EU citizens are in charge of their own personal data as companies now must comply with the General Data Protection Regulation (GDPR). Our guide gives you a quick look on how this new regulation affects the people, businesses and how you best prepare before it’s in full effect.
Earlier this year, the European Council, European Commission and European Parliament replaced the 1995 Data Protection Directive with GDPR, in order to enforce and unify data protection. The regulation applies to every business that handles personal data of EU citizens; personal data here meaning any type of information that relates to private, professional or public life, i.e. posts on social media, email address, IP address, photos, etc. Note that it’s not just companies within the EU that must comply with the new regulation, it’s for EVERY company that handles information on EU citizens, no matter where that company might be located. Do not stress though, you have one year to prepare procedures and documentation before the GDPR is in full effect. Your deadline is May 25, 2018.
THE SHORT STORY
With GDPR, the data subjects (EU citizens) have a say in how their information is handled. They have the right to have their data removed from a company’s database, and also the ability to transfer information from one company to another.
As GDPR allows the people to be in charge of their own information, they also need have access to it, right? In other words, to be compliant with the regulation, businesses must be able to present what data they have and how they’re handling it in a clear and understandable way, in case any of the data subjects asks for it. Transparency is key.
So, what happens if you do not comply with GDPR at all? Well, there’s yet another risk of large fines – up to €20 million or 4% of your business’s annual turnover is a quite good incentive to abide this regulation. GDPR does not apply to activities related to national security or law enforcement.
This new regulation is a priority for eMarketeer, and we will be fully GDPR compliant. For EU’s official take on GDPR, click here.
What are your thoughts on GDPR? Yay or nay? Let me know in the comments.