The GDPR, or the General Data Protection Regulation, entered into force on 25 May 2018. The protection GDPR most comprehensive data privacy laws change ever undertaken. Data protection legislation refers to a new set of laws, keeping personal data. As a digital marketing agency, we understand change can cause concern for many companies, so we provide advice on regulations.
Personal data is said to be ‘the most valuable resources of the world’. Thus, there has been a misuse of data – especially Facebook and Cambridge Analytica – and questions about the security of data, then the introduction of the GDPR.
GDPRWho affected by legislation GDPR?
GDPR protection laws Data does not only refer to companies based in Europe, but also international companies working in the European Union or sell to a ‘data subjects’ Europe (consumers) are located in the EU.
What GDPR non-compliance penalty?
Data protection laws can not be ignored, and the companies included in the above must comply. One big change, replacing the Data Protection Directive, is the addition of GDPR penalties for non-compliant companies. It should be noted that heavy fines for businesses, and are divided into two categories:
Violations GDPR core principles, which deals with the rights of the data subject
Violation of the principles that support
Failed to comply with the laws GDPR core can view your company receives 4% both on a global turnover, or a sentence of up to € 20 million. If you violate the terms of support, you can receive a fine of up to half of the amount mentioned above. This penalty is also not the only way the Data Protection Authority (DPA) can take against your company, on behalf of the subject of your data.
Who are the people involved in GDPR it?
The Data Protection Authority is the official agency of your company should be aware of. DPA will ensure that all companies are compliant with data protection laws, and will investigate the incidents which suggest your company does.
Data Controller is the entity that controls how personal data is used and, then, how it is processed. Data Processor will then process the data to the controller. Alternatively, the controller can also perform the tasks of a processor.
Lastly, the individual behind the data subject personal data, and important aspects of the GDPR. Act was created to regain control of a place in the hands of consumers, and the subject may include customers or even employees of your company.
What can I do to become compliant?
We have compiled a handy GDPR compliance checklist, if you will, that will help build a company compliant.
Start with the data protection leader
A leader of data protection is the first step towards becoming compliant. Act GDPR standards of data protection, but – in the words of HMRC – you can not take a ‘one size fits all’ approach. Data protection leader will be responsible for ensuring that you comply with the rules, and provide advice to move forward to the data privacy functions. They also can request access to the data subject, and in coordination with the DPA should a data breach ever.
Make sure your vendors / suppliers to comply
Your company has an obligation to ensure that all trade suppliers or vendors sharing personal information with the GDPR must also comply. You may need to verify they are following the data protection legislation, but it is vital you use the correct supplier. In the end, GDPR have put the control in making personal data to ensure secure with individual company, and you have to maintain compliance.
As part of GDPR, every company must understand the process of how data is collected, processed and, then, used and for what purpose. Thus, it is best to document the entire procedure.