Do you that what is GDPR? Why is it necessary to know about this subject? If your answer is no then you must read this post. From few years, internet has somewhat changed our communication methods.
It has changed our daily task to a great extent as well. We send emails to communicate in today’s time, share documents, pay our bills and necessary products from online stores without thinking twice. We have to share our personal details to the companies to do this.
Have you ever thought that of how much quantity of data you share on online? Or what does happen of that shared data or information? Yes friends, I am talking about your address, banking information, social media posts, contacts, even your IP address. Which sites you visit is stored digitally even if you want or not.
Companies are telling about this point that they are collecting these all information just because they can serve you more nicely after understanding more about you. They get targeted and relevant information from this with which they can provide you better customer service experience.
But really these all data are used for enhancing customer experience? You may have listened about the scandal that was happened between Facebook and Cambridge Analytica scandal, where information was leaked of millions of people and some also believe that these all personal information were used in us election.
Therefore many countries have expressed their worry in data protection. Because for any country its their first responsibility to protect data of their country. That countries future depends on it. Sometime even billions of rupees have to be lost. Therefore GDPR (General Data Protection Regulation) has been updated to protect data and its terms and conditions, policy is made better than before.
There are many people from us who do not have any knowledge about this therefore I decided to share an article about what is GDPR
What is GDPR?
GDPR is a set of rules that have been designed in some way so that no only EU citizens but all the people who use internet . they have more capacity to control their person data.
The main purpose of it is to simplify regulatory environment of business so that both citizens and business will get benefit in this digital economy.
These reforms are designed in such a way that they can show us our real world and implement our laws and obligations properly which includes many things like personal data, privacy and consent etc.
If we think fundamentally then almost all aspect of these data is resolved around us. Whether it is from social media companies, banks , retailers, and governments – the data is first collected and analyzed in these all services.
Your name, address, credit card number, and many more are collected, analyzed, and stored by organizations.
In 25 may 2018, the general data protection regulation was brought into effect under the new European privacy regulation.
This regulation has been implemented in all local privacy laws throughout the EU and EEA region. This is applicable to all those companies that deal with people and store their personal information, it is not only limited to European companies but it also applies to the rest of the continents. It gives more control over their personal data to the common people.
What is the full form of GDPR?
The full form of GDPR is general data protection regulation.
What are the rights of individuals under GDPR?
1. The right to access:-
Here, the individuals have been given the right to access their personal data with the help of it and also can ask how company used the data provided by them. On being asked, company has to provide the copy of their data in free of charge in electronic format.
2. The right to be forgotten:-
If the consumer is no more customer of the company, then he can request not to use his personal information with which the company has to delete that data.
3. The right to data portability:-
Individual has the right with which he can transfer his data from one service provider to another. And this should be in a commonly used and machine-readable format.
4. The right to be informed:-
If any company is gathering data of any individual, then the company must convey this information to that individual, and only after taking his consent company can use this data.
5. The right to have information corrected:-
According to this right, an individual can get the company to update their data, if it is out of data or incorrect or incomplete.
6. The right to restrict processing:-
Individuals can stop their data to be processed. Their record will be at the same place and not be used.
7. The right to object:-
An individual can stop his data from being processed in direct marketing according to this right. They have to take action, even if the process is going on after getting stop request.
8. The right to be notified:-
If data is breached due to any reason, then its company’s duty to notify individual within 72 hours. This s right of knowing of that individual.
How GDPR Was brought?
In January 2012, the European Commission held talks in entire European union for data protection reform so that Europe could be fit for this digital age. Only after almost four years, this agreement could be implemented properly and necessary changes could be brought in it.
The one key component of these reform is having introduction of general data protection regulations. These new frameworks had been imposed to all organizations and outside Europe as well . they believe that Europe and other countries’ digital future can be made only in faith. Due to solid common standards for data protection, people will be awakened that only their control is over their personal information. They will be able to accept digital age very easily without any worries with this.
What is GDPR compliance?
There is possibility of having an accident of data breaches and it cant be stopped. Many times informations being stolen, lost or comes in the hands of someone else whom they should not go to , it happens, they do the things whose intentions are not good.
But according to the terms of GDPR, not only organizations will ensure that the personal data they collect is safe and in strict conditions, but they will also be responsible for who collects and manages the data.
They have to protect data from misusing and exploitations., along with this, they should respect the rights of data owners otherwise they have to bear penalty for not doing this.
What does GDPR apply to ?
GDPR applies to all who operates under the EU, with this all the organizations that offer goods and services outside of the EU to customers and business under the EU. It means GDPR is applied to all corporations of the world.
Types of data handlers:-
In legislation, two type of data-handlers are given more importance “processors” and “controllers”
A controller is such person, public authority, or another body that determines jointly with others that what is the purpose of personal data and how it is processed?
A processor is a person, public authority, or other body that process data from controller.
GDPR ultimately places legal obligations on the processor with which they can maintain personal data records and pay attention that how will it be processed, with this, it provides legal liability of higher level if the organization is breached sometime then.
The controller is also forced to ensure that GDPR is compiled with all contract processors or not.
What are the business implications of GDPR?
This new data protection regulation sits consumer to the seat of the driver, and how this regulation is obeyed their responsibility is on the business and organizations.
GDPR is applied to all businesses and organizations which is established in EU, even if their data processing is in the EU or not.
Thank you for reading my article if you have any question or suggestion comment below, we will get back to you shortly.