- Posted by: sajib
- Category: Lagar och regelverk
The GDPR or as it is called the General Data Protection Regulation will replace the Data Protection Directive 95/46 / eg from 25 May 2018. This law is in place to regulate how companies protect data for EU citizens. Its purpose is to introduce specific uniform laws on the protection of personal data, in order to create uniformity throughout the EU. In this way, Member States will no longer have to write their own laws.
This article takes a closer look at the rules regarding the processing of personal data by customers, potential customers, fans and those who are happy to follow your brand and / or company. If you fail to follow these rules, you could face heavy fines of up to 4% of the company’s global sales from the previous year or fines of up to EUR 20 million, whichever is higher.
Now you may be wondering which are the most important requirements of GDPR, so let’s look at these:
Approval of visitors for data processing.
Anonymization of collected data to enable accurate confidentiality for protection.
To provide security in the process of transferring data across national borders.
Offers notification of data breaches.
The presence of a data protection officer who oversees even handling of the GDPR.
Who is the subject of GDPR?
Every company that markets this target group is subject to this law, regardless of geographical location. This is why the GDPR and its regulations will have a global impact. The rules apply within the framework of the controller, processor or registered seat of the European Union. In addition, organizations based outside the European Union apply if they collect and process data from EU residents.
According to the European Commission, personal data encompasses everything that involves information, whether related to public, private or professional aspects. For example, it could be an email address, a photo, a post on social media, an IP address or medical information. All this data must be protected according to the latest rules.
The requirements of the GDPR
The GDPR, or General Data Protection Regulation, contains 11 chapters, with 91 articles. Let’s review the most important regulations that will affect how you or your company operate online. Here are the key changes with GDPR:
Transparent policy – processors (of data) will need:
Leave notice for data collection,
Explain their processing and use.
Enter data storage and deletion rules.
Personal privacy – users will have the right to:
Get access to their personal information.
Delete their personal information.
Correct errors in their personal data.
Export of personal data.
Refrain from processing their personal data.
Checks and notifications – processors (of data) will need:
Protect all data collected with appropriate security practices.
Notify authorities in case of infringement.
Keep records of data processing.
Get approval before processing personal data.
IT and Education – processors (of data) will need:
Hiring a Data Protection Officer;
Create and manage process contracts.
Educate the employees.
Revision and updating of data rules.
In general, it should be said that GDPR should not be something that keeps you awake at night. Yes, it can mean significant investments and changes, but it’s worth it. After all, the new requirements will provide different benefits for your business as well as consumers. Contact us for more information.