General Data Protection Regulation (GDPR)
Data protection in Europe is about to change significantly. The General Data Protection Regulation is coming into force on the 25th May 2018 and will apply to all businesses and organisations that collect, process or transfer personal data of those within the EU.
What is GDPR?
The General Data Protection Regulation (also known as GDPR) is a new set of rules designed to give people more control over what companies can do with their data. It will replace the current 1995 EU Data Protection Directive.
The regulation states that data must be processed lawfully, transparently and for a specific purpose. People have a right to know what data a company holds on them, why that data is being processed, how long it is stored for and who gets to see it. Organisations have a responsibility to ensure that personal data is collected and processed legally. Personal data under the GDPR is defined as any information that can be used to identify a person including names, addresses, emails, phone numbers, photos, etc. This has now been extended to digital identifiers such as IP addresses, cookie IDs, digital fingerprints, etc.
GDPR will also introduce tougher fines for non-compliance and data breaches. The new law creates a much higher standard that businesses can be held to, and large fines of up to €20m or 4% of annual global turnover.
How is Hayward Miller compliant?
Over the past year, we have made it our task to ensure the necessary steps are in place to protect personal data and to comply with the upcoming regulation. This has taken the efforts of all HML employees by putting processes and procedures in place to make sure we are meeting our legal obligations.
Below are some of the things we have done to ensure we are ready for the GDPR.
Opt In & Opt Out
If you want to know more visit the official EU General Data Protection Regulation webpage www.eugdpr.org