The General Data Protection Regulation 25 May 2018
GDPR is the General Data Protection Regulation is approved in April 2016 and this regulation comes into force on 25 may 2018 which is enacted by the European authorities.
What is GDPR?
GDPR is the General Data Protection Regulation is the regulation in EU law for the business approaches to data regulations, data protection and privacy for all the individual are applied in every country within the European Union.
The aim of the GDPR is to consumer control over their personal data collected by the organization. The user will let to know about the personal data what, where and how the information is shared. It restricted to handling procedures, transparency, documentation and user consent. Companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for a name, address and Social Security number.
Where is GDPR implemented?
- GDPR law is applied to all the companies who had done transaction within the region or outside the region, also hold a large amount of consumer data: technology firms, marketers and if they offer goods and services to them.
- The company having fewer than 250 employees.
- Any company who stores Information, data of the user within the region or outside the region then GDPR is implemented on that company.
OBLIGATIONS UNDER GDPR
To become GDPR compliant the companies will be required to undertake the following obligations-
An organization should take care of the personal data used for the business or providing services in order to protect data from unauthorized usage, loss, alteration, and damage. Organisations have to make sure that the data they are handling is safeguarded from additional processing.
Organisations should take care of the data accuracy and integrity, the applicability of data security practices and minimize the risk of data theft.
Data Breach & Penalty
If any company has done data breach like inappropriate use of personal data then you should take appropriate measure to minimize the loss and notify the public authority within 72 hours or If companies fail to comply with GDPR by 25th May 2018 then penalty can be imposed upon Euro 20 million (around INR 140 crores) or 4 % of total worldwide annual turnover.