GDPR is a regulation aimed to protect citizens of the EU as they communicate with businesses that request “personal data” in return for something. Personal data refers to anything that can help to identify the person, including social identity factors, mental, genetic, economic or cultural items.
Global Applicability
GDPR relates to any organisation in the world that handles or controls EU citizen data. This means every organisation needs to ensure they are compliant with the new rules.
Penalties
Failure to comply with the new GDPR regulations result in large fines. Businesses will be fined 4% of annual global revenue or €20 million (whichever is greater) for breaking the GDPR. Don’t be at risk of breaching it.
Privacy by Design
GDPR asks for privacy protection from the start of designing your system rather than as an addition to designing the system. Businesses must collect data, which is absolutely necessary to complete the task. But, users of the data must be limited to those who really need it.
EU Citizens Rights
Individuals can request to know from a business what data they have on them, the business must provide this to them free of charge. Equally, individuals have the right to withdraw this information from a business. Their data then cannot be used again.
