What is GDPR?
GDPR (General Data Protection Regulation) is new regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The GDPR becomes enforceable on 25 May 2018. Please refer to the GDPR website for more information ec.europa.eu/info/law/law-topic/data-protection
What is the impact of the GDPR to my passport photo service?
Passport photos are sensitive personal data and as such subject to the GDPR. Therefore if you run a passport photo service and you intend to save the passport photos of your customers you need to implement GDPR compliant procedures and safety measures. Please note that failing to do so may result in fines. The GDPR requirements for storing sensitive personal data such as a passport photo are considerable. On the GDPR website you will find all the information. Our advice is to simply NOT store passport photos of your customers.
What do I need to do if I do NOT want to be storing passport photos?
You will need to:
Make sure you do not use the Auto Archive.
Remove any existing archives you may have stored on your system.
Remove any other passport photos of customers you may have stored on your system.
Do not use email for delivering digital passport photos to your customers.
We have made a short "How to" with instructions :
Short How to
How do I deal with customers needing a digital passport photo?
You can save digital passport photos on an SD card and sell this card to your customer. This is a standard feature in our systems. However, there is a new, secure way of dealing with digital passport photos : IDstation.online. It's available as a free update. Interested? Contact us or your local reseller for more information. The IDstation.online website is IDstation.online