Search
Close this search box.

General Data Protection Regulation (GDPR) impacts all touchpoints and data analytics. It affects the way you should implement cookies and also the way your users will be subscribed to your newsletters.

What is GDPR?

The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The regulation has been in effect since May 25, 2018.

Is GDPR still apply to me given that I’m a US-based company?

Yes, the GDPR is valid for you even if you are an American company. The GDPR applies to any organization that processes the personal data of individuals located in the European Union, regardless of the organization’s location. This means that even if your company is located in the United States, you may still be required to comply with the GDPR if you collect or process the personal data of EU residents.

Is the UK eligible for the same law given BREXIT?

Yes, the UK is eligible given Brexit. The UK GDPR is the UK’s implementation of the GDPR. It came into effect on 1 January 2021, after the UK left the EU. The UK GDPR is largely the same as the GDPR, but there are some differences. For example, the UK GDPR does not include the EU’s “one-stop shop” mechanism, which allows individuals to complain to a data protection authority in any EU member state where their data is processed.
The UK GDPR applies to any organization that processes the personal data of individuals located in the UK, regardless of the organization’s location. This means that even if your company is located outside of the UK, you may still be required to comply with the UK GDPR if you collect or process the personal data of UK residents.

What are the main requirements under this law?

The GDPR sets out a number of requirements for organizations that process personal data, including the following:
(a) Obtaining consent from individuals before collecting or processing their personal data (b) Providing individuals with access to their personal data and the right to have it corrected or deleted
(c) Taking steps to protect personal data from unauthorized access, use, disclosure, or destruction and (d) Reporting data breaches to data protection authorities within 72 hours

Related terms (by category)

CCPA

The CCPA is a California state law that gives consumers more control over their personal data. The CCPA went into effect on January 1, 2020
Read More »

Leads Forensics

Lead forensics is a term that refers to the use of digital forensics techniques to gather and analyze data from leads, or potential sources of information, in a digital auditing or investigation.
Read More »
Related terms (by alphabet)