By now, most marketers are aware of the impending General Data Protection Regulation, a European Union initiative designed to give consumers greater control and transparency when it comes to the personal data companies are collecting and storing. The compliance deadline is May 25, 2018, which means any business that hasn't reviewed its policies and practices is running out of time.
Although the GDPR currently only applies to companies that possess data from EU residents, many experts believe similar regulations will start emerging elsewhere. It's best to prepare yourself and become compliant now, even if you don't currently have overseas customers.
<p>A LITTLE BEE BOOK
"How it Works"
This book belongs to:
A LITTLE BEE BOOK
"How it Works"
Adapted from a variety of sources by Bob Yelland
This booklet is intended to provide friendly and
helpful advice and is not a definitive statement of law
After four years of debate, the General Data
Protection Regulation (GDPR) was ratified by the
European Union during April 2016 and has now
become law, although member states have a
twoyear period to implement it into national law.
This means that companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe.
Organisations outside the EU are subject to this
regulation when they collect data concerning any
GDPR is designed to give individuals better control
over their personal data held by organisations, and
may lead many to appoint a Data Protection Officer.
Personal data is defined as any information relating
to a person who can be identified directly or
indirectly. This includes online identifiers, such as IP
addresses and cookies, if they are capable of being
linked back to the data subject.
Indirect information might include physical,
physiological, genetic, mental, economic, cultural or
social identities that can be linked back to a specific
There is no distinction between personal data about
an individual in their private, public or work roles
all are covered by this regulation.
50% of global companies say they will struggle to
meet the rules set out by Europe unless they make
significant changes to how they operate.
There will be a substantial increase in fines for
organisations that do not comply with this new
Penalties can be levied up to the greater of ten
million euros or two per cent of global gross
turnover for violations of recordkeeping, security,
breach notification and privacy impact assessment
These penalties are doubled to twenty million euros
or four per cent of