FixNix Blog

General Data Protection Regulation (GDPR) Explained

Feb 20, 2018 1:44:38 PM / by Shanmugavel Sankaran


The General Data Protection Regulation (GDPR) is new EU legislation that comes into force on 25th May 2018 and will apply to businesses of all sizes operating in EU.

GDPR Financial penalties - Increased fines

Penalties for not conforming to the legislation will increase under GDPR, creating a bigger risk for businesses. Under the existing Data Protection Act, security breaches could be met with a maximum fine of £500,000. With the introduction of GDPR, this increases to €20,000,000, or 4% of annual global turnover, whichever is greater

The right of access

New rules around personal information mean that customers have the right to access any information held about them by a business or organisation. Businesses are also obligated to securely delete data if a customer decides to stop using their services and asks to be ‘forgotten’.

GDPR Breach Notifications and faster reporting

Under GDPR, companies will be held to stricter regulations on reporting major data breaches to the authorities and customers. A breach must be reported within three days if it’s likely to pose ‘a risk for the rights and freedoms of individuals’, and data processors will need to inform their clients immediately.

Personally Identifiable Information (PII data)

GDPR expands the definition of personally identifiable, or PII, data to include things like genetic information, photos, social media posts, and IP addresses.

Opt in, not out - explicit consent required

To gain data consent from customers, companies will have to use clear opt-in tick boxes, rather than a potentially misleading opt-out box that’s commonly used now.

Loved the way VirtualCollege has depicted GDPR explanation in GIF files

Try world's 1st #SaaS #regTech platform to automate the GDPR compliance on the go with a straight forward 30$/user/month/module approach. write to if you want to go through GDPR Compliance suite

Topics: fixnix, GDPR, GDPR Breach Notifications, GDPR compliance, GDPR Financial penalties, General Data Protection Regulation, Increased fines, The right of access, 000, 4% of annual global turnover, compliance, compliance management system, data privacy, €20, explicit consent required, faster reporting, not out, Opt in, Personally Identifiable Information, PII, privacy

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

see all

Recent Posts