Enforcement of the EU’s General Data Protection Regulation (GDPR) is approaching fast, officially affecting foreign and domestic companies starting on May 25.
The GDPR (General Data Protection Regulation) deadline is less than a week away. Armed with this data, marketers can serve contextually relevant and emotionally powerful ads that truly resonate with individuals, but don’t draw on their personal data to do so.
In certain circumstances, individuals can request to transfer their personal data from your organisation to a third party. This should not give allowance for that company to then continue using your data in whichever way they please from that point onwards.
To comply with the GDPR and personal data processing, your organization must have a system and protocol in place to manage data and data security.
While high-profile companies can take those measures, smaller enterprises may struggle meeting GDPR’s technical challenges. More information on GDPR is available here.
This article was written with the help of Diego Naranjo, from European Digital Rights, and Jon Baines, chairman of the UK’s National Association of Data Protection Officers. The company must respond to your requests without undue delay and at the latest within 1 month.
By contrast, 51 percent of Norwegian companies had never heard of GDPR.
According to the European Union, to exercise your rights you should contact the company or organisation processing your personal data, also known as the controller. Geographic location is key here. But now she’s anxious about how the European Union’s new data-protection law will affect her business as she contacts customers to seek permission to store their details. Controllers and processors of personal data have a short amount of time to get ready. However, it’s important to ensure this documentation matches what’s actually under the processor’s hood – from complete audit trails to data erasure, no matter where your data might end up in their infrastructure. They must process the data “lawfully, fairly and in a transparent manner in relation to the data subject”.
A further tick box must be added if you wish to send further marketing communications to the customer. GDPR attempts to give consumers the control of their personal data. Stephen Gailey, solutions architect at Exabeam, commented: “Microsoft may well have a fundamental commitment to people’s privacy, but extending GDPR rights to its global customer base is undoubtedly the path of least resistance”. The others are contract, legal obligation, vital interests, public interest and legitimate interests. Under the new rules, everyone outside Europe will be fall under the jurisdiction of its USA headquarters.
Cybersecurity concerns should be at or near the top of your company’s GDPR preparation list.
The SpaceWatch.Global team will be happy to answer any of your questions. It is the unique differences in scope and processing of personal data that define the lines of compliance.
The EU’s 28 member states have different historical experiences and contemporary attitudes about data collection. Almost 20 per cent of organizations aren’t even making GDPR a top priority, even though GDPR gives data protection authorities more investigative and enforcement powers to slap those who don’t comply with substantial fines.
For example if you sign up for an online language course the college would only be able to use your data for this objective.
Ultimately this is a good thing for consumers.
In Denmark however, only 2 percent of the businesses stated that they didn’t know about GDPR, followed by Czech Republic (6 percent), Sweden (9 percent), Portugal (11 percent) and Austria (12 percent).