What Is GDPR?
GDPR has been made by the European Union (EU) to protect EU citizens’ right to their data privacy. GDPR ensures that EU citizens’ data are theirs.
It’s a new rule in the European Union (EU) which is mainly having companies comply how they are to treat users’ personal data.
“The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.”
I have used EU citizen however it is still unclear if GDPR applies to EU citizens, EU residents or both. Peerlyst has an article that explains this in details:
What Consists of Personal Data?
“The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.”
Who Does GDPR Apply To?
Regardless of where you are, GDPR applies to everyone who offers products, services or has customers that are part of EU countries.
When would GDPR exactly take effect?
GDPR took effect last May 25, 2018.
Companies need to explain why they need users data and what they’re going to do with it. With GDPR, EU residents now have the right to request their data from companies. If they want to delete it, the company has to honor the requests unless they want to violate GDPR.
If the company does not respond within 30 days of the request, the company in violation will face a penalty.
Penalties covered 4% of the company’s global revenue or 20 million euro, whichever is higher.
It has been said that the May 25th deadline is like a soft opening and even at the end of 2018, a lot of companies would still be in violation of GDPR.
Tips On How To Be GDPR Compliant
Make sure that all your data are stored in an organized fashion. If ever you’re asked about information about anyone, you can quickly retrieve all of it.
If you’re storing your users’ data digitally, make sure that it’s secured. Whether it’s on the cloud or you have a computerized system, security is king. Password protection, anti-viruses, and information control. If physically stored, store it in a room where only you and people you trust have access to it.
Keep Only Data That You Need
Do not keep data that you do not need. You have to make sure that you need those particular data for your business and not just because it might come in handy later on. You are to justify this.
Rewrite it in compliance to GDPR with these in mind, what information is being collected? How and why is it being collected and what it’s going to be used for?
Provide Or Delete Information In A Timely Manner
If you have the first two tips, this should not be a problem. Remember that you have only 1 month to provide information if asked about a user’s data if asked. Same with deleting data. You must have a system of how this can be done.
Posts You May Also Like