Do you run a business? Are you a website owner or an expert in personal data processing? It is crucial that you understand the implications of the General Data Protection Regulation (GDPR) on your activities. It comes into force in Europe on May 25, 2018 .
What is GDPR?
GDPR establishes a framework for the processing of personal data in the European Union (EU ). It follows on from the French Data Protection Act of 6 January 1978. It gives citizens greater control over how their personal data is used.
GDPR was created to:
Harmonisation of standards in Europe;
Provide an identical legal framework for professionals . Thanks to vp design officers email lists the regulations, they can develop their digital activities, while establishing a relationship of trust with users.
What are the objectives of GDPR?
Discover the three main objectives of the General Data Protection Regulation:
Increased rights for individuals . GDPR creates the right to portability of personal data. It includes specific provisions for minors.
Holding the various data controllers accountable . This applies to both controllers and processors.
Making the regulations credible . How to do this? By intensifying cooperation between data protection authorities. In particular, they will be able to adopt joint decisions and toughen penalties for transnational processing.
Who is required to apply for GDPR?
Any organisation, regardless of its size, location or activity, can be affected by GDPR. The Regulation applies to all organisations , both public and private , that process personal data, whether on their behalf or not, if:
They are established in one of the Member States of the European Union;
Their business is aimed directly at European residents.
For example, a company based in Italy that exports its products to Tunisia must comply with GDPR. This is because the company is based in the European Union. Similarly, a company based in Japan with a French-language e-commerce store that supplies products to France is required to comply with the regulation.
The General Data Protection Regulation also applies to subcontractors : web hosts, software integrators, communication agencies, etc., who process personal data on behalf of another entity (a company, a local authority or an association). The latter process personal data on behalf of another entity (a company, a local authority or an association).