What is GDPR?
It’s a new set of laws called the General Data Protection Regulation to make all existing legislation surrounding information about users within all EU countries into one law. This applies to businesses since they collect and process information about people who use their services.
When does it become law?
Who does it apply to?
The law applies to businesses in all twenty-eight nations within the European Union (EU). It also applies to all EU and non EU businesses that collect information about users living in the EU even if the companies are outside the EU.
Lastly, foreign businesses that are either based in Europe or have branches overseas must also follow the same regulations if they have access to and use information about EU nationals that can identify them.
What does the law require people and businesses to do?
Why did this law come about?
The new legislation will make all earlier privacy laws easier to understand, track, look into, analyse, evaluate and keep up to date with. By regulating the law into one area it will help to strengthen and tighten security in preventing illegal hacking into private accounts, accessing personal data and finding ways of identifying people.
How will the GDPR law be implemented?
Many companies may have to use Data Protection Officers (DPO) to oversee that the key requirements are met, policed and effectively monitored. This means ensuring all previous storage of user information, existing and future accounts of EU nationals are kept to the standard limits allowed under the new laws.
What are the consequences?
Companies and all users who store key information about EU nationals, but fail to follow the new law can face fines that amount to heavy fines.