to natural persons, legal persons or natural persons – entrepreneurs (CSR) in the performance of their business. GDPR shall also not apply to cases of processing of personal data solely for personal or domestic use.


GDPR brings many benefits for data subjects, including, for example:

  • Strengthening the protection of personal data across the EU-a single regulation for all Member States;
  • More rights for the natural persons concerned – the right of access, the right to be forgotten, the right to the portability of data, the right to object.


For non-preparedness, non-introduction or violation of these rules, companies are threatened with high fines of up to EUR 20 million. Which may in many cases be liquidating. Therefore, leave the necessary documents to our law firm and avoid any unpleasant facts that will not threaten you if a new regulation is not complied with.