Compliance with the GDPR Regulation for a CAD Organisation

The economic and social integration which results from the internals' market functioning led to a significant growth of the cross-border flows of personal data. The technology allows both the private societies and the public authorities to use personal data on a totally different level within their activities. More and more, individuals make public worldwide personal information. The main objective of this work is made up of the carrying out a study, within a CAD organization where the implementation of the quality policy, the security of information and lately the politics of personal data protection - as an integral part of general politics of the organization, benefits from the special attention of the managerial team. The authors' contribution to this work was possible through the development of such politics which are defined as principals and basic rules to manage the personal data processing. An agreement/consent has even been discussed regarding the processing of personal data where the fact is mentioned that personal data will be collected, processed and stored by the company, to the extent permitted by the relevant legislation. A mapping of the processing personal data has been made which represents an overview of the processing of the personal data. The impact assessment over the data protection was made based on a step by step analysis of the processing activities that will help the operator to identify and analyze all the risks which this can generate. This evaluation is required in the case of the susceptible processing to generate a higher risk.