The General Data Protection Regulation (GDPR) is the new EU regulation for personal data protection. The official text was published in 2016, and the regulation applies from 25 May 2018. GDPR will replace the current EU data protection directive, and the purpose is to strengthen the protection for all individuals inside the EU and harmonize legislation in all member states. The regulation covers both companies established in the EU as well as those established in other countries which offer services to EU citizens.
While the main principles of collecting and processing personal data from the existing directive and current national legislation remain valid, there are several points to highlight which are either new or made more explicit:
- Individual citizens are given more control, e.g. by granular consents and data subject rights
- More explicit responsibilities for companies processing data on behalf of their clients
- Less notifications to the authorities, but increased documentation requirements
- More companies will have to appoint a Data Protection Officer
- Infringements of the regulation may lead to steep sanctions
Boostcom and GDPR
In Boostcom, privacy compliance and protecting our clients’ data is our top priority. We have been working with the new regulation since 2016, and we are undertaking every necessary measure to ensure compliance with GDPR and local derogations within May 2018.
Read more: http://ec.europa.eu/justice/data-protection/
We have held a webinar about GDPR, you can watch the whole webinar here: https://youtu.be/h8okw3TUhTE