Consulting Services

General Data Protection Regulation (GDPR)

gdpr Count down!

The new EU regulation for Data Protection is already with us. It becomes a mandatory requirement in May 2018. This means you will need to start the transition immediately or face heavy fines of up to €20,000,000 or 4% of your global annual revenue!

Free GDPR Awareness Questionnaire Are you ready?
General Data Protection Regulation What is GDPR?

 

Intention Banner

GDPR is a European Union (EU) regulation put in place in May 2016:

  • Repeals the Data Protection Directive (95/46/EC) from 1995

  • Expands the scope of personal information identifiers

  • Applicable in each EU member state and requires no local implementing legislation

  • Gives individuals right to control their personal information

  • Forces the businesses to provide transparent data processing and maintain individuals right to privacy

  • Imposes penalties on businesses in case of failure to do so

  • Organisations need to be compliant by May 25th 2018

GDPR Key Highlights

Expand 'personal data' pool: Personal data definition now also includes genetic data, profiling information, IP address and data in cookies.

Non-EU impact: Regulations are applicable to anywhere where EU resident's personal data is processed or monitored.

Data Protection Officer (DPO): Organisation must have a qualified DPO, directly reporting to senior management.

Data Protection Impact Assessments: Privacy must be by default, designed into data processing and organisations must perform Data Privacy Impact Assessments.