To protect the privacy of European Union (EU) citizens, the EU Parliament passed the General Data Protection Regulation in 2016, completely overhauling the ways in which companies must handle personal data. The GDPR presents new data privacy laws that any business handling data of EU citizens must comply with. GDPR compliance is effective 25 May 2018. The GDPR has immediate effects on how EU citizen data is handled and has implications for future data protection around the globe.
The emergence of big data has allowed for groundbreaking innovation and remarkable efficiencies in our day-to-day lives. However, as the use of data grows, so do concerns over personal privacy, including the increasing threat of security breaches and an individual's “right to be forgotten.” Data theft can result in personal data being used for identity theft, illegal purchases, and more. The GDPR serves to protect EU citizen data and how it is used, through increased transparency, user control over data, and permission-based data usage.
Not only do businesses in EU member states need to follow GDPR compliance, but also any business that handles transactions for EU citizens. These include:
Companies must put in place new, compliant systems for managing personal data or face heavy penalties of up to 4 percent of annual turnover or €20 million, whichever is greater. Not following GDPR compliance may result in:
Unless a business is willing or able to completely ban EU citizens from being customers, GDPR must be followed.
Data transparency is the foundation of the GDPR. Some mandates for updating systems and processes involving data for GDPR compliance include:
Other than data collection to execute a sale, data must not be stored or used without clear consent from the customer.
Additional key features of GDPR compliance include:
To meet GDPR compliance for contracts, businesses must:
Not doing so by 25 May 2018 means your business can face fines.
Contract data may be a source of barriers for GDPR compliance. Fortunately, Exari's contract management platform enables affected firms to assess and address their most pressing contractual issues that may affect GDPR compliance. Features include: