While you are probably aware of GDPR, there are certain facts that you need to know whether you run a business that is affected by this or not. GDPR is an important law that has affected the way that companies are able to handle data collected from residents of the European Union. Knowing more about this regulation is important for everyone.
What Is GDPR?
Before you can look at what GDPR entails, you need to know what this is. GDPR is the new European regulation also known as the General Data Protection Regulation. The regulation aims at unifying and improving the way that personal data is currently protected. The regulation came into effect on 25 May 2018.
What Is Considered Personal Data?
The definition of personal data has been expanded as part of GDPR to include any information which can identify an individual either directly or indirectly. This information will include data such as the name of an individual, their date of birth, and their address. However, it will also include other data which includes their IP dresses, their physical features, and the tracking cookies placed on their computers.
Who Does GDPR Apply To?
GDPR will apply to all forms of business that collect and use personal data collected from an EU resident. If anyone collects personal data from someone in the EU, they will have to comply with the regulation regardless of their location. This means that a company based in the United States will still have to comply with GDPR if they handle European data.
When looking at this, it is important to note that the data will be for any person who is resident in the EU. This means that citizenship does not come into play. An individual may not be a European citizen, but is residing in the EU and will be protected under GDPR.
What Are The Penalties For Non-Compliance
GDPR has guidelines on the penalties that will be enforced against businesses that are found to not be compliant with the regulation. These fines will differ depending on the severity of the non-compliance. The minimum penalty will be 2% of the annual turnover of the company or €10 million. In more severe cases of non-compliance, a company may be fined 4% of their annual turnover or €20 million.
How Will Penalties Be Enforced?
GDPR will be enforced by national data protection authorities, but it is unclear how the fines will be enforced. However, it is important to note that companies that do not comply could face private lawsuits. This means that if a private lawsuit is filed, the relevant authority will generally be able to enforce the penalties outlined in the regulation.
There is a lot of information that you need to know about GDPR. This will include what GDPR is and what the basis of the regulation is. You will also need to know which companies will be affected by this and what the penalties will be for non-compliance. This will ensure that you know your rights and what your business will need to do if it is affected.