fbpx

What is GDPR?

What is GDPR?

General Data Protection Regulation famously known as GDPR, is an EU law 2016/679 is to regulate on data protection and privacy for all individuals within the European Union and the European Economic Area. It manages the export of personal data outside the EU and EEA.

The primary aim of GDPR is to authorized citizens and residents of EU to control over their personal data by the regulatory environment for international business by unifying the regulation within the EU. This law superseding the earlier Data Protection Directive, it was adopted on 14 April 2016, and after a two-year transition period, became enforceable on 25 May 2018.

The member countries in EU do not have to pass a legislation as GDPR is a regulation, not a directive, and is directly binding and applicable.

According to GDPR compliance checklist personal data is only processed under a lawful specified by the regulation, or if the data controller or processor has received explicit, opt-in consent from the data's owner. The data owner has the right to revoke this permission at any time. Therefore the businesses, which manage personal data must ensure to store it by using pseudonymisation or full anonymisation and use the highest-possible privacy settings by default, so that the data is not available publicly without explicit consent, and cannot be used to identify a subject without additional information stored separately.

The data controller or processor is in compliance of pragmatically disclose to the data owner

  • Any data collection,

  • Declare the lawful basis

  • The purpose of data processing,

  • How long data is being retained,

  • and if it is being shared with any third-parties inside or outside of the EU.

The users whether an individual or a company have the right to request a portable copy of the data collected by a processor in a common format, and the right to have their data erased under certain circumstances. Public authorities and businesses have to appoint a data protection officer (DPO), who is responsible for managing compliance with the GDPR that is the regular or systematic processing of personal data.

For more information please contact us info@gcrd.co.uk

©2016 GCRD - All right reserved