October 22, 2018
June 21, 2018
The GDPR (General Data Protection Regulation) of the European Union took effect on 25 May. It requires companies and website owners to be transparent about how they collect, use and share their visitors' personal data. The regulation also gives people greater access and choice when it comes to how their personal data are collected, used and shared.
It is important to understand that while GDPR is a European regulation, your requirements apply to all sites and companies that collect, store and process personal data of residents in the European Union, regardless of where the company is located.
In 2003, a specific code for the protection of personal data was legislated. The GDPR proposal comes in early 2012 and was officially approved in 2016, replacing the 2003 code. The text was approved by the Council and European Parliament and is published in the Official Journal of the European Union.
Every company and public administration body involved in the manipulation and processing of data of European citizens shall comply with the requirements of GDPR. By the end of May 2018, companies dealing with personal data of European citizens should be aligned with regulation. This compliance term is based on the period of two years from the date of approval of GDPR.
The General Regulation on Data Protection aims to strengthen the rights of citizens to their data. Among the main requirements and changes brought by GDPR, the following can be mentioned:
Controlling Local Organs: Each member country of the European Union will have a body responsible for investigating and processing complaints.
Deadline for communication to Local Organs: violations regarding personal data will have a maximum deadline of 72 hours to be reported. The holder should also be advised in case of risks to his data.
In addition to these changes, European citizens gain GDPR-guaranteed rights such as:
The definitions and requirements of the GDPR are not limited to websites of European organizations. Any company dealing with European user data must comply with GSPR.
Facebook, for example, has already announced adaptations for its platform. Features such as downloading offline data and forms to facilitate data control by the user are being implemented.
You can learn more about GDPR from the European Commission data protection page.