What is the GDPR?
The General Data Protection Regulation (GDPR) is a new EU regulation that will replace the 1995 European Data Protection Directive (DPD) in order to significantly improve the protection of EU citizens’ personal data and increase the obligations of organizations that collect or process personal data. It has been in force since May 25, 2018. The Regulation builds on many of the requirements of the 1995 Data Privacy and Security Directive, but includes several new provisions aimed at strengthening the rights of data subjects and adding harsher penalties for breaches.
The full text of the GDPR can be found here and a list of key GDPR terms you will need to know can be found here.
What does the GDPR change?
Since 1995, the DPD was in full force and effect in the EU and the EEA, which governed data protection in the EU for more than twenty years. Although the GDPR replaces the DPD on 25 May 2018, the DPO sets out the eight data protection principles that have governed the processing of personal data by organizations since 1995. And even if the GDPR supersedes the DPD, InspireMe recommends that you familiarize yourself with the laws in force before diving into the changes of the GDPR.
Does the GDPR apply to my business?
While the DPD governs entities within the EU, the territorial scope of the GDPR is much broader as it will also apply to non-European companies that (a) market their products to people in the EU or (b) monitor people’s behavior in the EU. This means that even if you are based outside the EU, but you control or process the data of EU citizens, the GDPR will apply to you.
THE GDPR AT INSPIREME
If you are already an InspireMe customer or partner, please contact your account manager if you have any further questions, comments or suggestions. If you do not yet have a business relationship with InspireMe, please contact us via the Contact Us button.