If you subscribed to websites such as Facebook, Twitter, etc., you would have been recently receiving emails like “We’re Ready for GDPR: Updated Privacy Policy & Terms And Conditions” or “Updates To Our Privacy Policy (GDPR)“.
This is because the General Data Protection Regulation (GDPR) comes into force today, 25th of May.
But what is this and why so much fuss?
The General Data Protection Regulation (GDPR), approved in April 2016, is a piece of legislation that seeks to harmonise data privacy laws across the 28-nation European Union. It was approved in April 2016. The aim is to give consumers control of their personal data as it is collected by companies.
The regulation applies to a broad array of personal data, including a person’s name and government ID numbers. It also protects information that can show a person’s activity both online and in the real world. That includes location information, as well as IP addresses, cookies and other data that lets companies track users as they browse the internet.
The GDPR affects companies/organisations located within the EU and those outside of the region if they offer goods or services to, or monitor the behavior of, people in the bloc. The companies operating in these countries have been given two years to comply and it comes into force on May 25, 2018.
The GDPR replaces a previous law called the Data Protection Directive. Here are the objectives of the Regulation:
- This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
- This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
- The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.
So with this regulation coming into effect, this is what you should expect.
- The GDPR requires data policies to be written in plain language so you can better understand what you’re consenting to.
- Organizations collecting or using personal data will have to consider privacy throughout the entire lifecycle of products and services.
- Right to Data Portability. This means you can now move your data to another service provider without losing the data history you’ve built up with the previous provider.
- You also have the right to have your data completely deleted or erased
- It requires companies to notify users within 72 hours of a data breach
This is very important for companies operating within the EU as the fines can be very, very costly. The maximum fine for a GDPR violation is 20 million euros or 4 percent of a company’s annual global revenue from the year before, whichever is higher.
If you want to know more about the GDPR, click here for the official document
1 Comment
Pingback: WhatsApp Slapped a Record $225M Euro Fine for Breaching Europe's GDPR | Innovation Village | Technology, Product Reviews, Business