Your address will show here +12 34 56 78


General Data Protection Regulation
Preparing for a new era in privacy regulation
In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.

What is the GDPR?
The EU General Data Protection Regulation (GDPR) was developed to create cohesive data privacy laws across Europe that serve to protect all EU citizens. It replaces Data Protection Directive 95/46/EC, and differs in a number of significant ways, such as:

Larger jurisdiction. The General Data Protection Regulation will apply to all companies that process the personal data of anyone living in the European Union, regardless of the company's location.

 Fines. Organizations, including controllers and processors, that are not in GDPR compliance can be fined up to 4% of its annual global turnover or €20 Million (whichever is greater). 

Consent. Consent must be requested in a clear, easily accessible manner – and must be distinguishable from other matters. In addition, it must be as easy to withdraw consent as it is to give it.

Breach Notifications: Breach notification will be mandatory – and must be completed within 72 hours of an organization first having become aware of a breach.

Privacy. The GDPR requires that data protection be included from the onset of the designing of systems, rather than as an addition.
  • Text Hover
Personal privacy
Individuals have the right to:

  • Access their personal data

  • Correct errors in their personal data

  • Erase their personal data

  • Object to processing of their personal data 

  • Export personal data

  • Text Hover
Controls and notifications
Organizations will need to:

  • Protect personal data using appropriate security

  • Notify authorities of personal data breaches

  • Obtain appropriate consents for processing data

  • Keep records detailing data processing

  • Text Hover
Transparent policies
Organizations are required to:

  • Provide clear notice of data collection

  • Outline processing purposes and use cases

  • Define data retention and deletion policies

  • Text Hover
IT and training

Organizations will need to:

  • Train privacy personnel and employees

  • Audit and update data policies

  • Employ a Data Protection Officer (if required)

  • Create and manage compliant vendor contracts

Prepare now for GDPR compliance

Get ready for the new GDPR privacy requirements on how you collect, store, and use personal information. Learn how to discover your company GDPR compliance readiness with a Pre Assessment GDPR Questionnaire from IDG SERVICES.