When you consider the sheer amount of personal information that you’ve put out on the web, the feeling can be a bit overwhelming. The questions about our information – especially now – are virtually endless, and governments and businesses are racing to catch up. Just this week, the European Union (EU) created a new privacy standard, General Data Protection Regulation (GDPR). Though enacted by the EU and applying more directly to European companies, these new GDPR regulations will also apply to any company that uses data to do business, or track behavior in the EU, which will require
What is GDPR?
The GDPR is a set of regulations around how business are allowed to deal with the personal data of EU citizens. It grants a number of rights to users around this data, including:
- Individuals must be notified within 72-hours of a personal data breach.
- People have the right to object to the use and marketing of their data.
- Users may restrict processing (although it is still stored) of their information.
- People can require that their information is corrected if they see inconsistencies.
- Individuals can transfer their data from service to service.
- People must be informed before their information is gathered.
- Consumers can require that their data be deleted.
- People have the right to access their personal information.
Many of these rules are similar to a previous standard – EU Data Protection Directive – that only applied to servers and other equipment inside the EU. But now that it applies to the use of this data, any company doing business in Europe should be aware of these new GDPR rules.
GDPR Compliance Requirements
Right now, many businesses have free reign of how they used their consumer’s information. The GDPR allows consumers more control than ever before, and businesses should be aware of the following:
- Larger organizations – public authorities and large scale data processors – will be required to have a Data Protection Officer in charge of GDPR compliance.
- Marketing and sales will likely be influenced. Businesses should expect broad changes in their strategy.
- Businesses that don’t comply with GDPR terms face a fine of 4% of annual global revenue or 20 million Euros (whichever is more).
- Businesses should be prepared to put security measures in place to avoid data breaches.
- There should be a clear-cut method for handling personal data throughout the site.
Consult with Great Business Attorneys
All businesses should have quality legal services. LawTrades is happy to connect clients and seasoned attorneys. Our services include low flat-rate fees, but we also offer subscription-based legal plans for the clients that may need ongoing assistance throughout the year. The advantage of legal plans includes a $0 service fee, discounted hourly rates, plus unlimited legal consultations. Contact us today to schedule your consultation.