Site Loader

GDPR stands for General Data Protection Regulation. It’s one set of data protection rules for all companies operating in the EU, wherever they are based. The EU General Data Protection Regulation (GDPR) was approved by the EU Parliament on 14 April 2016. And It was enforced on 25 May 2018. The GDPR primarily aims to give more control and rights (See appendix 1) to individuals over their personal data. One feature of GDPR is extraterritorial applicability. GDPR applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location. For instance, if a US company provides product or service to the people in Union, this company must comply with the regulation. Another important feature of GDPR is consent. Before GDPR, most company considered their users implied consent that company is able to gather, store, analyze their data. The GDPR redefines consent as “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” Company must get consent from customer, only then can company collect, store, process and analyze their data. Besides, organization in breach of GDPR can be fined up to 4% of annual global turnover or €20 million.
GDPR set a new strongest rule about data privacy worldwide. Some company like Los Angles Time decided to block EU users from their content entirely. However, it’s not a long-term solution. Although some company outside the Union don’t need to comply with the GDPR, they still need to think about what they could to prepare for the future possible enforced data privacy regulation in their own country.

Post Author: admin