The European Union’s General Data Protection Regulation (GDPR) applies to all personal data processing in the EU. GDPR defines the rights of people whose data is processed (data subjects) and regulates how personal data may be processed and stored. The regulation applies to all data controllers and processors operating in the EU.
Disclaimer: GDPR and your domestic privacy laws may differ. Consult with your internal subject matter experts to ensure you comply with all relevant legal requirements.
When your organization deploys video management software (VMS) such as XProtect in the EU, it must adhere to GDPR and other privacy laws if outside the EU.
GDPR regulates how personal data can be processed across your entire organization, making compliance essential. However, since the requirements vary depending on the purpose of the data being processed, understanding how to deploy and operate the XProtect VMS in line with GDPR can be challenging.
To guide your organization with the process of installing, configuring and operating XProtect in compliance with the GDPR regulation, we have prepared a technical guide on how to manage default values, settings, functions, and warnings in areas where personal data is processed.
Additionally, consult the XProtect VMS hardening guide and XProtect VMS certificates guide for more information on ensuring VMS security.
Here are guidelines and templates for various nations’ Data Processing Authorities:
European Data Protection Board
Standard Contractual Clauses for the Data Processing Agreement
Other guidelines
France
Commission nationale de l'informatique et des libertés
CNIL GDPR tool kit
Italy
Garante per la protezione dei dati personali
GDPR - Regolamento 2016/679 - Garante Privacy
Germany
Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Denmark
Rollefordeling: Dataansvarlig og databehandler
Download skabelon