Codes of conduct according to data protection legislation
What is the purpose of implementing a code of conduct in a company’s operations?
Implementing a code of conduct in an organisation's operations can help the organisation to:
to show more transparency and accountability, which can enable other companies and individuals to better understand whether the processing of personal data meets the requirements of the Data Protection Regulation, and at the same time help them to assess whether it is appropriate to trust the company with personal data.
to gain competitive advantage.
to take effective precautions to reduce the risks associated with the processing of personal data and the fundamental rights and freedoms of the data subjects.
to prepare processes in relation to certain actions under the Data Protection Act, such as transfer of personal data to other countries.
set goals and requirements for good practice.
reduce the likelihood of coercive measures against the company.
demonstrate that the company has taken appropriate precautions in relation to the transfer of personal data outside the EEA.
Finally, one of the factors that affects the decision on administrative fines, according to Article 47 of Act No. 90/2018 on Data Protection and the Processing of Personal Data, is compliance with established codes of conduct.
