Comply with EU General Data Protection Regulation (EU GDPR)

The General Data Protection Regulation aims to offer EU citizens a uniform and harmonised approach towards privacy in the European Union, and seeks to strengthen people’s rights to data protection as set out in Article 8 of the EU Charter of Fundamental Rights.

The enforcement date for the EU GDPR has been set as May 25, 2018.

The extraterritorial reach of the GDPR is one of the new features that contribute significantly to the increased level of protection of personal data. The EU GDPR will apply to the processing of personal data of EU data subjects, regardless of whether the processing activities take place in the EU or not. The EU GDPR is also applicable to entities established outside the EU if they offer goods or services to individuals in the Union, or if they monitor the behavior of individuals in the Union (i.e., profiling activities, tracking individuals’ activities on the internet, etc.).

When transferring data, the GDPR imposes strict restrictions on transfers to locations outside of the European Union. This is done in order to ensure the protection of personal data to an adequate level. Data transfers to outside of the EU specifically require that appropriate safeguards exist.

The EU GDPR requires companies to keep personal data secure by employing measures such as:

encryption and pseudonymization

ensuring and maintaining confidentiality, integrity, availability, and resilience of its IT systems

capability to restore availability and access to personal data in a timely manner

regularly assisting and testing the effectiveness of security measures deployed to protect the data

Drop us a mail to explore how we can help in getting your organisation compliant with EU GDPR