The General Data Protection Regulation, known commonly as GDPR, comes into effect as of 25th May 2018. The aim of this legislation is to protect all EU citizens from privacy and data breaches within an increasingly data-driven world.
The main changes that GDPR brings are:
- Increased scope (it affects all organisations operating within the EU irrespective of where they are based)
- Increased penalties for data breaches and non-compliance
- Strengthening of consent – i.e. providing clear and unambiguous terms & conditions when you are considering allowing access to your personal data and ease of withdrawal of your consent when you no longer want to subscribe
- Easier access to your data that it held by others