The GDPR came into effect on May 25, 2018.
This page is for informational purposes only. We strongly encourage you to seek independent legal counsel to understand how your organization needs to comply with the GDPR.
What is the GDPR?
The General Data Protection Regulation (GDPR) is a regulation in European Union (EU) law on data protection and privacy for all individuals within the EU. The GDPR primarily aims to give control to EU citizens and residents over their personal data and how it is processed.
Who does the GDPR apply to?
The GDPR applies to any organization that processes the personal data of EU data subjects, regardless of whether the organization has a presence in the EU or whether the processing is conducted within the EU.
It is likely that the GDPR affects your organization if you: collect, store, manage, or analyze personal data of any type, including email addresses.
What are the key aspects of GDPR?
As disclaimed at the top, we suggest you perform your own research and get legal advice on how the GDPR will affect your business, however below are key points to consider:
1. Fair and transparent processing
2. Restriction to the intended purpose
3. Limits on storage of personal data