Confused about GDPR? Dive into our Resource Hub
The EU's General Data Protection Regulation applies to any business that collects, records, and stores personal data and undertakes processing activities with this data, and can apply to businesses outside the EU.
Keeping you up to date on the latest GDPR developments
Revisit our GDPR Resource Hub on a regular basis to access information on why you need to take note of changing data protection laws, and specifically, the steps you need to take to get ready for GDPR. Our lawyer and accountant members will provide regular updates on developments in their countries and can provide advice on what your business needs to do, wherever you are located in the world.
The European Union General Data Protection Regulation (referred to as 'GDPR') will be directly applicable in all EU Member States after the transitional implementation period of two years (May 25th 2018). Data protection laws in EU countries are being amended accordingly.
Who does this apply to?
If your organisation or business collects, records, and stores personal data and undertakes processing activities with this data, then you need to be aware of and comply with the new laws.
Does it apply to companies based outside the EU?
The changes also have real implications for companies based outside the EU - Philip McBride, partner at John McKee Solicitors in Belfast, comments:
"Arguably the biggest change to the regulatory landscape of data privacy comes with the extended jurisdiction of the GDPR as it applies to all companies processing the personal data of data subjects residing in the European Union, regardless of the company’s location."
What will happen if we do not comply?
Companies could be hit hard in the pocket, as Juergen Brandstaetter, Partner at BMA in Vienna, confirms: "The potential imposition of fines of up to Euros 20 million or, in the case of a company, up to 4% of worldwide annual turnover, is probably the biggest threat posed to companies by GDPR."
Are the new laws being enforced yet?
GDPR is already in force in jurisdictions including (but not limited to) the UK and Austria, but will not be enforced until after the end of the transitional implementation period of two years (May 25th 2018).
What are the next steps?
Companies need to act now to ensure compliance by reviewing their current policies and procedures. Read the articles below for more information: