What is GDPR: A Simplified Explanation

What is GDPR?

The Full form of GDPR is General Data Protection regulation. GDPR is a data protection law, to protect the data of citizens within the European Union. GDPR will be effective from 25th May 2018. GDPR empowers the citizens and the consumers through this law. The Businesses will be levied heavy fines if they don’t comply with the guidelines set by GDPR. If the Companies don’t comply then the fines will be as up to 4% of global turnover or 20 Million Euros whichever is greater.

What Does it mean for the consumers?

It actually empowers the consumers because from now on the companies need to take a clear consent from users before taking and processing their data. There would be greater transparency on how and where your data is going to be used by the companies. The companies also have to make their privacy policy transparent according to GDPR, that’s why you might be getting so many emails regarding the revision of Privacy policies from the companies.

Why is everyone considering GDPR so seriously?

It is because of the fines involved in the Non-Compliance of GDPR guidelines is gigantic. As I mentioned earlier the companies have to pay up to 4% of their total Global Turnover or 20 Million Euros whichever is greater. This fine is applicable to very serious breaches of GDPR guidelines. For less serious breaches the fine may be levied up to 2% of global turnover or 10 Million Euros.

Will GDPR make any difference?

Of course, it will and it is. Many Technology and Digital Marketing firms have already started to follow the GDPR guidelines and sending emails of the revised privacy policy by making the data practices more transparent. The Big giants like Facebook and Twitter are rolling their updates on privacy policies and also making various changes for users to add or remove their personal data.

What powers is GDPR giving to the users?

  1. The Right to Access – The individuals have the right to ask the companies How their data is being used after they have gathered it? The Companies must provide the report on this request.
  2. The Right to ask to delete the data -If the individuals are no longer the customers of that company or they want to withdraw their personal data from the company then they can do it. They have the right to ask the company to delete all of their personal data provided to them.
  3. Data Portability– The consumers have the right to data portability from one service provider to the other.
  4. The Right to be informed – The users have to be informed and consent has to be taken before gathering their personal data rather than implying on them.
  5. Data shouldn’t be used for processing– The users have the right to request the companies not to use their data for processing but it can be stored in their database.


What is the impact of GDPR on other countries?

Are GDPR guidelines applicable to countries outside Europe?

The answer is yes. GDPR covers all the firms and countries which are dealing with EU Business, Residents/Citizens data, must have to comply with GDPR guidelines.

“Even if a company does not have a European presence, it will still have to understand the impact of GDPR if it processes an EU resident’s personal data in connection with goods and services offered to that person”, says Saurabh Ghelani, data protection and GDPR expert at PA Consulting Group.

“Another factor that could influence whether a company must be compliant with GDPR is if it ‘monitors the behavior’ of individuals within the EU”, says Ghelani.

So the companies should start updating the data practices as soon as possible who are dealing with EU Business and citizens to have a smooth functioning of the business.

Leave a Reply

Your email address will not be published. Required fields are marked *