What is GDPR ?
What is GDPR ? The acronym stands for General Data Protection Regulation. It is a new data protection law, which came in to effect on May 25th, 2018. Let us explain what the law is and why it is important in layman’s terms.
The EC (European Commission) proposed a new set of rules in the European Union to protect the privacy of users, in 2012. That is just about when the smartphone boom began, and everyone went digital thanks to the portable devices.
Think about it, how much time do you spend online phone everyday? More importantly, what do you use the internet for? Everything from calls, text messaging, instant messaging, music, video streaming, gaming is done online nowadays. This includes financial transactions like banking, online shopping, etc which involves not just your credit card or debit card number, it also uses your real name, physical address and more. Is all this information needed by organizations, what security do they use to protect your data?
Personal data is any information which identifies you as an individual, including your IP address, email ID, race, gender, religion, are all protected by the new data protection law.
Basically GDPR is a way of saying “Your data is yours, and yours alone.” It is a way to prevent third-parties including websites, applications, and other online services from collecting your data without your consent. You should start reading privacy policies, to check what kind of data they collect, if you don’t already.
So, now you know what is GDPR ? But what does it mean to you, as an individual?
Thanks to GDPR, you have the right to know why a company needs your data, what it is used for, and who processes the data. Let’s say you don’t want an organization to store your data, you can legally ask them to delete your personal data, or correct any misinformation.
GDPR also increases the responsibility of the company which has your data, they have to store user information securely, and ensure that the data cannot be breached. In the event that the data has been breached, the company will be held liable under the law.
Just because GDPR is an EU Law, it does not mean that it is restricted to companies operating in Europe. Any company which by means of services or goods, offers its product to people in Europe, should comply with GDPR. So, say if your company is in the US, but your customers are based in for e.g. Germany, you will have to comply with GDPR.
The next time someone asks what is GDPR ? You can confidently answer the question, by explaining about the biggest data protection law in history.