What is It?
GDPR (General Data Protection Regulation) is a data protection law that came into effect from 25th of May, 2018 in the EU (European Union). It’s main aim is towards protection of personal data in rapidly growing technological developments.
Why it is needed?
Frequency of international flows of personal data, hacking risks and misuse and exploitation of personal data forces EU to make a law to ensure that organizations should obey this law to protect all the relevant data.
What is personal data under GDPR?
In general personal data includes name, address, and photos but GDPR extends the definition of personal data which includes IP(Internet Protocol) address and also includes sensitive personal data such as genetic data, and biometric data which is used to identify an individual identity.
What does GDPR mean for businesses?
Since GDPR is a single supervisor authority for the entire EU, so that it will make simpler and cheaper for businesses to operate within the region. It is expected that GDPR will save €2.3 billion per year across Europe.
It will encourage various organizations to adopt different techniques in order to get benefitted from collecting and analysing personal data without worry, since customer’s data is protected under this law at the same time.
To Whom it applies?
Organizations those are fully or partially operated within the EU and outside of the EU which offer their goods or services to customers should follow this regulation.
What will happen if not followed?
Organizations those are not able to follow the law will have to pay the fine ranging from €10 million to four per cent of the company’s annual global turnover. Fines also depend on the severity of the data breach. The maximum fine of €20 millions or four percent of worldwide turnover is set for the organizations.