GDPR

THE NEW EUROPEAN GENERAL DATA PROTECTION REGULATION

The GDPR is the new European data protection regulation which came into full effect on 25th May 2018 and requires companies to deploy tools to control and handle specific procedures of client and employee data protection management.

The GDPR applies to all national organizations, both public and private, that process data of EU citizens, and all those in breach of this directive may be fined up to €20 Million or 4% of their annual global turnover.

What you should know

• The GDPR is already in full effect as of may 2018. Your organization must be in conformity with it.
• The aim of the GDPR is to “harmonize” data protection legislation across all Europe and to eliminate the differences between EU legal systems;
• According to the GDPR “personal data” is all information that, directly or indirectly, allows to identify an individual.
• The IP addresses, location data and other aspects that may identify a person are encompassed by the GDPR;
• The regulation is supported by a self-regulated model, leaving the responsibility of interpretation and operationalization to the individual organizations.
• A correct application of the GDPR may require nominating a DPO (Data Protection Officer) and appointing a team with technical and legal know-how about the new regulation.

The GDPR gives citizens the power to:

• Access and control their personal data more easily
• Transfer their personal data to another service provider
• Erase their personal data, i.e., have the right to be forgotten
• Know if their personal information has been affected by any data breach