You are probably here because you have heard about the GDPR and are full of questions. Maybe you've read something in the news, or read the European Union website (but probably not). And now you are curious about it and the consequences for your business.
What is GDPR?
The General Data Protection Regulation (GDPR) is European law to protect the privacy of European citizens. It concerns all companies and organizations that have work with data of European Citizens. Even companies and organizations outside the European Union that store data of people who live in Europa.
When EU General Data Protection Regulation (GDPR) will take effect in the European Union after May 25, 2018, for some countries there is not much change as they already have strict data protection regulations but before there were 28 different regulations or laws across Europe. One reason to install the GDPR was to simplify and enhance the transfer of personal data between organisations in different countries while protecting personal data in an appropriate secure way. To support the idea of data transmission, all business, including SMEs, as well as public or private profit or non-profit organisations must comply with set of rules to ensure a high level of data protection.
To comply with GDPR you have to provide documentation about your data processing activities and your data protection efforts. Furthermore, you probably have to update your privacy statement on your website. In some cases, you also have to make a data privacy impact assessment (DPIA) which is focused on data security and risk management. Of course, if the processing of data is your main business purpose, then you might need a data protection officer. All these steps are necessary to provide an appropriate level of data protection according to the EU GDPR.