General Data Protection Regulation (GDPR)

What is GDPR?

“The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.

The General Data Protection Regulation GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1] When the GDPR takes effect, it will replace the 1995 Data Protection Directive (Directive 95/46/EC).[2]

It was adopted on 27 April 2016. It becomes enforceable from 25 May 2018, after a two-year transition period.

Unlike a directive, it does not require national governments to pass any enabling legislation and so it is directly binding and applicable.

The proposed new EU data protection regime extends the scope of the EU data protection law to all foreign companies processing data of EU residents. It provides for a harmonisation of the data protection regulations throughout the EU, thereby making it easier for non-European companies to comply with these regulations; however, this comes at the cost of a strict data protection compliance regime with severe penalties of up to 4% of worldwide turnover.”[4]

The GDPR also brings a new set of “digital rights” for EU citizens in an age of an increase of the economic value of personal data in the digital economy.” WIkipedia

Komiko’s stance

For purposes of the new General Data Protection Regulation (GDPR) that went into effect in Europe on May 25th, 2018, we qualify as a processor.  Our clients qualify as the controller.   As a processor, we take our role in compliance very seriously and have a number of measures in place to protect both the security and privacy of the data we process; encryption in flight, encryption at rest, and access control records on every individual message and document, just to name a few.  To be compliant as a controller, you will need to execute a processor bi-lateral addendum to our privacy policy.

For further info please reach out to info@komiko.com

Was this article helpful?

Related Articles

Leave A Comment?