GDPR Compliance

General Data Protection Regulation

Regulation (EU) 2016/6791, the European Union’s ('EU') new General Data Protection Regulation (‘GDPR’), regulates the processing by an individual, a company or an organisation of personal data relating to individuals in the EU.

It doesn’t apply to the processing of personal data of deceased persons or of legal entities.

The rules don’t apply to data processed by an individual for purely personal reasons or for activities carried out in one's home, provided there is no connection to a professional or commercial activity. When an individual uses personal data outside the personal sphere, for socio-cultural or financial activities, for example, then the data protection law has to be respected.

Examples

When the regulation applies

A company with an establishment in the EU provides travel services to customers based in the Baltic countries and in that context processes personal data of natural persons.

When the regulation doesn’t apply

An individual uses their own private address book to invite friends via email to a party that they are organising (household exception).

 

GDPR Data Security Compliance Checklist

  1. Know Your Data
  2. Have Good Risk Management
  3. Implement Comprehensive Policies and Procedures
  4. Implement Appropriate and Effective Controls
  5. Have Effective Incident Response Procedures 

 

Please check our product range that complies with the regulation HERE.