Falcon Solutions

Menu

FAQ’S

Frequently Asked Questions Concerning GDPR

Warning: This information is not legal advice. For any questions or concerns, please consult your legal counsel or supervisory authority.

  1. What is GDPR?

GDPR stands for General Data Protection Regulation.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 governs the protection of natural persons with regard to personal data processing and its free movement. It replaces Directive 95/46/EC and has been in effect since 25 May 2018.

GDPR applies in the following cases:

  • If a company conducts activities in the EU;
  • If the processing activities relate to offering goods or services to individuals in the EU;
  • If the company monitors the behavior of individuals within the EU;
  • If EU law applies to the company’s activities.

Important: GDPR does not apply to anonymous data, i.e., information that cannot identify an individual or has been anonymized. This includes statistical or research data that cannot be traced back to a person.

  1. Does GDPR apply to my company?

To determine whether GDPR applies to your company:

  • Identify whether your company operates in the EU or processes personal data of individuals in the EU (see Question 1).
  • Determine if your company processes personal data, as defined by GDPR:
    • Personal Data: Any information relating to an identifiable individual, including name, ID number, location data, or online identifiers.
    • Processing: Any operation performed on personal data, such as collection, storage, or deletion.
    • Controller: The entity that determines the purposes and means of personal data processing.
    • Processor: The entity that processes personal data on behalf of the controller.

Examples:

  • GDPR applies if an employer tracks employees’ assigned vehicles, as this can reveal personal location data.
  • GDPR does not apply if a company monitors fleet locations without linking the data to a specific individual.

If the likelihood of identifying individuals from the data exists, GDPR applies. Consult a legal adviser or supervisory authority for further clarification.

  1. Does GDPR apply to Tarco Trading CC?

Tarco Trading CC does not process personally identifiable data of end users from its partners. However, when a partner processes personal data using Falcon Solutions software, Tarco Trading CC may act as a processor under GDPR (see Question 6).

  1. How does Tarco Trading CC comply with GDPR?

Tarco Trading CC implements all necessary technical and organizational measures to ensure GDPR compliance.

  1. How does Tarco Trading CC obtain consent to process personal data?

Tarco Trading CC does not collect consent from its partners’ clients. If your company processes personal data (see Question 2), Tarco Trading CC is required to:

  • Take actions to comply with GDPR;
  • Have a Data Protection Agreement (DPA) with your company;
  • Fulfill processor obligations under Article 28 of GDPR.

  1. What actions should my company take to comply with GDPR?

If your company is a controller or processor under GDPR (see Question 2), it must comply with Articles 24–34 of GDPR.

For a detailed list of actions, visit: EU Data Protection Guide

  1. What are the penalties for non-compliance with GDPR?

Supervisory authorities enforce GDPR compliance by imposing effective, proportionate, and dissuasive administrative fines on a case-by-case basis.

For more information, refer to Article 58 of GDPR, which details the enforcement powers of supervisory authorities.