What is GDPR and how it will make impact on you?
Do you that what is GDPR? Why is it necessary to know about this subject? If your answer is no then you must read this post. In a few years, the internet has somewhat changed our communication methods.
It has changed our daily tasks to a great extent as well. We send emails to communicate in today’s time, share documents, and pay our bills and necessary products from online stores without thinking twice. We have to share our personal details with the companies to do this.
Have you ever thought of how much quantity of data you share online? Or what does happen to that shared data or information? Yes, friends, I am talking about your address, banking information, social media posts, contacts, and even your IP address. Which sites you visit are stored digitally even if you want them or not.
Companies are telling this point that they are collecting all information just because they can serve you more nicely after understanding more about you. They get targeted and relevant information from this with which they can provide you better customer service experience.
But really these all data are used for enhancing customer experience? You may have listened about the scandal that happened between Facebook and the Cambridge Analytica scandal, where information was leaked from millions of people and some also believe that all personal information was used in our election.
Therefore many countries have expressed their worry about data protection. Because for any country it’s their first responsibility to protect the data of their country. That country’s future depends on it. Sometimes even billions of rupees have to be lost. Therefore GDPR (General Data Protection Regulation) has been updated to protect data and its terms and conditions, policy is made better than before.
There are many people from us who do not have any knowledge about this therefore I decided to share an article about what is GDPR.
What is GDPR?
GDPR is a set of rules that have been designed in some way so that not only EU citizens but all the people who use the internet are. they have more capacity to control their personal data.
The main purpose of it is to simplify the regulatory environment of business so that both citizens and businesses will get benefit in this digital economy.
These reforms are designed in such a way that they can show us our real world and implement our laws and obligations properly which includes many things like personal data, privacy, consent, etc.
If we think fundamentally then almost all aspect of these data is resolved around us. Whether it is from social media companies, banks, retailers, and governments – the data is first collected and analyzed in these all services.
Your name, address, credit card number, and many more are collected, analyzed, and stored by organizations.
On 25 May 2018, the general data protection regulation was brought into effect under the new European privacy regulation.
This regulation has been implemented in all local privacy laws throughout the EU and EEA region. This is applicable to all those companies that deal with people and store their personal information, it is not only limited to European companies but it also applies to the rest of the continents. It gives more control over their personal data to the common people.
What is the full form of GDPR?
The full form of GDPR is general data protection regulation.
What are the rights of individuals under GDPR?
1. The right to access
Here, the individuals have been given the right to access their personal data with the help of it and also can ask how the company used the data provided by them. On being asked, the company has to provide a copy of their data free of charge in electronic format.
2. The right to be forgotten
If the consumer is no more customer of the company, then he can request not to use his personal information and the company has to delete that data.
3. The right to data portability
An individual has the right to which he can transfer his data from one service provider to another. And this should be in a commonly used and machine-readable format.
4. The right to be informed
If any company is gathering data of any individual, then the company must convey this information to that individual, and only after taking his consent company can use this data.
5. The right to have the information corrected
According to this right, an individual can get the company to update their data, if it is out of date or incorrect, or incomplete.
6. The right to restrict processing
Individuals can stop their data to be processed. Their record will be in the same place and not be used.
7. The right to object
An individual can stop his data from being processed in direct marketing according to this right. They have to take action, even if the process is going on after getting a stop request.
8. The right to be notified
If data is breached due to any reason, then it’s the company’s duty to notify individuals within 72 hours. This s the right of knowing of that individual.
How GDPR Was brought about?
In January 2012, the European Commission held talks in the entire European Union for data protection reform so that Europe could be fit for this digital age. Only after almost four years, this agreement could be implemented properly and necessary changes could be brought into it.
The one key component of this reform is the introduction of general data protection regulations. These new frameworks had been imposed on all organizations and outside Europe as well. they believe that Europe and other countries’ digital future can be made only in faith.
Due to solid common standards for data protection, people will be awakened that only their control is over their personal information. They will be able to accept the digital age very easily without any worries with this.
What is GDPR compliance?
There is the possibility of having an accident or data breach and it can’t be stopped. Many times information is stolen, lost, or comes into the hands of someone else whom they should not go to, it happens, and they do things whose intentions are not good.
But according to the terms of GDPR, not only organizations will ensure that the personal data they collect is safe and in strict conditions, but they will also be responsible for who collects and manages the data.
They have to protect data from misusing and exploitation., along with this, they should respect the rights of data owners otherwise they have to bear penalties for not doing this.
What does GDPR apply to?
GDPR applies to all who operates under the EU, with this all the organizations that offer goods and services outside of the EU to customers and business under the EU. It means GDPR is applied to all corporations of the world.
Types of data handlers
In legislation, two types of data handlers are given more importance “processors” and “controllers”
A controller is a person, public authority, or another body that determines jointly with others what is the purpose of personal data and how it is processed.
A processor is a person, public authority, or other body that processes data from the controller.
GDPR ultimately places legal obligations on the processor with which they can maintain personal data records and pay attention that how will it be processed, with this, it provides legal liability of a higher level if the organization is breached sometime then.
The controller is also forced to ensure that GDPR is compiled with all contract processors or not.
What are the business implications of GDPR?
This new data protection regulation sits consumers in the seat of the driver, and how this regulation is obeyed their responsibility is on the business and organizations.
GDPR is applied to all businesses and organizations which is established in the EU, even if their data processing is in the EU or not.
Thank you for reading my article if you have any questions or suggestions comment below, and we will get back to you shortly.