10 thing about GDPR you may not have known
1) GDPR will cover two types of data
The personal data and Sensitive personal data.
Personal data includes the Name, ip address, location identifier, email address, photographs and bank details.
The sensitive data includes Race/Ethnic origin, health biometric data, sexual orientation.
2) ‘Right to be forgotten’ will be law.
Individuals have the right to delete all the information that a company or a third-party has on him.
3) You cannot keep data forever.
GDPR does state that personal data should not be retained longer than necessary.
4) You may need a DPO (Data Protection Officer).
You may need a person who is in charge to protect personal data and to ensure that the company is compliant with the GDPR requirements. Not all companies must have a DPO, only the one that are storing or processing large amounts of personal data and information
5) Even though it’s driven out of Europe, the GDPR impacts the whole world.
Thanks to something called “territorial scope,” any organization that deals with data of EU residents must comply with the GDPR for those individuals, which impacts global organizations
6) Violations have a cost
Organizations in breach of the GDPR can be fined up to 4% of annual global turnover or €20 Million
7) What’s good for users is also good for business.
Storing personal data isn’t without risk. Stronger data and security practices decrease the risks associated with personal data collection and processing for both users and organizations.
8) What is the GDPR?
At its core, GDPR is a new set of rules designed to give EU citizens more control over their personal data. It aims to simplify the regulatory environment for business so both citizens and businesses in the European Union can fully benefit from the digital economy.
9) Policies and Terms of Service should be easier to understand.
The GDPR requires data policies to be written in plain language so you can better understand what you’re consenting to.
10) Less data, more trust.
It’s sad but true that some organizations don’t even know what data they have or where it’s being stored, and the GDPR encourages organizations to think twice about the amount of data they collect. Plus, they need to justify their purposes for collecting it.
At @JustMe, we put these principles into action helping companies and users to easily manage their personal data.
