The General Data Protection Regulation will be enforced in May. According to the EU, it is the biggest development in regulation for the protection of personal data online. You’re probably wondering, ‘What is GDPR?’ Read on to find out!
What is GDPR?
The General Data Protection Regulation (GDPR) is part of an EU legislation that the European Parliament passed in 2016. From 25th May 2018, the legislation will be enforced in all EU countries.
In this article about GDPR you’ll learn:
- What is GDPR
- What the GDPR aims to achieve
- How Brexit will affect the GDPR
- How the GDPR will affect businesses
The purpose of the GDPR is to make it possible for consumers to control how companies use their personal details. This means that a company does not have the right to gather or make use of personal data without consent from the individual. Name, email address and phone number are all considered personal data, as well as online browsing behaviour which a website collects using cookies.
The GDPR aims to affect big tech guys such as Facebook, but companies of all sectors will see its effects. Before the enforcement of the legislation in May, Payday Loans Net, a lender for short term loans is going to make the necessary adjustments to ensure that we comply with GDPR. This is a big move for our company and requires a lot of funds and resources.
After 25th May 2018, companies who misuse personal data can receive a fine of up to £17 million from the ICO, or 4% of that company’s global annual turnover, whichever amount is higher.
How to react to a data breach
In the event that a firm experiences data breaches, such as cyber attacks and accidental leaks, they are obliged to report it to the authorities within 72 hours.
The GDPR requires that people can obtain a copy of all data that the company holds about them. They must provide this information within 30 days of the request. In some cases, users can demand that they delete all personal data “with undue delay”, in line with the “right to be forgotten” law. If you’ve applied for payday loans before, only to have your information unlawfully circulated, the GDPR is good news for you!
The GDPR is a massive step for companies and internet users, but it will incur large costs and be a burden to implement for smaller firms.
Will the GDPR apply after Brexit?
The GDPR applies to all companies that offer a service within the EU, even if it has headquarters elsewhere. According to the government, the General Data Protection Regulation will still apply once the UK leaves the EU.
The UK Data Protection Bill is soon going to include GDPR standards and is currently being processed in parliament. Ministers expect the GDPR enforcement to help companies to prepare for Brexit, as the law in Britain will be in line with the rest of the EU. If the rules were different, it would make trading between European countries harder.
How the GGDPR will affect online users
The GDPR gives EU citizens the rights to take control of their personal data. However, various conditions must be met, and not all information that has been previously shared has to be removed. Some cases where the “right to be forgotten” applies, are;
- Information that isn’t relevant anymore
- If an individual no longer consents to the use of their personal data. (Assuming the company has no legal basis that allows them to collect it)
- An individual who does not allow firms to use their data for marketing
- In a case where a firm processed the data improperly
- If legally the data needs to be removed
- Data of a child that was exchanged for “information society services”
If your claim is legitimate, the firm must remove your data, unless it goes against their legal obligations or other rights that allow them to use this information.
How will the GDPR affect businesses?
Research carried out by the government, showed that not many firms were aware of the General Data Protection Regulation. At the end of 2017, only 38% of businesses and 44% of charities had heard of the GDPR. These figures indicate that enforcement of the law is very much necessary.
Estimates suggest that firms will have to spend over £1million to adapt their data processing standards for the GDPR. Currently, many companies are not up to par with their data processing methods. Even in cases where a company has permission from customers to collect and use their information, it is likely that the consent or the records are not in line with the GDPR requirements.
Powerful companies such as Google and Facebook are likely to bear the brunt of enforcement of these laws. Big firms often use browsing habits to target their customers in the future, by recognising what products or topics interest them, and advertising based on this data. According to the GDPR, this is not permissable without prior consent from the individual.
FCA authorised businesses in the financial sector will also have to make big changes to accommodate the General Data Protection Regulation. 25th May 2018 is soon. If you have a business, it’s important to prepare for the data protection changes now.
What is GDPR and how it will affect you – Conclusion
So, what is GDPR? It’s the regulation of private and personal data online for anyone in the EU. Enforcing the General Data Protection Regulation will have a large impact on EU citizens and businesses. Small businesses are concerned that they will be hit with big fines if they do not meet the necessary criteria. Then again, the cost of implementing the GDPR standards is a huge undertaking.
On the other hand, online users look forward to having more control over their personal data. Tens of thousands have already taken advantage of this opportunity to protect their privacy.