It was adopted on 14 April 2016; because the GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable. On 25th May 2018 GDPR comes into effect by EU parliament.
General Data Protection Regulation(GDPR) is a rule in European Union(EU) on data protection and privacy for all individuals within the European Union(EU) . This GDPR aims to give control to the users on their personal data. It strengthen data protection for EU citizens.
It specifies how customer data should be used and protected.It addresses the export of personal data outside the EU and it changes how businesses approach information security, data privacy and governance.
It applies to everyone involved in processing data about individuals in the context of selling goods and services to citizens in the EU, regardless of whether the organisation located within the EU.
It was adopted on 14 April 2016; because the GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable.
In obtaining consent for data use, companies cannot use terms which are unable to be read or understood. It must be easy for customer.
In the event of data breach,data processors have to notify their controllers and customers of any risk within 72 hrs.
Data subjects have the right to obtain confirmation from data controller of whether their personal data are being processed. Data controller should provide an electronic copy of personal data for free to data subjects.
When data is no longer relevant to its original purpose, data subjects can have the data controller to erase their personal data.
Allow individuals to obtain and reuse their personal data for their own purposes by transferring it across different IT environments.
No comments:
Post a Comment