The GDPR stands for the General Data Protection Regulation. It is designed to give more control to EU citizens of their personal data and applies to any company that holds or processes any personal information/data that belongs to citizens in the European Union. If you hold any personal information that conforms to this within your business, you MUST comply with the regulations from the 25th May 2018. It is the first global data protection law and experts believe that this aspect alone “will contribute significantly to all companies around the world – including those in Europe – taking data privacy more seriously.”
Failure to comply allows any European data protection authority to take action against organisations, regardless of where in the world the company is based. Fines will be levied of up to 20m euros or 4% of a company’s turnover for non-compliance.
Look out for our next blog ‘What data does the GDPR Cover?’
Sources: (Privacy lawyer and KuppingerCole analyst Karsten Kinast), White & Case, ICO