GDPR – GENERAL DATA PROTECTION REGULATION
FRIDAY, MAY 25, 2018 will witness the advent of a new era in the age of digitization as on the said day, the General Data Protection Regulation will supersede the 1995 Data Protection Directive.
The European Union adopted General Data Protection Regulation (hereinafter to be referred as ‘GDPR’) in April 2016. GDPR will supplant the ‘Data Protection Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data’(hereinafter to be referred as ‘1995 Data Protection Directive’). The 1995 Data Protection Directive was the foremost component of EU’s directive on privacy and human rights laws.
What is GDPR?
GDPR is aimed at addressing the concerns of privacy violations vis-à-vis personal data transgression. GDPR ensures protection of personal data of people by Companies. The juxtaposition of the GDPR and 1995 Data Protection Directive reveals that the perquisites for the conditions of consent are stringent in GDPR. It is mandatory to request consent of the user/subscriber in an intelligible and easily accessible form attaching the purpose for data processing to that consent. It is further compulsory that the Consent must be unequivocal, clear and distinguishable from other matters. GDPR further provides that the user/subscriber must be given an easy option to withdraw his consent ensuring that his personal data is removed thereafter.
What is personal data?
GDPR is a mandate which would protect ‘personal data’ of users from wrongful use. EU has taken a lead and has come up with GDPR to address this concern because while using web, a user leaves his data footprints which makes him prone to data abuse.
Implications & effects of GDPR
This will have direct effect on the Twenty Eight(28) Member States of European Union because GDPR mandates all member states to harmonize data privacy laws across Europe. Furthermore, tremors of this major shift would soon be apparent in other major economies across the globe.
|
EXAMPLES OF PERSONAL DATA UNDER GDPR |
|||||
|
Name |
Address | Email Address | Photo | IP Address |
Location Data |
|
Online Behavior (Cookies) |
Profiling | Analytics Data | Contacts | Race |
Religion |
| Political Opinion | Trade Union Membership | Health Information | Biometric Data |
Genetic Data |
Subscriptions |
GDPR Compliance & Mandates
Compliances under GDPR is the most significant aspect for the Companies. To put it eloquently, if you/your organization is operating with personal data anywhere in Europe then it is imperative for you to align your business in a GDPR compliant manner. In case you are based anywhere other than Europe (for ex. India), and you are operating through your Clients based in Europe or you are a vendor/ third party to a company which works with any European company and stores personal data, the obligation of GDPR compliance still bestows upon your shoulder.
For example let’s consider a company X in India offering cloud storage & data processing services; a company A using its services in India and a European company B. So, if A stores personal data of people of Europe, even company X has to be GDPR compliant because it is storing the data on cloud and offering such services indirectly to EU.
Therefore for offering goods or services in Europe directly or indirectly, the Privacy Policy and Bye Laws are bound to be in compliance of GDPR. Most of the European Companies are interested in doing business with GDPR compliant Companies only.
Violations & penalties
GDPR stipulates a penalty amounting to Two(2) Percent of the yearly worldwide turnover or Ten(10) Million Euro and Four Percent of the worldwide Turnover or Twenty(20) Million Euro, whichever is higher upon the violation of its provisions.
NECESSITY IS THE MOTHER OF INVENTIONS.
IN THE ERA OF DIGITIZATION WITH EVERDAY’S GROWING TECHNOLOGIES, THE DIRECTIVES UNDER GDPR ARE NEED OF THE HOUR. THERE IS A NEED TO PROTECT PERSONAL SPACE & CORNERS OF HUMANS, WHERE THEY KEEP THEIR DELICATE SECRETS SAFE. THERE IS A NEED TO PROTECT THOSE CORNERS FROM SHRINKING DUE TO DIGITIZATION. COMPANIES ARE ENTRUSTED TO ENSURE & MAINTAIN THIS AS BASIC THRESHOLD IN THE INTEREST OF THEIR CLIENTS. GDPR IS DETERMINED TO ENSURE THIS AS A BARE MINIMUM STANDARD IN THE INTEREST OF CITIZENS OF EUROPEAN UNION.
TO PUT IT CONCISELY, IT WOULD NOT BE OUT OF PLACE TO MENTION THE MIGHTY WORDS OF ALBERT EINSTEIN –
“The measure of intelligence is the ability to change.”
SAME GOES FOR THE BUSINESS…
You may contact us at draftbiz@outlook.com or reach us out through Call or WhatsApp at +91 – 9821979101 for any queries. We would be glad to help.