What do we need to know about GDPR?

[bitheerani319]

GDPR or General Data Protection Regulation is a general data protection regulation that has been in the works for a long time. Drafted by the EU, it aims to strengthen the rights of individuals living in EU member states and to harmonise data protection laws across all countries, making them the same. It increases the potential fines that organisations face for data misuse and makes it easier for people to find out what information organisations have about them. Essentially, it aims to provide greater transparency to people about the data organisations collect about them and what they use it for, as well as to give people the ability to prevent unnecessary data collection.

Why was it prepared?
Although many of the GDPR’s rules are similar to those set out in the EU’s 1995 Data Protection Directive (which is enshrined in UK law as the Data Protection Act 1998), the previous directive was created before social media rcs data usa before the internet transformed the way we work and live. Almost all of us enjoy using “free” services like Google, Facebook and Twitter in exchange for a wide range of personal information – from names and email addresses, to political affiliations and sexual orientation. Misleading terms and passive opt-out boxes have made it harder for people to understand exactly what they have agreed to give these giants. The potential consequences of this broadly defined mission affecting personal data were demonstrated by Facebook’s Cambridge Analytica scandal, where a third party saw the data of millions of user profiles scraped, allegedly to influence the outcome of the 2016 US election. A separate aim of the GDPR is to make it easier and less costly for companies to comply with data protection rules. The 1995 EU directive allowed member states to interpret the rules as they saw fit when they transposed it into domestic law. The GDPR’s nature as a regulation, rather than a directive, means it is directly applicable without having to be transposed into law, creating fewer differences in interpretation between member states. The EU believes this will collectively save companies €2.3 billion a year.

When will GDPR apply?
GDPR applies to organizations worldwide from May 25, 2018. Since GDPR is a regulation, not a directive, Bulgaria does not need to draft new legislation – instead, it will apply automatically.

Who does GDPR apply to?
In short, the GDPR applies to almost every organization. If you control or process personal data relating to EU residents – whether they are customers or your own staff – you will need to do so in a way that complies with the GDPR. Organizations do not have to be based in the EU to be bound by the GDPR. They only need to process or store data about EU residents. Depending on your role in collecting or processing that data, the regulation will treat you as a data controller or a data processor.