The General Data Protection Regulation (GDPR) is a strict privacysecurity law in the world. Although developedadopted by the European Union (EU), it places obligations on organizations everywhere when identifying or collecting data related to EU people. The regulation came into effect on May 25, 2018. The GDPR imposes severe fines on those who violate its privacysecurity standards, up to tens of millions of euros.
With the GDPR, Europe is demonstrating its strong commitment to data privacysecurity when many people trust their data in the cloudlawlessness is rampant. The law itself is ambitious, far-reaching,simple in detail, making compliance with the GDPR a difficult prospect, especially for smallmedium enterprises (SMEs).
History of the GDPR
The right to privacy is part of the European Convention on Human Rights in 1950, which states: “Everyone has the right to the protection of the moralmaterial interests resulting from any scientific, literary or artistic production of which he is the author.” On this basis, the European Union seeks to ensure that this right is protected by law.
With the advancement of technologythe invention of the Internet, the EU recognized the need for modern security measures. Therefore, in 1995, the European Data Protection Directive was adopted, establishing a minimum of privacy datasecurity standards because each Member has launched its implementation law. But the Internet has already changed the information it has today. In 1994, the first ad ads appeared on the web. In 2000, many financial institutions offered online banking. In 2006, Facebook opened to the public. In 2011, a Google user sued the company for scanning its email. Two months later, European data protection authorities announced that the EU needed a “comprehensive approach to data protection,” Work began to revise the 1995 directive. The GDPR lawyer came into effect in 2016 after the adoption of the European Parliament,on May 25, 2018, parties had to comply.
Extents, Penalties, And Important Definitions
First, if you process the personal data of EU citizens’ data or provide goods or services to such persons, the GDPR will apply to you even if you are not in the EU.
Second, the penalties for violating the GDPR are very high. There are two levels of fines, with a maximum value of 20 million Euros or 4% of global revenue, depending on the size,the data heads are entitled to claim damages. The GDPR defines many legal principles. Below are some of the critical points we refer to in this article:
- Personal data: Personal data contains any information related to a person identified directly or indirectly. Namesemail addresses are visible. Location information, nationality, gender, biometrics, religious beliefs, web cookies,political views can also be personal. Anonymous data can also be defined when it is easy to identify someone.
- Data processing is any action performed on data, automatically or manually. Examples given in the text include collecting, recording, editing, editing, storing, using,deleting everything.
- A data subject is a person whose data is processed. These are for your customers or site visitors.
- The data controller is the person who decides whyhow personal data will be processed. If you are the owner or employee of your organization that processes data, you.
- A data processor is an external company that processes personal data on behalf of a data controller. The GDPR has specific rules for these individualsorganizations.
Ten Steps To Complying With The Gdpr – What Are The Rules?
- Find out about GDPRcheck if you can process personal data.
- Inform your customers of their rights under the GDPR.
- Record your processing tasks.
- Find out if you need to do a Data Protection Outcome (DPIA) Test.
- Consider confidentiality when developing new products or services.
- Find out if you need a data protection officer.
- Recordreport data breaches.
- Make a data processing agreement.
- Find your company leader.
- Ask permission to process your data.