European Union’s General Data Protection Regulation (EU GDPR) was created with the purpose of regulating the way EU citizens’ personal data is protected by companies, and of replacing the current Data Protection Directive 95/46/EC.
Organizations that operate within the EU or that process EU citizens’ data must make sure they adapt to the new Regulation and become compliant, or they will be fined.
The power over personal data will no longer be in the hands of organizations, but will belong to the citizens’ themselves.
The most important save the date for 2018 will be the 25th of May, when all Member States must have the Regulation transposed into their national law, and businesses be compliant.
Clym can help provide privacy solutions for your business to make sure that your website is compliant with GDPR and CCPA at ease.
The GDPR will bring important changes once it becomes mandatory in 2018. Find out to whom it applies to and what are the changes for data controllers and processors.
The term data subject appears very often in the GDPR. The regulation is meant to give them more rights. But what exactly is a data subject and who can become one?
Personal data is a sensitive subject within the GDPR. Whether you are a data controller/processor or a data subject, you need to know what is personal data according to the Regulation.
The GDPR puts a strong emphasis on individual rights. Find out what they are, how you can exercise them as a EU citizen and how to enforce them as an organization.
Consent has always been important for data processing. Under the GDPR consent becomes harder to get and easier to revoke. Find out how consent works under the Regulation.
The GDPR strongly emphasizes data protection encouraging security ‘by design and by default’. A lot is left to the choice of each organization, but some recommendations exist.
Whether you are a data processor, or a data controller, it is important that you know your obligations under this new Regulation.
See whether your organization needs to appoint a data protection officer, and what his role in the company will be.
The non-compliance fines are established on a tiered system, and depend on the gravity of the damage, or on the obligations breached.
These are the institutions in charge of providing your organization with advice and clarifications, as well as to apply the fines, if this is the case.
The GDPR enables codes of conduct and certifications as a means to prove GDPR compliance to regulators and data subjects.
Here is an action plan to be applied in order for your business to become GDPR compliant and help you get a head start in front of your competition.