May 25th is on its way, which means your business needs to be ready to comply with the General Data Protection Regulation (GDPR). In April 2016, EU Parliament approved this regulation, and it will begin to be enforced from May 25, 2018.
What exactly is GDPR?
GDPR is a regulation that requires businesses to protect the privacy and personal data of EU citizens for transactions that occur within EU member states.
GDPR replaces the Data Protection Directive 95/46/EC. It was designed to protect and empower all EU citizens data privacy, and harmonize data privacy laws across Europe. It will reshape the way organizations approach data privacy.
What if you’re not GDPR compliant?
Companies who aren’t in compliance with GDPR will face hefty fines – up to $24million or 4% of annual global turnover, whichever is higher.
Key highlights of GDPR
Here are some of the key highlights of GDPR:
- You need to comply with the regulation regardless of where your company is located and processes data.
- If there’s a breach of data, breach notification needs to be done within 72 hours of becoming aware of the incident.
- GDPR makes it a legal requirement that data protection must be considered not as an addition or afterthought but when designing a system.
- Types of data that GDPR protects – Basic identity information such as name, address, and ID numbers, web data such as location, IP address, cookie data and RFID tags, health and genetic data, biometric data, racial or ethnic data, political opinions, sexual orientation.
- The GDPR will allow the individual to receive and request their personal data and transmit it to another data controller.
How can WPLegalPages help you?
The WPLegalPages team will be adding GDPR compliance pop-up in the plugin, similar to the existing pop-up of EU Cookie Law. The user will be given an option to decline or accept different preferences of how their personal information will be used.