On 25th May 2018, the new EU data protection regulation will enter into force. It is a European Union regulation which aims to regulate the processing of personal data by companies in a uniform manner throughout the EU.
This means new rights for consumers and new obligations for companies.
Not only large corporations are affected here, but also small companies and shop operators. The GDPR applies to all companies based in the EU. In contrast to the previous data protection law, fines of up to 20 million euros - in the case of large corporations even up to 4% of the worldwide turnover of the previous financial year - are threatened from May onwards. You should therefore check to what extent the regulation applies to you and act accordingly.
Some important points that are being redefined are, for example:
- Data protection declaration
- Right to be forgotten
- Right to data transferability
- Data integrity
In addition, many already known principles continue to apply, such as:
- Prohibition with reservation of permission
- Data economy
- Data correctness
A clear preparation of the official regulation including suitable recitals can be found here: www.gdpr-info.eu
This article serves solely as a reference to the GDPR. It does not constitute legal advice and cannot replace legal advice.