On May 25, 2018, the General Data Protection Regulation (GDPR) will go into effect in the European Union. This new regulation replaces the Data Protection Directive from 1995 and sets further data protection and privacy standards. If you do business with customers in the EU, it is essential to understand GDPR compliance and how to ensure that your company complies.
What is GDPR?
The General Data Protection Regulation (GDPR) was approved by the European Parliament in 2016 and will come into effect on May 25, 2018. The regulation sets out strict new rules about data protection and privacy for companies that do business with customers in the EU. GDPR applies to any company that processes or intends to process the personal data of individuals in the EU, regardless of whether the company is based inside or outside of the EU.
Under GDPR, all personal data must be:
- Legitimate and necessary for the purposes for which it is being processed
- Accurately and carefully collected
- Processed in a transparent, consistent, and fair manner
- Erased or destroyed were no longer needed and subject to regular monitoring
We hope this information has been useful to you.