General Data Protection Regulation (GDPR) - REQUIREMENTS AND FACTS

  • General Data Protection Regulation (GDPR) - REQUIREMENTS AND FACTS

    Date : 20-07-2018 13:28

    General Data Protection Regulation (GDPR) - REQUIREMENTS AND FACTS

    HISTORY:  GDPR stands for general data protection regulation. Back in 2012, the European Commission decided to plan for data protection reforms across the EU nations in order to be fit for the digital era.

    It took almost 4 years of struggle and discussion to finally reach an agreement on how it will come into force. This initiative framework of EU commission will be applicable to organizations of all member states of EU.

    GDPR is the successor of the outdated data protection directive of 1995. This regime consists of regulations that necessitate businesses to protect the secrecy and personal data of the citizens for transactions between EU member states.

    DESCRIPTION: We live in a digital world today, where everything from paying the bills, booking tickets to shopping something is all done digitally. Even the marketing of products, services, and business is done digitally which has a great impact on how a business would perform.

    We can say it to be a great revolution of all the times which have considerably reduced the use of paper, cheating, and frauds in the market. Online data of the clients, purchaser’s etc. help the businesses grow and be differentiating in this competitive age.

    But there were no proper regulations as to how the data provided by the user/customer is used by the enterprises/businesses for marketing and other things. Thus GDPR was introduced with stricter provisions to ensure compliance by company’s backed by penalties in cases of default.

    Company’s vast networks handling a number of clients and its growling business has rendered them careless towards proper management of consumer’s data resulting in data breaches which causes loss of information, stealing of information or misuse of information.

    This will be prevented under the GDPR regime as those who are in charge of collecting and managing data will not only see that its gathered legally but also be responsible to keep it safe from misuse or getting exploited in any manner.


    • Fair processing of data by the companies managing it.
    • Also, the subjects of the data will be given more authority over their personal data as they can demand it to be erased under special circumstances
    • Companies to use the collected data only for the legitimate purpose and not to store personal data beyond its usage, if and when the company wants to use personal data beyond the legitimate purpose with which it was collected it needs to take consent from the subject and only then it can proceed.
    • Companies to take proper measures to prevent data loss and its exposure
    • Rights are given to the consumers to inquire from the company about the information it stores about them and ways it uses such data and according to asks for deletion, processing, correction or transfer
    • It has appointed under it data protection officers whose responsibility is to see proper compliance of GDPR provisions.
    • Companies to create awareness with regard to GDPR compliance should conduct training programs in order to alert employees regarding data breach and processing.
    • Its states stringent penalties for non-compliance with GDPR regulations depending upon the nature of the violation.

Get Free Response