Go to the profile of Detracker
Detracker
The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu
90% of CIOs unaware of GDPR and how it affects companies

90% of C level Decision Makers are Unaware of What’s Coming Towards Them From Data Protection

New data protection rules already came into force in may 2016 — and a few companies were fined as a result — yet 90% of CIO don’t know that this is the case.

The General Data Protection Regulation entered into force on may 24th 2016. It is the new data protection regime replacing the online privacy laws adopted by and applied differently in every European country. 
 
It stands out in 3 ways. 1- The GDPR harmonises all the online privacy laws in different European countries into one. In other words, it will be applied equally in Germany as in France…etc. (whereas it was different before). It will be much easier for smaller companies to get ahead on it as the procedures got cut down by a factor of 28. This is a unique feature of a “Regulation” which in EU legal language is much stronger and equally applicable in every country than a “Directive” (what was there before).

2- The GDPR applies to all companies globally that have European users — regardless of size. Whether based in Asia and Pacific region, MENA or the Americas — the GDPR applies to all companies that have European users. If a company is headquartered outside of the EU — it must establish local European presence and register with one of the data protection authorities in a European state. The GDPR also applies to startups. We love helping them and read here why. Bottom line whether idea stage or on a brink of an IPO — the GDPR deserves attending to in order to attract investors, win over users and avoid getting fined.

3- In addition to the above, the GDPR enforces a host of restrictions on companies handling personal data. Don’t let that word “handling” misguide you. A company doesn’t have to have thousands of servers to be classified as such. Collecting data for newsletters/sign ups, analysing user behaviour, making sure they are still online (through cookies), using social network APIs to sign in, handling users information on behalf of another company and much more are all different types of handling data. Companies that do that need to ensure that information is not abused internally — that is among staff and externally — that is in regards to international transfers

Another thing companies have to do is to vet their 3rd parties. Who 3rd parties are and how they affect you can be found here. Joint liability clauses state that companies will be penalised for making the wrong choice. Indeed some cloud providers, email marketing solutions and other data processors have taken steps to address this. Nevertheless, over 75% of data processors are still non compliant. Being in that position, can cost companies 4% of their annual turnover.

If you want to find out more about the new rules email us on solutions@detracker.eu

StartupMobileAnalyticsRecruitingPrivacy
  • Go to the profile of Detracker

    Detracker

    The first online privacy and data protection advisory firm in Europe working only with startups to save compliance costs and win more users. www.detracker.eu

  • Detracker

    Detracker

    The first online privacy advisory firm in Europe working only with startups. Here we outline tips on how to stay away from data protection bankruptcy and gain your users trust. Email us on solutions@detracker.eu to find out how we can help you with these and more.