The General Data Protection Regulation (GDPR) is a regulation in European Union law on the protection of natural persons concerning the processing of personal data and the free movement of such data. The GDPR builds upon existing EU legislation, including Directive 95/46/EC and Directive 2002/58/EC. It sets out specific requirements for organizations that process personal data relating to people residing in the territory of an EU Member State or those who may be subject to its jurisdiction.
How do the GDPR advisory services work?
-Organizations will be required to appoint a data protection officer (DPO) and maintain records of processing activities.
-The GDPR contains several new provisions on the conditions for consent, information requirements before personal data can be collected from individuals, rights concerning automated decision making, and profiling.
-It also gives individuals an array of enforcement tools such as subject access requests, compensation claims in some instances where there has been damage caused by non-compliance with these rules.
-“All companies that process personal data about people who reside within the EU Member States must comply.”
We hope this information has been helpful to you.