General Data Protection Regulation
What you need to know
GDPR
What is GDPR?
The General Data Protection Regulation is a new data privacy law that aims to protect and empower the rights of the EU citizens regarding how their personal data is used.
The GDPR will strengthen individuals' rights and will impact all organizations across the region processing and holding the personal data of data subjects residing in the EU, regardless of the company’s location.
The European General Data Protection Regulation came into force on May 25, 2018.
What does
it mean
for your
business?
The GDPR applies to any organization inside or outside the European Union who is offering goods or services to, and/or tracking the behaviors of EU citizens. That means that if you do business with Europeans that involves the processing of their personal data, this legislation applies to you.
Key Challenges
The new regulation impact businesses in many ways. Privacy and data protection will be part of a company’s core requirements leading the way in data collection and storage.
All organisations should properly prepare and comply with the new policies, otherwise they can be fined up to 4% of annual global turnover or €20 Million. It is important to note that these rules apply to both data controllers and processors.
Opportunities
As privacy plays a key role in earning customers’ trust, the GDPR is a great opportunity to connect and re-engage with your customers. How? Businesses can deliver customer experiences that are informed by their understanding of customers’ behavior and preferences.
Data and analytics leaders can use GDPR changes to increase the value of data and enable greater flexibility and agility in accessing them.
QIVOS’ commitment & preparation
QIVOS has taken steps to ensure compliance with the GDPR, including:
Consultation
Consulting with an outside advisor team to assess QIVOS’ current policies & practices
Organizational compliance
Optimizing & ensuring the appropriate technical and organisational measures implementation
Data mapping
Mapping the data flow
Audit
Implementing an audit procedure
Refining Contracts
Ensuring that all contracts have appropriate clauses regarding the collection & use of personal data
Training
Implementing repeated mandatory Information Security & Data Protection training sessions for staff
Related resources
Getting Ready for GDPR
The European GDPR deadline is officially set for May 25, 2018, forcing every business that is collecting, handling and analyzing personal data in the European Union to be GDPR-compliant by that date. Find everything you need to get prepared for the GDPR on our latest blog post.
*Note: The information contained in this page is for general guidance only. This is not legal guidance for any GDPR compliance obligations.