In May 2018, we will witness the most significant overhaul in data protection in decades. The European Union is introducing the GDPR – The General Data Protection Regulation, which will alter the way we handle and store data in order to protect the personal information provided by consumers and clients.
If you run a business that operates within the EU, and you’re keen to learn more about how the GDPR will affect you, then continue watching this video!
WHAT EXACTLY IS THE GDPR?
The General Data Protection Regulation (GDPR) represents the biggest shakeup in data privacy within the 20 years. After lengthy debate, the GDPR was approved by the European Parliament on April 14th, 2016 and will come into play on May 25th, 2018.
If you’re found to be non-compliant by this date, there are consequences, including fines.
The GDPR is a framework, which has been drawn up to strengthen privacy and data handling laws in a bid to protect customers. The new regulations will affect companies, organisations and authorities that handle and store personal data.
THE TERRITORIAL SCOPE OF THE GDPR
If you live in the EU, you will almost certainly be affected by the GDPR. The GDPR applies to all controllers and processors, which operate within the EU. If you run a business, for example, and you are based within the EU, you will be required to comply with the GDPR.
If you’re not based within the EU, but you handle data provided by residents of EU countries, the GDPR will also apply to you.
Companies and bodies that are not based in the EU are also required to adhere to the GDPR if they are responsible for monitoring the behaviour of organisations that operate within the EU. The scope of the GDPR is, therefore, both territorial and extraterritorial.
WHAT IS THE DEFINITION OF PERSONAL DATA?
In simple terms, personal data is information that can be used to identify a person, by either using their name or indirectly, by using their IP address to find out more. Other examples of personal data include home addresses, email addresses, and social media posts.
Within the category of personal data, you may also come across the term sensitive personal data. This information relates to religious beliefs, sexual orientation, political beliefs, and race.
HOW DOES GDPR AFFECT THE PRIVACY RIGHTS OF INDIVIDUALS?
As an individual, the GDPR gives you a host of new rights, which are related to the data you provide and share.
From May 25th, 2018, individuals will have the following rights:
To be informed about the type of information that is processed and how personal information is used.
To access and modify personal data that’s incorrect or inaccurate, and erase information that is no longer relevant to the processor.
Individuals can also inhibit processing, access and transfer data across IT platforms, and object to data processing.
WHAT OBLIGATIONS DO ORGANISATIONS HAVE UNDER THE GDPR?
Failure to comply with GDPR will result in penalties. So here are some of the obligations and responsibilities you have:
One, you must understand the data you handle and demonstrate clearly what you’re going to do with it and where it may end up.
Two, provide clarity on whether you are seeking consent to obtain and process personal data.
Three, take a good look at your current security measures and the policies and procedures you have in place to protect data and reduce the risk of security breaches.
And four, if your business employs more than 250 people or you are responsible for continual or systematic monitoring, you must appoint a data protection officer.
Your business doesn’t have to be based in the EU in order to qualify for GDPR regulations. If you have data related to customers in the EU, you’re required to adhere to these guidelines.
If you have an e-commerce business and you’re worried about data collection, we can help. The professionals at Site Geek are experts in everything to do with internet business. Visit our site today to learn more!
If you enjoyed this video, don’t forget to like, comment, and subscribe!