18.05.2017 08:05

GDPR changes the rules for personal data

The effects of the new European General Data Protection Regulation will come into force on May 25th 2018, after which the management of personal data will have to be in compliance with the regulation.

The regulation applies to all companies and organizations that gather or manage private data. Personal data includes all data, through which a natural person can directly or indirectly be identified. Examples includes images, names, social security numbers and various connections to social media. The management of private data includes gathering, storing, organizing, processing and transfer of such data.

Practically every company has some sort of filing system, over either employees, customers or for marketing purposes. Companies must now examine how they manage personal data in those filing system. Information on the data that is manages must be made available to government agencies, partners and to the data subjects.

A data controller that does not comply with the regulation can be fined up to 20 million euro or 4 % of the total global turnover of the company or company group, according to whichever is greater!

Therefore, it is of great importance that companies start investigating how such data is currently managed in their systems!