The European Union's General Data Protection Regulation (GDPR) goes into effect May 25, 2018. Companies have been preparing for it for awhile but if you're still in the dark, it's not too late to get up to speed.
Here are five things to know about the EU's GDPR:
1. It's about data privacy. The GDPR attempts to give EU citizens more control over what data companies collect, store, and use.
2. It probably applies to your business. GDPR applies to every citizen of the EU and any business entity that transacts with them. Sell a t-shirt to a Frenchman? You need to deal with the GDPR.
3. It's pretty much any kind of data. Anything related to a person that can be used directly, or indirectly, to identify them is now regulated.
4. You have to get explicit permission to process personal data and your request must be in clear language. You can't use long legal documents or hide things in a privacy policy. And it has to be as easy to withdraw consent as it was to give it.
5. Penalties are big. If an enterprise violates the practices of the GDPR, it can be fined up to 4% of the company's global turnover or 20 million Euros, whichever is greater.
No comments:
Post a Comment