The General Data Protection Regulation (GDPR) is the biggest change in data protection laws for 20 years, and when it comes into effect on May 25th, 2018, it intends to give European citizens back control over their personal data. Its impact won’t just be felt in Europe though, as it will have wider implications for companies across the world that hold data on the continent.

 

They have been designed to give power back to citizens over how their data is processed and used.

 

1. Obtaining consent

Your terms of consent must be clear. This means that you can’t stuff your terms and conditions with complex language designed to confuse your users. Consent must be easily given and freely withdrawn at any time.

 

2. Timely breach notification

If a security breach occurs, you have 72 hours to report the data breach to both your customers and any data controllers, if your company is large enough to require a GDPR data controller. Failure to report breaches within this timeframe will lead to fines.

 

3. Right to data access

If your users request their existing data profile, you must be able to serve them with a fully detailed and free electronic copy of the data you’ve collected about them. This report must also include the various ways you’re using their information.

 

4. Right to be forgotten

Also known as the right to data deletion, once the original purpose or use of the customer data has been realized, your customers have the right to request that you totally erase their personal data.

 

5. Data portability

This gives users rights to their own data. They must be able to obtain their data from you and reuse that same data in different environments outside of your company.

 

6. Privacy by design

This section of GDPR requires companies to design their systems with the proper security protocols in place from the start. Failure to design your systems of data collection the right way will result in a fine.

 

7. Potential data protection officers

In some cases, your company may need to appoint a data protection officer (DPO). Whether or not you need an officer depends upon the size of your company and at what level you currently process and collect data.

 

Please read our Privacy Policy before you purchase anything from us


The product is in stock.
The product is ordered from the supplier and the delivery date is confirtmed.
The product is ordered from the supplier, but the delivery date is not confirmed.
The product has to be ordered from the supplier
This product is located on the remote storage.
Varen er bestilt fra leverandør, men leveringsdato er ikke bekreftet.
Varene bestilles fra vår leverandørs lager.
Ubekreftet - Ta kontakt med kundesenter for nærmere informasjon.