Hi guys,
I have been reading into the new GDPR regulation for Data Controllers and Data Processors. These regulation will affect a bigger audience (also outside the European Union!) and will give more rights back to Data Subjects. The GDPR will be effective 25th May 2018. Complying will be mandatory so getting a head start is vital for your company.
In this blog, you can find a summary and links to the whole GDPR analysis.
I found two sources that combined will give you the knowledge you need. Below a small summary:
GDPR Summary
Increased Territorial Scope (extra-territorial applicability): All companies processing the personal data of data subjects residing in the Union, regardless of the company’s location.
Conditions for Consent: Need to be more simplified and readible.
Data Subject Right are broadened: Data subjects can ask for all personal data, can transfer that data to another authority or can say you have to delete it all. If a data breach occurs, data subjects need to be informed within 72 hours.
Penalties: Under GDPR organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater).
Sources
Next the sources I was telling about, they give a summary of all you need to know to be up to date:
A major change in data protection which will affect a lot of companies. Contact me for any further questions about this topic.
Cheers,
SteckFTW