The general regulation for the protection of personal data n. 2016/679 (General Data Protection Regulation or GDPR) is the legislation to reform European legislation on data protection.
Published in the European Official Journal on 4 May 2016, it entered into force on 24 May 2016, but its implementation will take place after two years, therefore from 25 May 2018.
Since this is a regulation, it does not need to be transposed by the Member States of the Union and will be implemented in the same way in all the States of the Union without any freedom of adaptation. Indeed, its purpose is the definitive harmonization of the regulation on the protection of personal data within the European Union. In this sense, therefore, there will be no Italian legislation on the subject, but rather clarifications in relation to some aspects, for example on the powers of the National Guarantor Authority.
The new regulation is more explicit than Directive 95/46, proclaiming the protection of the right to protection of personal data as a fundamental right of persons
Italian version translated into English
Right to data portability
Export you personal data that is stored on this shop. Generate a .csv file that contains all of your sensitive data.
Right to be forgotten
Delete your account from the shop along with all of your personal data. All of your addresses, orders, and other informations will be lost.
Right to be anonymous
Change your informations with fictive data. This way your identity is protected.
Right to be informed
This covers any gathering of data by companies, and individuals must be informed before data is gathered.
Right to have information corrected
This ensures that individuals can have their data updated if it is out of date or incomplete or incorrect
Right to restrict processing
Individuals can request that their data is not used for processing.
Right to object
This includes Right of individuals to stop the processing of their data for direct marketing.
Right to be notified
If there has been a data breach which compromises customer's personal data, you have a right to be informed within 72 hours of first having become aware of the breach.