The Tuesday seminar kicked off with data transfers to third countries or to international organizations. Mr David Burian, head of the division of accreditation and data transfers, explained the main principles and definitions. He also approached transfers based on adequacy decisions, binding rules or relevant exemptions.
Ms Vanda Foldová, head of the supervisory department, introduced new aspects related to administrative sanctions. She emphasized the individualization of fines which pursuant the GDPR should be effective, proportionate and dissuasive.
Moreover, detection of a breach does not necessarily mean penalization. The office can impose a noon-financial remedial measure. “We take into consideration the nature, gravity and duration of the breach as well as the fact whether it was intentional or by negligence and if the controller has already taken steps to mitigate the damage. We also note the way we learned about the breach and if it occurred for the first time. Of course, we take very much into account the level of the controller´s cooperation in the effort to find remedy.” said Ms Foldová.
The agenda was closed by Ms Miroslava Matoušová, the president´s advisor, who focused on the main features of the data protection act and also on certain aspects relating to the nomination and position of DPOs.
This seminar taking place at the office´s premises was the eleventh in the series already.