What is GDPR?

The GDPR is a European regulation that came into force on May 25, 2018. Its main objective is to give European citizens greater control over their personal data and ensure their rights are respected. Among these, the GDPR covers: the right to information, the right of access, the right to object, the right to rectification, the right to be forgotten, and the right to data portability.

The GDPR also makes management accountable and allows data protection authorities (such as the CNIL in France) to sanction organizations in the event of non-compliance. Finally, the GDPR aims to protect vulnerable individuals, such as people with disabilities, minors, and the elderly. In practice, their personal data will need to be more protected than employees' first and last names, for example. In this spirit, the GDPR also strengthens the protection of health data, classified as sensitive data.

Who does the GDPR apply to?

The GDPR (General Data Protection Regulation) applies to all entities that process or use the personal data of European citizens. It's not just limited to legal notices or cookie management: it also covers elements such as physical documents, contracts, client files, employment contracts, and much more. When it comes to security, every organization—whether a company, an association, or a public institution—must implement measures to ensure data protection against risks such as loss, alteration, or unauthorized disclosure. This is what we have done at Baghera/wines.

Respecting and Protecting Privacy

At Baghera/wines, we have appointed a Data Protection Officer (DPO) and a GDPR contact. These two roles, in collaboration with management (also referred to as the "data controller" under the GDPR), are essential for implementing and monitoring GDPR compliance.

The Data Protection Officer, who has been appointed to the relevant authorities (CNIL), has several key missions:

• Advising and informing the organization and its employees on all matters related to the GDPR
• Ensuring compliance with European regulations and national data protection legislation
• Acting as the primary contact for data subjects for any questions relating to their personal data
• Acting as a point of contact for the authority, particularly in the event of a data breach or audit.

To strengthen this approach, Baghera/wines has sought the expertise of Blockproof, a French company specializing in data protection, to assist us in this mission.

At Baghera/wines, we are particularly vigilant about protecting the data of all our stakeholders, whether they are our employees, customers, or partners. This is why this approach and the tools we have put in place to protect individuals are so important.