One of the GDPR fundamentals is to put a person in control of their own personal information, and also also set rules on how organizations will manage personal data. This is becoming increasingly important as we share more and more about ourselves online.
Have you ever read all those terms and conditions notices and privacy agreements that pop up on websites? If you do, thumbs up to you! But you’re probably in the minority. We all know that people rarely read these privacy notices and just click ‘I Agree’ without knowing exactly what they are agreeing to.
Under GDPR, these notices must be clear and concise, to help people gain awareness and control of their data. The focus of the new law is to look after the privacy and rights of the individual based on that person’s knowledge of why and how their data will be used.
Here are the major changes that GDPR has brought:
◊ The new regulation will cover more means of identifying a person, such as online identification markers, location data, genetic information and more.
◊ Concise and clear privacy notices must be provided to consumers, allowing them to make an informed decision on whether they consent to allow their data to be stored and used. This consent can also be withdrawn at any time by the data subject.
◊ Data breaches must be reported to the relevant authorities within 72 hours of the incident occurring.
◊ Direct responsibility and accountability are placed on companies to prove they complied with the principles of GDPR when processing and storing personal data.
◊ Any company employing more than 250 people must appoint a dedicated Data Protection Officer.
◊ Breach of GDPR could see companies fined up €20 million, or 4% of annual global turnover, whichever is greater.
One way to protect your business from costly breaches is to take our course on the fundamentals of GDPR. This simple-to-use interactive course introduces the General Data Protection Regulation (GDPR) and the key compliance obligations for organisations.
To learn more about GDPR and how to protect the rights of people giving you their data just click here.
Disclaimer: We take no responsibility for the advice provided. It is entirely your responsibility to be aware and fully compliant with regulations.