What is the GDPR?

Data protection laws are evolving constantly, and if you handle any kind of information from your customers or clients, then you have to make sure you comply with every legislation within your jurisdiction at all times. If your business is located within the European Union, or deals with information from any European Union citizen or resident, then you need to know what the General Data Protection Regulation (GDPR) is and how to comply with this regulation as soon as it takes effect.

Keep reading to find the most important details about this new regulation and what your company needs to do before its entry into effect.

What exactly is the GDPR?

The General Data Protection Regulation, or GDPR for short, is the latest legal framework approved by the European Union, replacing the Data Protection Directive and taking effect on May 25th, 2018. The biggest difference between these two documents is that, while the Data Protection Directive was made out of suggestions and recommendations, the GDPR is a binding legal document that every European member state must comply with.

The GDPR is focused on protecting personal information handled by companies and the way these organizations store, use and destroy them, as well as setting certain guidelines on how to properly handle this information. The Regulation also includes a legal definition of what constitutes “personal data” and what is a “data leak”. Finally, it sets a series of fines and sanctions for the improper or unauthorized handling of personal data.

Does the GDPR affect my company?

The General Data Protection Regulation will apply to all the organizations that:
• are physically present in at least one member state of the European Union,
• handle and store personal information from individuals residing in the European Union, or
• use third-party services that handle and store personal information from individuals residing in the European Union.

This scope is considerably broad and includes a great amount of small and big businesses around the world. Be careful and note whether your company needs to comply with the GDPR, given that violating the regulation may involve penalties and fees of up to 20 million euros.

An overview of the GDPR’s content

This regulation provides a set of guidelines that will allow users and clients to have more direct control over the personal information they choose to give any company. One thing the GDPR enforces is that users have to know exactly how their personal information is being handled and what is being done with it, as well as checking what they are sharing at all times.

Another GDPR guarantee is that users can rectify or modify their personal information in any moment if it’s not correct, and delete it from any physical and online storage if they choose to, a well as download a copy of their personal information to take elsewhere.

The General Data Protection Regulation involves a great amount of changes for small companies and big businesses alike. Prepare for it to avoid any penalty!